United States
     Environmental Protection
     Agency
Office of Water (4601M)
EPA817-K-06-001
www.epa.gov/watersecurity
February 2006
Recycled/Recyclable • Printed with Vegetable Oil Based Inks on
    100% Postconsumer, Process Chlorine Free Recycled Paper

-------
     United States
     Environmental Protection
     Agency
Office of Water (4601M)

EPA817-K-06-001

WWW.epa.gov/watersecurity         Recycled/Recyclable • Printed with Vegetable Oil Based Inks on

February 2006                          100% Postconsumer, Process Chlorine Free Recycled Paper

-------
B.  National Measures

The NDWAC recommended that EPA consider three potential measures of
national, sector-wide, aggregate progress:

 •  Implementation of active and effective security programs as measured
    by the degree of implementation of the 14 program features and
    corresponding feature-specific measures.

 •  Reduction in security risks as measured by the total number of assets
    determined to be a high security risk and the number of former high
    security risk assets lowered to medium or low risk, based on the results
    of vulnerability assessments.

 •  Reduction in the inherent risk potential of utility operations as
    measured by Clean Air Act Section 112(r) reporting on hazardous
    substances and by the number of utilities that convert from use of
    gaseous chlorine to other forms of chlorine or other treatment methods.

With respect to a national measurement process, the NDWAC recommended
that:
    Participation be voluntary;
    Results of national aggregate measures be presented only in aggregated
    form; and
    Issues associated with the need for data confidentiality (if any) be fully
    addressed before any national measurement program is put in place.
V.  Conclusion

Ultimately, the goal of implementing
the 14 security features recommended
by NDWAC is to create a significant
improvement in water security on a
national scale, by reducing vulnerabilities,
and therefore risk to public health from
terrorist attacks and natural disasters. To
create a sustainable effect, the sector as a
whole must not only adopt and actively
practice the features, but also incorporate
the features into "business as usual."
20
Active and Effective  Water Security
Programs
National Drinking Water Advisory Council
Recommendations on Water Security
SUMMARY REPORT

Table of Contents

I.   How These Recommendations Were Developed            2

II.  Features Of An Active And Effective Security
    Program                                               4

    A.   Organizational Features                             5
    B.   Operational Features                                7
    C.   Infrastructure Features                             12
    D.   External Features                                  15

III. Incentives For Utilities To  Develop An Active And
    Effective Security Program                             17

IV. Measures To Assess Improvements In Security Programs   18
    A.  Utility-specific Measures
    B.  National Measure s

V.  Conclusion
18
20

20

-------
Summary Report
This document provides a summary of the water security recommendations
of the National Drinking Water Advisory Council (NDWAC). The
purpose of this summary is to raise awareness of active and effective
security features, resources, incentives, and measures for drinking water
and wastewater utilities nationwide. EPA will supplement the NDWAC
recommendations with additional implementation guidance. The full text
of the NDWAC Report is available at www.epa.gov/safewater/ndwac/
council.html. Readers are encouraged to go beyond this summary to the full
NDWAC Report to understand the depth and context of their deliberations
and recommendations.
I.   How These Recommendations Were Developed

A secure water sector is critical to protect public health and ensure public
confidence. In fall 2003, the NDWAC established a Water Security Working
Group (WSWG) to consider and make recommendations on water security
issues. The NDWAC directed the WSWG to:

 •  Identify active and effective security practices for drinking water
    and wastewater utilities, and provide an approach for adopting these
    practices.

    Recommend mechanisms to provide incentives that facilitate broad
    and receptive response among the water sector to implement active and
    effective security practices.

    Recommend mechanisms to measure progress and achievements in
    implementing active and effective security practices, and identify
    barriers to implementation.

