46 U.S. Code § 70102 - United States facility and vessel vulnerability assessments
(a) Initial Assessments.—
The Secretary shall conduct an assessment of vessel types and United States facilities on or adjacent to the waters subject to the jurisdiction of the United States to identify those vessel types and United States facilities that pose a high risk of being involved in a transportation security incident.
(b) Facility and Vessel Assessments.—
(1) Based on the information gathered under subsection (a) of this section, the Secretary shall conduct a detailed vulnerability assessment of the facilities and vessels that may be involved in a transportation security incident. The vulnerability assessment shall include the following:
Identification of weaknesses in physical security, security against cybersecurity risks, passenger and cargo security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, contingency response, and other areas as determined by the Secretary.
The Secretary shall update each vulnerability assessment conducted under this section at least every 5 years.
In lieu of conducting a facility or vessel vulnerability assessment under paragraph (1), the Secretary may accept an alternative assessment conducted by or on behalf of the owner or operator of the facility or vessel if the Secretary determines that the alternative assessment includes the matters required under paragraph (1).
(c) Sharing of Assessment Integration of Plans and Equipment.—The owner or operator of a facility, consistent with any Federal security restrictions, shall—
make a current copy of the vulnerability assessment conducted under subsection (b) available to the port authority with jurisdiction of the facility and appropriate State or local law enforcement agencies; and
integrate, to the maximum extent practical, any security system for the facility with compatible systems operated or maintained by the appropriate State, law enforcement agencies, and the Coast Guard.
2018—Subsec. (b)(1). Pub. L. 115–254, § 1805(d)(1)(A), struck out “and by not later than December 31, 2004” after “subsection (a) of this section” in introductory provisions.
2010—Subsec. (c). Pub. L. 111–281 added subsec. (c).
Statutory Notes and Related Subsidiaries
Effective Date of 2018 Amendment
“The amendments made by this subsection [amending this section and section 70103 of this title] shall apply to assessments or security plans, or updates to such assessments or plans, submitted after the date that the cybersecurity risk assessment model is developed under subsection (a) [46 U.S.C. 70112 note].”
Coordination with TSA on Maritime Facilities
“The Secretary of Homeland Security shall—
provide the Administrator of the TSA [Transportation Security Administration] with updates to vulnerability assessments required under section 70102(b)(3) of title 46, United States Code, to avoid any duplication of effort between the Coast Guard and the TSA; and
identify any security gaps between authorities of operating entities within the Department of Homeland Security that a threat could exploit to cause a transportation security incident (as defined in section 70101 of title 46, United States Code).”
“In this division [see section 1801 of Pub. L. 115–254, set out as a Short Title of 2018 Amendment note under section 101 of this title]:
“(1) Appropriate committees of congress.—The term ‘appropriate committees of Congress’ means—
the Committee on Commerce, Science, and Transportation of the Senate;
the Committee on Homeland Security and Governmental Affairs of the Senate;
the Committee on Homeland Security of the House of Representatives; and
the Committee on Transportation and Infrastructure of the House of Representatives.
The term ‘TSA’ means the Transportation Security Administration.”