Scan the text and match the headings with its parts.

a. Identification of critical components.

b. Assessment of the physical protection systems vulnerability for facilities.

c. Risk assessment methodology.

d. Estimation of the relative consequence values.

e. Components of the facility characterization.

f. Initial steps in security system analysis.

Text 1. Cost/Benefit Analysis of the Risk.

__ Violence, vandalism, and terrorism are prevalent in the world today. Managers and decision-makers must have a reliable way of estimating risk to help them decide how much security is needed at their facility. A risk assessment methodology (RAM) has been refined by Sandia National Laboratories to assess risk at various types of facilities including US Mints and federal dams. The methodology is based on the traditional risk equation:

Risk = PA * (1 - PE) * C, where

PA is the likelihood of adversary attack,

PE is security system effectiveness,

1 - PE is adversary success, and

C is consequence of loss to the attack.

__ The process begins with a characterization of the facility including identification of the undesired events and the respective critical assets. Guidance for defining a design basis threat is included, as well as for using the definition of the threat to estimate the likelihood of adversary attack at a specific facility. Relative values of consequence are estimated. Methods are also included for estimating the effectiveness of the security system against the adversary attack. Finally, risk is calculated. In the event, that the value of risk is deemed to be unacceptable (too high), the methodology addresses a process for identifying and evaluating security system upgrades in order to reduce risk.

__ An analysis methodology has been used to assess the vulnerability of physical protection systems for facilities. Here we describe the order and sequence of the seven basic steps of the methodology.