The WSWG included stakeholders from many perspectives and used
a collaborative, problem-solving approach to develop its findings, as
illustrated in Figure 1. The WSWG presented its findings to the NDWAC.
which unanimously adopted the findings as Council recommendations. The
NDWAC recommendations on security are structured to maximize benefits
to utilities by emphasizing actions that have the potential both to improve
the quality or reliability of utility service, and to enhance security. The
recommendations were designed for use by water systems of all types and
sizes, including small systems.
Features Potential Measures of Progress
(see the full NDWAC report for all measures)
Organizational Features
Feature 1 - Explicit
commitment to security
Feature 2 - Promote
security awareness
Feature 5 - Defined security roles
and employee expectations
Operational Features
Feature 3 -Vulnerability
assessment up to date
Feature 4 - Security resources
and implementation priorities
Feature 7 - Contamination
detection
Feature 10 -Threat-level based
protocols
Feature 1 1 - Emergency Response
Plan tested and up to date
Feature 14- Utility-specific
measures and self assessment
Infrastructure Features
Feature 6 - Intrusion detection
and access control
Feature 8 - Information
protection and continuity
Feature 9 - Design and
construction standards
External Features
Feature 1 2 - Communications
Feature 1 3 - Partnerships
Does a written, enterprise-wide security policy exist and is the Jj
policy reviewed regularly and updated as needed?
Are incidents reported in a timely way and reviewed, and are jfcr
lessons learned from incident responses incorporated, as V
appropriate, into future utility security efforts?
Are managers and employees who are responsible for security S]
identified?
Are reassessments of vulnerabilities made after incidents, and jfcf
are lessons learned and other relevant information V
incorporated into security practices?
Are security priorities clearly identified and to what extent do jfcf
security priorities have resources assigned them? V
Is there a protocol/procedure in place to identify and respond jfcf
to suspected contamination events?
Is there a protocol/procedure for responses to threat level Ifcr
changes? W
Do exercises address the full range of threats - physical, cyber, ,
and contamination - and is there protocol/procedure to Ifcr^
incorporate lessons learned from exercises and actual responses IV
into updated emergency response and recovery plans?
Does the utility perform self-assessment at least annually? Jj
To what extent are methods to control access to sensitive assets 1U[
in place?
Is there a procedure to identify and control security-sensitive S
information, is information correctly categorized, and how do Mj
control measures perform under testing?
Is there a protocol/procedure for incorporation of security s
considerations into internal utility design construction standards *fi
for new facilities/infrastructure and major maintenance projects? ™
Is there a mechanism for utility employees, partners, and the ^S
community to notify the utility of suspicious occurrences and J]
other security concerns?
Have reliable and collaborative partnerships with customers, s
managers of independent interrelated infrastructure, public ftj
health officials and providers, response organizations and other
utilities been established?
                                                                                         Table 1.   Recommended measures to assess effectiveness of a utility's
                                                                                                   security program
                                                                                                                                                         19

-------
IV. Measures to Assess Improvements in Security
    Programs

The main outcome of an active and effective security program is to ensure
reliable operation of water and wastewater systems in times of crisis or
disaster. Utilities should assess and seek to improve their security programs
on an ongoing basis to keep programs "fresh," and take advantage of
emerging approaches and new technologies. Assessment will increase the
effectiveness and efficiency of security programs and organizations over time.

To aid utilities in identifying progress in improving security programs, the
NDWAC recommended both utility-specific measures of security activities
and achievements as well as  suggesting national, sector-wide, aggregate
measures of progress.

A.  Utility-specific Measures

The NDWAC recommended measures of progress for security activities and
achievements that should form the basis of a utility-specific self-assessment
and measurement program. These measures could be considered by a
full range of utilities, regardless of utility size, circumstance, or operating
conditions. Each measure corresponds to one of the recommended features of
an active and effective security program. Utilities could adapt or supplement
the measures listed in Table 1 with additional measures that reflect the
specific security approaches and tactics they have chosen. Additionally, other
measures may be more appropriate for individual utilities.
18
                                                                                           The NDWAC identified 14 features of active and effective security
                                                                                           programs that are important to increasing security and relevant across
                                                                                           the broad range of utility circumstances and operating conditions. The 14
                                                                                           features are, in many cases, consistent with the steps needed to maintain
                                                                                           technical, management, and operational performance capacity related to
                                                                                           overall water quality. Many utilities may be able to adopt some of the
                                                                                           features with minimal, if any, capital investment.
                                                                                                                     public health Co»,
                             CONSENSUS
                         RECOMMENDATIONS
                         FOR DRINKING WATER
                          AND WASTEWATER
                           UTILITY SECURITY
Figure 1.  A variety of stakeholders worked together collaboratively to
          arrive at recommendations that can be used by all utilities

-------
II.  Features Of An Active And Effective Security
    Program

The centerpiece of the NDWAC's recommendations defines an "active and
effective" utility security program. In identifying common features of active
and effective security programs, the NDWAC emphasized that "one size
does not fit all" and that there will be variability in security approaches and
tactics among water utilities, based on utility-specific circumstances and
operating conditions.  The 14 features:

    Are sufficiently flexible to apply to all utilities, regardless of size.
 •  Incorporate the idea that active and effective security programs should
    have measurable goals and time lines.
 •  Allow flexibility  for utilities to develop specific security approaches
    and tactics that are appropriate to utility-specific circumstances.

