The Cybersecurity and Infrastructure Security Agency (CISA) on July 17 released a supplementary guide to the agency’s existing Infrastructure Resilience Planning Framework (IRPF) that aims to help state, local, Tribal and regional planners protect their technology infrastructure.
The IRPF, which was first released in 2021, provides planners with five different steps to protect against threats including: organizing a planning group; identifying critical infrastructure; assessing risks; developing mitigatory actions; and implementation and evaluation.
The supplementary IRPF Playbook provides instructions and highlights resources to help implement those five steps.
The 43-page playbook also provides hypothetical scenarios that involve executing concepts found in the guide to “better understand how best to implement the IRPF guidance,” CISA said. Hypotheticals include scenarios such as coordinated planning and capital investment for water system resilience against drought and flooding.
“Reading through the Playbook process, not only are the IRPF steps articulated with clear inputs and outputs but the additional guidance on resilience concepts will help communities increase their readiness and bounce back quickly after a disaster,” said David Mussington, CISA’s executive assistant director for infrastructure security.
“We anticipate that the IRPF Playbook will address a crucial challenge by not only outlining the IRPF steps but also providing guidance on their practical implementation in disaster preparedness planning,” he said.
The guide also features appendices to simplify foundational concepts, explain how to integrate plans and actions in common community plans, and provide links for IRPF resources and templates.
“The nation’s capacity to secure its infrastructure and sustain essential community services also depends on [state, local, tribal and territorial] and private sector partners working together to assess and reduce risk to increasingly complex natural and human threats,” said CISA.