Risk Analysis and Management for Critical Asset Protection

Overview
The Risk Analysis and Management for Critical Asset Protection (RAMCAP) approach is designed to provide guidance on approaches and methodologies for the following:

• Analyzing risks associated with adversary attacks • Identifying and developing countermeasures and consequence-mitigation strategies to reduce risks • Evaluating countermeasures and consequence-mitigation strategies using benefit-cost and other methods to inform resource allocation decisions.

The RAMCAP approach is intended to be a broadly applicable framework for all critical infrastructure sectors. Sector-specific features and examples can be added to fine-tune the approach for a specific sector. The approaches and methodologies employed by RAMCAP are designed to be general in nature and should only be used by experienced risk-analysis practitioners and decision-makers. Existing asset assessments or new asset assessments based on qualitative methods can be used with this approach.