Water utilities can differ in many ways including:
    Supply source (ground water, surface water, etc.)
    Number of supply sources            	
    Treatment capacity
    Operational risk
    Location risk
    Security budget
    Spending priorities
    Political and public support
    Legal barriers
    Public vs. private ownership
The NDWAC recommends that all utilities address security in an informed
and systematic way, regardless of these differences. Utilities need to fully
understand the specific, local circumstances and conditions under which
they operate, and develop a security program tailored to those conditions.
The NDWAC's goal in identifying common features of active and effective
security programs is to achieve consistency in security program outcomes
among water utilities, while allowing for and encouraging utilities to
develop utility-specific security approaches and tactics. The features
are based on an integrated approach that incorporates a combination of
public involvement and awareness, partnerships, and physical, chemical,
operational, and design controls to increase overall program performance.
They address utility security in four functional categories: organizational,
operational, infrastructure, and external. Figure 2 illustrates the features
and their functional categories.
4
III. Incentives for Utilities to Develop an Active and
    Effective Security Program

To provide recognition and incentives that facilitate receptiveness among
the water sector to implement active and effective security programs, the
NDWAC recommended that EPA, DHS, state agencies, and water and
wastewater utility organizations:

 •  Provide information on the importance of active and effective security
    programs to utilities, to communicate to owners and operators the
    benefits of active and effective security programs and the potential
    negative consequences of failing to address security.

 •  Develop programs and/or awards that recognize utilities that develop
    and maintain active and effective security programs, and that
    demonstrate superior security performance.

 •  Support development and implementation of a voluntary utility security
    peer technical assistance and review program.

 •  Help utilities develop active and effective security programs by
    providing different types of technical assistance, including technology
    verification information.

 •  Support utility security programs by helping utilities obtain access
    to needed security-related support systems and infrastructure, and by
    supporting inclusion of utilities in security exercises.

 •  Support security enhancements with grant and loan programs focused
    on security, without reducing existing non-security focused grant and
    loan programs.

    Provide educational and other materials to boards, utility governing
    bodies, and rate setting organizations to help them understand costs
    associated with implementing active  and effective security programs.
                                                                  17

-------
    understanding and to share information about the utility's security
    concerns and planning. Such efforts will maximize the efficiency
    and effectiveness of a mutual aid program during an emergency
    response effort, as the organizations will be familiar with each others'
    circumstances, and thus will be better able to serve each other.

    It is also important for utilities to develop partnerships with the
    communities and customers they serve. Partnerships help to build
    credibility within communities and establish public confidence in utility
    operations. People who live near utility structures ("water watchers") can
    be the eyes and ears of the utility, and can be encouraged to notice and
    report changes in operating procedures or other suspicious behaviors.

    Utilities and public health organizations should establish formal
    agreements on coordination to ensure regular exchange of information
    between utilities and public health organizations, and outline
    roles and responsibilities during response to and recovery from an
    emergency. Coordination is important at all levels of the public health
    community—national public health, county health agencies, and health-
    care providers, such as  hospitals.

    Feature 13 Resources
    Security Information Collaboratives Guide
    www.epa.gov/nhsrc/pubs/brochureSIC051805.pdf
    Domestic Terrorism: Resources for Local Government
    wwwnlc.org/lssues/Homeland_Security	Public_Safety/index.cfm
    Florida's Water-Wastewater Agency Response Network (FlaWARN)
    www.flawarn.org
16
                                                                                                       Organizational Features
                                                                                                         1 Explicit Commitment to Security
                                                                                                         2 Promote Security Awareness
                                                                                                         5 Defined Security Roles and Employee Expectations
                                                                                                                       Active
                                                                                                                       and
                                                                                                                       Effective
                                                                                                                       Security
                                                                                                                       Program
                                                                                                                                    Infrastructure Features
                                                                                                                                      6 Intrusion Detection and Access Control
•                                                                                                                                      8 Information Protection and Continuity
                                                                                                                                      9 Design and Construction Standards
Operational Features
  3  Vulnerability Assessment Up to Date
  4  Security Resources and Implementaion Priorities
  7  Contamination Detection
  10 Threat-level Based Protocols
  11 Emergency Response Plan tested and Up to Date
  14 Utility-specific Measures and Self Assessment
External Features
  12 Communications
  13 Partnerships
  Figure 2. The 14 features of an active and effective security program
  A.  Organizational Features

