The
Guide is divided into a ten-step process. VULNERABILITY ASSESSMENT
AND
Volume 23
May 2018 Edition
Guide users simply follow the paragraphs in each
chapter to fill in forms that accompany the narrative.
• The first step identifies assessment team compo-
nents.
• The next step identifies types of assets to be evalu-
ated.
• The third step helps determine asset value (criticali-
ty).
• Step four deals with aggressor likelihood.
• Step five covers modus operandi or likely tools and
tactics.
• Step six combines the first five steps and begins to
formulate an initial DBT.
• Step seven determines the initial level of protection,
while
• Step eight determines planning risk levels.
• Step nine deals with assessing risk level acceptability
and
• Step ten identifies any constraints that may be in-
curred by the user.
RISK ANALYSIS TRAINING
Both the Federal Facilities Risk Management
Process: An Interagency Security Committee
Standard and the Unified Facilities Criteria
(UFC) 4-020-01, The DOD Security Engineer-
ing Facilities Planning Manual are used
in a 3-day course entitled Vulnerability As-
sessment and Risk Analysis Methodologies
(VAR) which is conducted by Haines Security
Solutions throughout the United States or
wherever US troops are stationed overseas.
While, the Guide and Standard form the foun-
dation of the course of instruction, other com-
mon methodologies, such as, the CARVER and
MSHARPP methodologies are also covered.
53