AIS THREATS AND RISK ANALYSIS First,  when  designing  its  security  program,  a command must look at the potential AIS threats and perform a risk analysis. AIS THREATS When  planning  a  security  program,  the  AIS technical manager should be aware of all the types of threats that may be encountered. Not every Navy AIS facility will be faced with each type of threat, especially if the facility is aboard ship. The impact of a given threat may depend on the geographical location of the AIS  facility  (earthquakes),  the  local  environment (flooding), and potential value of property or data to a thief, or the perceived importance of the facility to activists and demonstrators or subversives. Examples of natural and unnatural threats include: l l l l l l l l Unauthorized  access  by  persons  to  specific  areas and equipment for such purposes as theft, arson, vandalism,  tampering,  circumventing  of  internal controls,   or   improper   physical   access   to information; AIS hardware failures; Failure of supporting utilities, including electric power,   air   conditioning,   communications circuits, elevators, and mail conveyors; Natural disasters, including floods, windstorms, fires, and earthquakes; Accidents  causing  the  nonavailability  of  key personnel; Neighboring  hazards,  such  as  close  proximity  to chemical or explosive operations, airports, and high crime areas; Tampering with input, programs, and data; and The compromise of data through interception of acoustical  or  electromagnetic  emanations  from AIS hardware. The preceding list of threats to the operation of an AIS facility contains only a few of the reasons why each command  should  have  an  ongoing  security  program adapted  and  tailored  to  its  individual  needs  and requirements. Not all threats and preventive measures can be discussed in this chapter. However, we will cover  the  more  common  threats  and  remedial  measures. For a thorough review of the subject, refer to the Department of the Navy Physical Security and Loss Prevention, OPNAVINST 5530.14. RISK ANALYSIS The AIS facility upper management should begin development  of  the  security  program  with  a  risk analysis. A risk analysis, as related to this chapter, is the study of potential hazards that could threaten the performance, integrity, and normal operations of an AIS facility. Experience at various commands shows that a quantitative  risk  analysis  produces  the  following benefits: l l l l l Objectives of the security program relate directly to the missions of the command. Those  charged  with  selecting  specific  security measures  have  quantitative  guidance  on  the  type and  amount  of  resources  the  AIS  facility considers  reasonable  to  expend  on  each  security measure. Long-range   planners   receive   guidance   in applying security considerations to such things as site selection, building design, hardware configurations  and  procurements,  software systems, and internal controls. Criteria   are   generated   for   designing   and evaluating   contingency   plans   for   backup operations, recovery from disaster, and dealing with  emergencies. An explicit security policy can be generated that identifies what is to be protected, which threats are significant, and who will be responsible for executing, reviewing, and reporting the security program. Loss Potential Estimates The first step to consider when preparing the risk analysis is to estimate the potential losses to which the AIS facility is exposed. The objective of the loss potential estimate is to identify critical aspects of the AIS facility operation and to place a monetary value on the loss estimate. Losses may result from a number of possible  situations,  such  as: l l Physical  destruction  or  theft  of  tangible assets. The loss potential is the cost to replace lost assets and the cost of delayed processing. Loss  of  data  or  program  files.  The  loss potential is the cost to reconstruct the files, either 4-14