The Enhanced Critical Infrastructure Protection (ECIP) visit is a cornerstone of the voluntary outreach effort to critical infrastructure owners and operators. An ECIP visit, conducted by Protective Security Advisors (PSAs) with critical infrastructure facility representatives:
- Establishes and enhances the DHS relationship with critical infrastructure owners and operators.
- Informs them of the importance of their facility.
- Explains how their facility or service fits into its specific critical infrastructure sector.
- Provides an overview of the Office of Infrastructure Protection (IP) resources available to the facility to enhance security and resilience.
- Reinforces the need for continued vigilance.
During an ECIP visit, PSAs focus on coordination, outreach, training, and education. ECIP visits are often followed by security surveys using the Infrastructure Survey Tool (IST) or other IP services.
Infrastructure Survey Tool
The Infrastructure Survey Tool (IST) is a voluntary, Web-based security survey conducted by the PSA in coordination with facility owners and operators after an ECIP visit to identify and document the overall security and resilience of the facility. The security survey is conducted to:
- Identify facilities’ physical security, security forces, security management, information sharing, protective measures, and dependencies related to preparedness, mitigation, response, resilience, and recovery.
- Identify security gaps.
- Create facility protective and resilience measures indices that can be compared to similar facilities.
- Track progress toward improving critical infrastructure security.
The survey data, composed of weighted scores on a variety of factors for the specific facility, are provided to owners and operators through the IST Dashboard that compares the data against similar facilities and informs protective measures, resilience planning, and resource allocation. In addition to providing a security and resilience posture overview, the dashboards also highlight areas of potential concern and give owners and operators the ability to preview how specific enhancements to security and resilience measures will potentially improve the security and resilience of their facility.
Example of the results displayed in the IST Dashboard. Notational Information.
A written report, developed from the IST data, contains a description of the facility and its vulnerabilities as well as recommendations to mitigate identified vulnerabilities. The information is protected under the Protected Critical Infrastructure Information (PCII) Program and is used by DHS for steady-state analysis, special event planning, and incident management. PCII may also be shared with authorized representatives of homeland security stakeholder agencies at all levels of government who have a valid need to know the information.
For more information on ECIP visits, please contact PSCDOperations@hq.dhs.gov.