  There is always something that can be done to improve security. Even
  when resources are limited, the simple act of increasing organizational
  attentiveness to security may reduce vulnerability and increase
  preparedness. The first step to achieving preparedness is to make security
  a part of the organizational culture, so that it is in the day-to-day thinking
  of front-line employees, emergency responders, and management of every
  water and wastewater utility in a community. To successfully incorporate
  security into "business as usual," there must be a strong commitment to
  security by organization leadership and by the supervising body, such as
  the utility board or rate  setting organization. The following features address
  how a security culture can be incorporated into an organization.

-------
Feature 1.  Make an explicit and visible commitment of the
            senior leadership to security.
    Utilities should create an explicit, visible, easily communicated.
    enterprise-wide commitment to security, which can be done through:

        Incorporating security into a utility-wide mission or vision
        statement, addressing the full scope of an active and effective
        security program—that is, protection of public health, public
        safety, and public confidence, and that is part of core day-to-day
        operations.

     4  Developing an enterprise-wide security policy or set of policies.

    Utilities should use the process of making a commitment to security
    as an opportunity to raise awareness of security throughout the
    organization, making the commitment visible to all employees and
    customers, and to help every facet of the enterprise recognize the
    contribution they can make to enhancing security.

    Feature 1 Resource
    Establishing the Security Culture Begins from the Top
    www. cisco.com/web/about/security/intelligence/05_07_security-culture.
    html
Feature 2.  Promote security awareness throughout the
            organization.
    The objective of a security culture should be to make security
    awareness a normal, accepted part of day-to-day operations. Examples
    of tangible efforts include:

     4  Conducting employee training;
        Incorporating security into job descriptions;
     4  Establishing performance standards and evaluations for security;
     4  Creating and maintaining a security tip line and suggestion box for
        employees;
     4  Making security a routine part of staff meetings and organization
        planning, and
     4  Creating a security policy.

    Feature 2 Resource
    Water Security Training Courses, Meetings, and Workshops/
    Webcasts, USEPA
    cfpub.epa.gov/safewater/watersecurity/outreach.cfm
D.  External Features
Strong relationships with response partners and the public strengthen
security and public confidence. Two of the recommended features of active
and effective security programs address this need.
Feature 12. Develop and implement strategies for regular,
            ongoing security-related communications with
            employees, response organizations, rate setting
            organizations, and customers.
    An active and effective security program should address protection
    of public health, public safety (including infrastructure), and public
    confidence. Utilities should create an awareness of security and an
    understanding of the rationale for their overall security management
    approach in the communities they serve, including rate setting
    organizations.

    Effective communication strategies consider key messages; who
    is best equipped/trusted to deliver the key messages; the need for
    message consistency, particularly during an emergency; and the best
    mechanisms for delivering messages and for receiving information and
    feedback from key partners. The key audiences for communication
    strategies are utility employees, response organizations, and customers.

    Feature 12 Resource
    Security Risk Communication Training
    www.epa.gov/safewater/dwa/course-genint.html
Feature 13. Forge reliable and collaborative partnerships
            with the communities served, managers
            of critical interdependent infrastructure,
            response organizations, and other local utilities.
    Effective partnerships build collaborative working relationships and
    clearly define roles and responsibilities, so that people can work
    together seamlessly if an emergency should occur. It is important for
    utilities within a region and neighboring regions to collaborate and
    establish a mutual aid program with neighboring utilities, response
    organizations, and sectors, such as the power sector, on which
    utilities rely or impact. Mutual aid agreements provide for help from
    other organizations that is prearranged and can be accessed quickly
    and efficiently in the event of a terrorist attack or natural disaster.
    Developing reliable and collaborative partnerships involves reaching
    out to managers and key staff in other organizations to build reciprocal
                                                                15

