Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Appendix B Briefings to the Committee and Discussions OPEN COMMITTEE MEETINGS January 31-February 2, 2007 Welcome and Opening Comment David Achterberg, P.E.âDirector, Bureau of Reclamation, Security, Safety and Law Enforcement Office (SSLE) SSLE Program Reviews David AchterbergâSSLE Overview ⢠Review of policies, procedures, and budget and program management ⢠Discussion of current issues in SSLE and in regional and area offices Don TaussigâSecurity Program Vincent ParolisiâLaw Enforcement Program Kathy NorrisâEmergency Management Program May 2-4, 2007 Executive Overview-SSLE Larry ParkinsonâDeputy Assistant Secretary, Law Enforcement, Security, and Emergency Management, Department of Interior Risk Assessment Overview David AchterbergâDam Safety Risk Assessment Methodology 114
APPENDIX B 115 David Hinchliff, Kim Duran, and Rusty SchusterâSecurity Risk Assessments Program Don TaussigâOther Security Risk Components September 19-20, 2007 Organizations Addressing Similar Security, Law Enforcement, and Emergency Management Issues Col. James BraxtonâU.S. Army Corps of Engineers Enrique MatheuâDepartment of Homeland Security Doug BellomoâFederal Emergency Management Agency Bureau of Reclamation Headquarters Perspective Larry ToddâDeputy Commissioner, Bureau of Reclamation COMMITTEE DISCUSSIONS AND SITE VISITS AT RECLAMATION REGIONS The committee organized itself into two- or three-member teams, with one team assigned to visit each of the five regions comprising the Bureau of Reclamation. The visits took place between June 3 and August 5, 2007. They included meetings with staff at the regional and area offices to include those with security, law enforcement, and emergency manage- ment functions. Also included was the operations staff at specific dam sites. The meetings addressed questions (listed below) developed by the committee. However, the committee informed each site in advance that formal responses to the questions were not required. The purpose of the questions was to provide each region with a deeper understanding of the overall issues being addressed by the study effort. The committee also encouraged each region to approach its site visit discussions informally, emphasizing that formal PowerPoint presentations were not required. Nonetheless each region was given broad latitude in how it communi- cated information to the team. Meetings were conducted with the following Reclamation offices: Great Plains Area OfficeâCasper, Wyoming Lower Colorado Regional OfficeâBoulder City, Nevada Mid-Pacific Regional Headquarters and Construction OfficesâÂSacramento, California Pacific Northwest Snake River Area OfficeâBoise, Idaho Upper Colorado Regional OfficeâSalt Lake City, Utah
116 ASSESSMENT OF THE BUREAU OF RECLAMATIONâS SECURITY PROGRAM Site visits were conducted at the following locations: Anderson Ranch Dam Arrowrock Dam Davis Dam Deer Creek Dam Flaming Gorge Dam Folsom Dam Fremont Canyon Power Plant Glen Canyon Dam Grand Coulee Dam Hoover Dam Jordanelle Dam Keswick Dam Parker Dam Pathfinder Dam Seminoe Dam and Power Plant Shasta Dam DISCUSSION QUESTIONS Current Picture From your point of view, what are the key security-related issues for BOR now and in the next 5-10 years? What challenges will SSLE, as presently organized and resourced, face in meeting these issues? Approximately how many staff positions are devoted to security and law enforcement in your regional office? Your area offices? What functions are they responsible for? What training programs are in place or being used? How are security and law enforcement integrated in the training? What improvements would you suggest? Security Is SSLE moving in the right direction, from the regionâs perspective? How does SSLEâs approach to managing security risks compare to how such activities have been implemented by the regions?
APPENDIX B 117 What does the on-site physical security look like for each SCADA system or component? Is there a concern for the physical destruction of any SCADA component? Are you satisfied with the security, authentication, deployment, and oper- ation of existing SCADA networks? Do the on-site infrastructures use specialized protocols and proprietary interfaces? Do security/physical plant managers believe that the SCADA networks are secure because they are âair-gappedâ (i.e., not connected to the I Â nternet)? How are you trying to instill a security mind-set among your staff and stakeholders? What problems arise in an environment that his- torically has encouraged openness and stakeholder involvement? What issues arise in communicating with constituent groups when sensi- tive information is involved? Who is involved with security at the dam/facility? Do you have security guards on contract? How many? What is their work schedule? What is their role? Have you thought about terrorist acts, such as where and how they would occur? Describe the nature of the threats as you envision them. What will you do about the threats? Who has the authority/responsibility for dealing with threats? Have you engaged in target hardening (barricades, surveillance cameras, checking identification regularly, use of technology)? Do you have a continuity of operations plan (COOP) in case something does occur? Law Enforcement Given that SSLE does not have its own employees for law enforcement, how is this task accomplished at your site?
118 ASSESSMENT OF THE BUREAU OF RECLAMATIONâS SECURITY PROGRAM How do you work with local law enforcement? Are any joint exercises conducted? If so, how is this coordinated and executed? How do you address the collection of incident information that could serve as intelligence for further analysis/review? Describe any data- or incident-sharing activities that you have in place with the local law enforcement agencies. Emergency Management How is planning for emergency exercise programs conducted? Describe your emergency notification system. Who provides emergency assistance for casualties? Are there actions the BOR/SSLE can take in tandem with the regions to improve downstream consequences? Are there ways that BOR could be more effective in working with the regions in todayâs emergency management environment? Is the emergency management program appropriately staffed and funded? Does SSLE have the right interfaces with the appropriate stakeholders? Processes, Function, Expertise What is the expertise profile of your staff? Do any expertise deficits exist? If such deficits do exist, how is that impacting your ability to meet your mission objectives? How is threat/incident information made available to you? What are the sources of that information? How would you assess the availability of threat information? Who determines what actions should be taken? How do you communicate threats/necessary actions to local municipal officials/staff? Working Relationships How can SSLE communicate with constituent groups/stakeholders within your region without compromising sensitive information?
APPENDIX B 119 Describe the relationships with SSLEâs Denver office, Washington office, and the Department of the Interior. Which other law enforcement agencies do you interact with (e.g., Bureau of Land Management, National Park Service)? Describe how this Âinteraction takes place. Who are your key stakeholders? Describe how you communicate/work with these groups. What is the role of local/state law enforcement (sheriffâs office, state police, county police, or municipal police) in handling routine crime and disorder problems? That is, do they respond to calls for service at the dam/facility? Do they provide statistics, crime reports, and other infor- mation to you on a regular basis? Does local law enforcement engage in preventive patrol activities around the facility? Or do they only appear when called upon? Does the regional office have a contract or memorandum of understand- ing with local law enforcement at those facilities where a working rela- tionship exists? How would you characterize your relationship with local/state law enforcement? Is it cordial, friendly, and helpful? Or does there appear to be a strain in the relationship? What is the role of local law enforcement with respect to terrorism or natural disasters? Do you have a formal, written plan for handling these types of concerns? If a terrorist act or natural disaster took place, do you have a strategy for dealing with it (an incident command system, policies, procedures, etc.)? Do you work with the Joint Terrorism Task Force or other task forces? How often do they meet? Do you share information? Is the NCI recog- nized as a potential target?