Security risk assessment methodology for communities (RAM-C)

Sandia National Laboratories (SNL) has developed a number of security risk assessment methodologies (RAMs) for various infrastructures including dams, water systems, electrical transmission, chemical facilities and communities. All of these RAMs consider potential malevolent attacks from different threats, possible undesired events and consequences and determine potential adversary success. They focus on the assessment of these infrastructures to help identify security weaknesses and develop measures to help mitigate the consequences from possible adversary attacks. This paper focuses on RAM-C, the security risk assessment methodology for communities. There are many reasons for a community to conduct a security risk assessment. They include: providing a way to identify vulnerabilities, helping a community to be better prepared in the event of an adversary attack, providing justification for resources to address identified vulnerabilities and planning for future projects. The RAM-C process is a systematic, risk-based approach to assess vulnerabilities and make decisions based on risk. It has provided valuable information to community planners in making security risk decisions.