-------
Feature 9.  Incorporate security considerations into decisions
            about acquisition, repair, major maintenance, and
            replacement of physical infrastructure; include
            consideration of opportunities to reduce risk
            through physical hardening and adoption of
            inherently lower-risk design and technology options.
    Prevention is a key aspect of enhancing security. Consequently,
    consideration of security issues should begin as early as possible in
    facility construction (i.e., it should be a factor in facility plans and
    designs). However, to incorporate security considerations into design
    choices, utilities need information about the types of security design
    approaches and equipment that are available and the performance of
    these designs and equipment in multiple dimensions. For example,
    utilities would evaluate
    not just the way that a
    particular design might
    contribute to security, but
    also would look  at how
    that design would affect
    the efficiency of day-to-day
    plant operations  and worker
    safety. Numerous resources
    are available to provide
    information for designers
    and owners/operators of
    water utilities on design
    approaches and upgrades
    that improve security and
    reduce vulnerability.

    Feature 9 Resources
    EPA Security Product Guides
    epa.gov/watersecurity/guide
    Interim Voluntary Security Guidelines for Water Utilities (2004),
    issued byAWWA under a grant from EPA
    www.awwa.org/science/wise
    Interim Voluntary Security Guidance for Wastewater/Stormwater
    Utilities (2004), issued by Water Environment Federation under the
    same EPA grant
    www.wef.org/ConferencesTraining/TrainingProfessionalDevelopment/
    WaterSecurity/WEFSecu rityGuidance.htm
14
Feature 5.  Identify managers and employees who are
            responsible for security and establish security
            expectations for all staff.
     4  Explicit identification of security responsibilities is important for
        development of a security culture with accountability.
     4  At a minimum, utilities should identify a single, designated
        individual responsible for overall security, even if other security
        roles and responsibilities are dispersed throughout the organization.
     4  The number and depth of security-related roles will depend on a
        utility's specific circumstances.

    Feature 5 Resource
    Drinking Water Emergency Exercises - Summary Report
    wwwdoh.wa.gov/ehp/dw/Publications/331-280_emergency_exercises_
    summary_report_1 -12-05_web. pdf

B.   Operational Features

In addition to having a strong culture and awareness of security within
an organization, an active and effective security program makes security
part of operational activities, from daily operations, such as monitoring of
physical access controls, to scheduled annual reassessments. Utilities will
often find that by implementing security into operations they can also  reap
cost benefits, and improve the quality or reliability of utility service.
Feature 3.  Assess vulnerabilities and periodically review
            and update vulnerability assessments to reflect
            changes in potential threats and vulnerabilities.
    Because circumstances change, utilities should maintain their
    understanding and assessment of vulnerabilities as a "living document,"
    and continually adjust their security enhancement and maintenance
    priorities. Utilities should consider their individual
    circumstances and establish and implement a
    schedule for review of their vulnerabilities.
                                             Evaluate
Analyze/
Reduce Risk
                                  Assess Likelihood
                       Determine Critical Assets
                                                                                                      Identify/Prioritize
                                                                                           Characterize
                                                                                          Figure 3. Steps for reviewing vulnerability assessments

-------
    Assessments should take place once every three to five years at a
    minimum. Utilities may be well served by doing assessments annually.

    EPA has published guidance on the basic elements of sound
    vulnerability assessments; these elements are:

        Characterization of the water system, including its mission and
        objectives;
        Identification and prioritization of adverse consequences;
        Determination of critical assets that might be  subject to malevolent
        acts that could result in undesired consequences;
     4  Assessment of the likelihood of such malevolent acts from
        adversaries;
     +  Evaluation of existing countermeasures; and
     4  Analysis of current risk and development of a prioritized plan for
        risk reduction.
    Feature 3 Resources
    EPA Vulnerability Assessment Tools
    cfpub.epa.gov/safewater/watersecurity/home.cfm?program_id=11
    Security Information Collaboratives Guide
    www.epa.gov/ordnhsrc/pubs/brochureSIC051805.pdf
Feature 4.  Identify security priorities and, on an annual basis,
            identify the resources dedicated to security
            programs and planned security improvements, if any.
    Dedicated resources are important to ensure a sustained focus on security.
    Investment in security should be reasonable considering utilities' specific
    circumstances. In some circumstances, investment may be as simple as
    increasing the amount of time and attention that executives and managers
    give to security. Where threat potential or potential consequences are
    greater, increased investment is likely warranted.

