Hazard Vulnerability Assessment (HVA)
A Hazard Vulnerability Assessment (HVA) is a comprehensive process that helps to identify people, property, and resources that are at risk of injury, damage, or loss from hazardous incidents or natural hazards. This information is important to help determine and prioritize the precautionary measures that can make an organization more disaster-resistant. The HVA provides an analysis of the types of natural and man-caused hazards to which the state organization is vulnerable. Additionally, the HVA evaluates the comparative probability and assigns a simple level of risk (low, medium, high) to each.
Hazard Vulnerability Analysis is a way to focus attention on those hazards that are most likely to have an impact on your facility and the surrounding community. It is intended that a HVA be seen as a evolving document and be reviewed at least annually. There are three categories that are used to help place each hazard into perspective. These categories are Probability, Severity and Readiness. The results of the HVA help inform existing and evolving emergency operations and disaster recovery policies, plans and exercises.
The overall goal after identifying risks, and assessing vulnerabilities to natural and man- made hazards, is to begin development of hazard mitigation plans and putting these plans into action.
System Security and Vulnerability Assessments
A system Security and Vulnerability Assessment identifies threats to your systems and Telecommunications infrastructure. It includes an evaluation of the system and telecommunications environment and design, a review of existing security devices and monitors, and penetration and vulnerability tests.
The evaluation considers internal and external threats, existing Firewalls, external access strategies (VPNs), your wireless network, mobile communications infrastructure, network design and the configuration of your firewalls, network and servers. We also review methods of protecting data, password and user IDs and backup and restore strategies for your organization.
The penetration and vulnerability tests scan the network and computers to search for vulnerabilities. It will identify and report on possible threats risks and vulnerabilities to your systems and network infrastructure. The remaining primary elements include: physical security of the facility and threats from social engineering.
The plan’s outcome is a vulnerability analysis, penetration testing results and analysis, an overall security risk profile versus your target/goals and recommendations for remediation and/or mitigation of your exposure.
Our team consists of people with leading information security credentials, including managing HIPPA and banking regulatory compliant environments, certifications in industry leading products and associations. Our team’s first-hand expertise planning, implementing and managing security for customers distinguishes us from other firms.
Human Impact Audit
Human Impact Audits (HIA) are conducted to help management and planners realistically predict and prepare for the likely behavioral reaction to any and all hazards and traumatic events. The HIA is typically the first step in the process of building a behaviorally-accurate disaster and emergency plan.
The purpose of an HIA is to provide planners and decision-makers with a set of evidence-informed recommendations about the emotional and behavioral consequences of different emergencies specific to the organization’s unique risk matrix. The HIA is a practical approach used to judge the potential behavioral health effects of a diverse range of hazards on an organization’s workforce, their families and the surrounding community. The deliverable recommendations are produced for decision-makers and planners, with the aim of maximizing the positive psychological effects and minimizing its negative effects of the organization’s mitigation, response and recovery strategies.
The HIA looks not only for negative impacts (to prevent or reduce them), but also for impacts favorable to psychological health. This provides decision-makers with options to strengthen and extend the positive features of a proposal, with a view to enhance individual and organizational resilience, and reduce potential adverse behavioral responses.
Homeland Security Vulnerability Assessment (HSVA)
A Homeland Security Vulnerability Assessment (HSVA) is a terrorism-specific vulnerability audit that evaluates an organization’s weaknesses that can be exploited by a terrorist. It evaluates the vulnerability of facilities, programs and personnel across a broad range of identified threats/hazards and provides a basis for determining physical and operational mitigation measures for their protection. It applies both to new building programming and design and to existing building management and renovation over the service life of a structure.
The useful product of a vulnerability assessment is the assignment of a vulnerability rating of all appropriate aspects of building operations and systems to the defined threats for the particular facility. As with protection priority and threat ratings, vulnerability can be cast as high, medium or low.
- High Vulnerability: One or more significant weaknesses have been identified that make the facility highly susceptible to a terrorist or hazard.
- Medium Vulnerability: A weakness has been identified that makes the facility somewhat susceptible to a terrorist or hazard.
- Low Vulnerability: A minor weakness has been identified that slightly increases the susceptibility of the facility to a terrorist or hazard.
XBRM utilizes various methods to develop this analytic product. The primary methods are a modified version of the U.S. Department of Homeland Security “Red Cell” analytic approach, the “Terrorism Vulnerability Self-Assessment” tool, and field observation. The final analytic product is most useful for target-hardening and mitigation purposes.
XBRM’s ability to apply our inside-out experience creates the tipping point between plans and effective plans. Contact us for more information about how we can help your organization by clicking here to go to our Contact Page, email us at info@XBRM.com or call us at 212.366.8200
