The Secretary shall conduct an assessment of vessel types and United States facilities on or adjacent to the waters subject to the jurisdiction of the United States to identify those vessel types and United States facilities that pose a high risk of being involved in a transportation security incident.
Based on the information gathered under subsection (a) of this section, the Secretary shall conduct a detailed vulnerability assessment of the facilities and vessels that may be involved in a transportation security incident. The vulnerability assessment shall include the following:
Based on the information gathered under subsection (a) of this section, the Secretary shall conduct a detailed vulnerability assessment of the facilities and vessels that may be involved in a transportation security incident. The vulnerability assessment shall include the following:
(A) Identification and evaluation of critical assets and infrastructures.
(B) Identification of the threats to those assets and infrastructures.
(C) Identification of weaknesses in physical security, security against cybersecurity risks, passenger and cargo security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, contingency response, and other areas as determined by the Secretary.
(2) Upon completion of an assessment under this subsection for a facility or vessel, the Secretary shall provide the owner or operator with a copy of the vulnerability assessment for that facility or vessel.
(3) The Secretary shall update each vulnerability assessment conducted under this section at least every 5 years.
(4) In lieu of conducting a facility or vessel vulnerability assessment under paragraph (1), the Secretary may accept an alternative assessment conducted by or on behalf of the owner or operator of the facility or vessel if the Secretary determines that the alternative assessment includes the matters required under paragraph (1).
The owner or operator of a facility, consistent with any Federal security restrictions, shall—
(1) make a current copy of the vulnerability assessment conducted under subsection (b) available to the port authority with jurisdiction of the facility and appropriate State or local law enforcement agencies; and
(2) integrate, to the maximum extent practical, any security system for the facility with compatible systems operated or maintained by the appropriate State, law enforcement agencies, and the Coast Guard.
(Added Pub. L. 107–295, title I, § 102(a), Nov. 25, 2002, 116 Stat. 2068; amended Pub. L. 108–458, title IV, § 4072(b), Dec. 17, 2004, 118 Stat. 3730; Pub. L. 111–281, title VIII, § 822, Oct. 15, 2010, 124 Stat. 3003; Pub. L. 115–254, div. J, § 1805(d)(1), Oct. 5, 2018, 132 Stat. 3535.)