    This feature establishes the expectation that utilities should, through
    their annual capital, operations and maintenance, and staff resources
    plans, identify and set aside resources consistent with their specific
    identified security needs. Security priorities should be  clearly
    documented and should be reviewed with utility executives at least
    once per year as part of the budgeting process.

    Feature 4 Resources
    Grants and Funding
    cfpub.epa.gov/safewater/watersecurity/financeassist.cfm
    Small System Resources
    cfpub.epa.gov/safewater/watersecurity/smallsystems.cfm
8
Feature 8.  Define security-sensitive information; establish
            physical, electronic, and procedural controls to
            restrict access to security-sensitive information;
            detect unauthorized access; and ensure information
            and communications systems will function during
            emergency response and recovery.

    Protecting IT systems involves using physical hardening and procedural
    steps to limit the number of individuals with authorized access and
    to prevent access by unauthorized individuals. Examples of physical
    steps to harden SCADA and IT networks include installing and
    maintaining fire walls, and screening the network for viruses. Examples
    of procedural steps include restricting remote access to data networks
    and safeguarding critical data through backups and storage in safe
                                      places. Utilities should strive for
                                      continuous operation of IT and
                                      telecommunications systems in
                                      the event of an emergency by
                                      providing uninterruptible power
                                      supply and back up systems,
                                      such as satellite phones.

                                      In addition to protecting IT
                                      systems, security-sensitive
                                      information should be identified
    and restricted to the appropriate personnel. Security-sensitive
    information could be contained within:

     *-  Facility  maps and blueprints;
     4  Operations details;
        Hazardous material utilization;
     *  Tactical level security program details; and
        Any other information on utility operations or technical details that
        could aid in planning or execution of an attack.

    Identification of security-sensitive information should consider all
    ways that utilities might use and make public information (e.g., during
    the competitive bidding processes for construction of new facilities or
    infrastructure). Finally, information critical to the continuity of day-to-
    day operations should be identified and backed up.

    Feature 8 Resource
    Protecting Water System Security Information
    www.epa.gov/safewater/watersecu rity/pubs/ncsl_foia_sept03.pdf
                                                                 13

-------
Feature 14. Develop utility-specific measures of security
            activities and achievements, and self assess
            against these measures to understand and
            document program progress.
    Although security approaches and tactics will be different depending
    on utility-specific circumstances and operating conditions, the NDWAC
    recommends that all utilities monitor and measure common types of
    activities and achievements, including existence of program policies and
    procedures, training, testing, and implementing schedules and plans. These
    and other suggested measures are discussed in Section IV of this summary.

    Feature 14 Resources
    Security Vulnerability Self-Assessment Guide for Very Small Systems
    http://asdwa.citysoft.com/_uploads/documents/live/5-31 draftlatestv3.pdf
    See also Booklet Section IV.A, "Utility-specific measures."

C.   Infrastructure Features

The NDWAC recommendations advise utilities to address security in all
elements of utility infrastructure — from source water to distribution and
through wastewater collection and treatment.
Feature 6.  Establish physical and procedural controls
            to restrict access to utility infrastructure to only
            those conducting authorized, official business
            and to detect unauthorized physical intrusions.
    Physical access controls include fencing critical areas, locking gates and doors,
    and installing barriers at site access points. Monitoring for physical intrusion
    can include maintaining well-lighted facility perimeters, installing motion
    detectors, and utilizing intrusion alarms. Neighborhood watches, regular
    employee rounds, and arrangements with local police and fire departments can
    support identifying unusual activity in the vicinity of facilities.

    Procedural access controls include inventorying keys, changing access
    codes regularly, and requiring security passes to pass gates and access
    sensitive areas. In addition, utilities should establish the means to
    readily identify all employees including contractors and temporary
    workers with unescorted access to facilities.
12
    Feature 6 Resources
    EPA Security Product Guides
    epa.gov/watersecurity/guide
    Water Watchers Brochure
    epa.gov/watersecurity/pubs/brochure_security_waterwatchers.pdf
Feature 7.  Employ protocols for detection of contamination
            consistent with the recognized limitations in current
            contaminant detection, monitoring, and surveillance
            technology.

    Until progress can be made in development of practical and affordable
    online contaminant monitoring and surveillance systems, most utilities
    must use other approaches. This includes monitoring data of physical
    and chemical contamination surrogates, pressure change abnormalities,
    free and total chlorine residual, temperature, dissolved oxygen, and
    conductivity.
    Many utilities already measure the above parameters on a regular basis
    to control plant operations and confirm water quality. More closely
    monitoring these parameters may create operational benefits for utilities
    that extend far beyond security, such as reducing operating costs and
    chemical usage. Utilities also should thoughtfully monitor customer
    complaints and improve connections with local public health networks
    to detect public health anomalies. Customer complaints and public
    health anomalies are important ways to detect potential contamination
    problems and other water quality concerns.

    Feature 7 Resources
    The State of the Science in Monitoring Drinking Water Quality
    www.epa.gov/ordnhsrc/pubs/reportEWS120105.pdf
    WaterSentinel Pilot
    www.epa.gov/ordnhsrc/pubs/fsWaterSentinel062005.pdf
    Guidelines for Designing an Online Contaminant Monitoring System
    www. asce.org/static/1 /wise. cfm#Monito ring System

-------
Feature 10. Monitor available threat-level information and
            escalate security procedures in response to
            relevant threats.
    Monitoring threat information should be a regular part of a security
    program manager's job, and utility-, facility- and region-specific threat
    levels and information should be shared with those responsible for security.
    As part of security planning, utilities should develop systems to assess
    threat information and procedures that will be followed in the event of
    increased industry or facility threat levels. Utilities should be prepared
    to put these procedures in place immediately, so that adjustments are
    seamless. Involving local law enforcement and FBI is critical.

    Utilities should investigate what networks  and information sources
    might be available to them locally, and at the state and regional level.
    If a utility cannot gain access to some information networks, attempts
    should be made to align with those who can and will provide effective
    information to the utility on a timely basis.

    Feature 10 Resources
    Security Information Collaboratives Guide
    www.epa.gov/ordnhsrc/pubs/brochureSIC051805.pdf
    WaterlSAC
    www.waterisac.org
    Water Security Channel
    www.watersc.org
    DHS Homeland Security Information Network (HSIN)
    www.dhs.gov/dhspublic/display?theme=30&content=3813
    CDC Health Alert Network
    www.phppo.cdc.gov/han/
Feature 11. Incorporate security considerations into emergency
            response and recovery plans, test and review plans
            regularly, and update plans to reflect changes in
            potential threats, physical infrastructure, utility
            operations, critical interdependencies, and
            response protocols in partner organizations.
    Utilities should maintain response and recovery plans as "living
    documents." In incorporating security considerations into their
    emergency response and recovery plans, utilities also should be aware
    of the National Incident Management System (NIMS) guidelines,
    established by DHS, and of regional and local incident management
    commands and systems, which tend to flow from the national
    guidelines. Adoption of NIMS is required to qualify for funds dispersed
    through EPA and DHS.
10
Utilities should consider their individual circumstances and implement
a schedule for review of emergency response and recovery plans.
Utility plans should be thoroughly coordinated with emergency
response and recovery planning in the larger community. As part of this
coordination, a mutual aid program should be established to arrange in
advance for exchanging resources (personnel or physical assets) among
utilities within a region, in the event of an emergency or disaster that
disrupts operation. Typically, the exchange of resources is based on a
written formal mutual aid agreement. For example, Florida's Water-
Wastewater Agency Response Network (FlaWARN), deployed after
Hurricane Katrina, allowed the new "utilities helping utilities" network
to respond to urgent requests from Mississippi for help to bring
facilities back on-line after the hurricane.

The emergency response and recovery plans should be reviewed and
updated as needed annually. Utilities should test or exercise their
emergency response and recovery plans regularly.

Feature  11 Resources
Emergency Response Tabletop Exercises for Drinking Water and
Wastewater Systems CD
cfpub.epa.gov/safewater/watersecurity/trainingcd.cfm
Response Protocol Toolbox: Response Guidelines
www.epa.gov/safewater/watersecu rity/pubs/rptb_response_guidelines.pdf
National Incident Management System (NIMS)
www.fema.gov/nims
                                                             11

-------