6 U.S. Code § 321l - Guidance and recommendations

(a) In general

Consistent with their responsibilities and authorities under law, as of the day before August 3, 2007, the Administrator and the Director of the Cybersecurity and Infrastructure Security Agency, in consultation with the private sector, may develop guidance or recommendations and identify best practices to assist or foster action by the private sector in—

(1) identifying potential hazards and assessing risks and impacts;

(2) mitigating the impact of a wide variety of hazards, including weapons of mass destruction;

(3) managing necessary emergency preparedness and response resources;

(4) developing mutual aid agreements;

(5) developing and maintaining emergency preparedness and response plans, and associated operational procedures;

(6) developing and conducting training and exercises to support and evaluate emergency preparedness and response plans and operational procedures;

(7) developing and conducting training programs for security guards to implement emergency preparedness and response plans and operations procedures; and

(8) developing procedures to respond to requests for information from the media or the public.

(b) Issuance and promotion

Any guidance or recommendations developed or best practices identified under subsection (a) shall be—

(1) issued through the Administrator; and

(2) promoted by the Secretary to the private sector.

(c) Small business concerns

In developing guidance or recommendations or identifying best practices under subsection (a), the Administrator and the Director of the Cybersecurity and Infrastructure Security Agency shall take into consideration small business concerns (under the meaning given that term in section 632 of title 15), including any need for separate guidance or recommendations or best practices, as necessary and appropriate.

(d) Rule of construction

Nothing in this section may be construed to supersede any requirement established under any other provision of law.

(Pub. L. 107–296, title V, § 523, as added Pub. L. 110–53, title IX, § 901(a), Aug. 3, 2007, 121 Stat. 364; amended Pub. L. 115–278, § 2(g)(4)(C), Nov. 16, 2018, 132 Stat. 4178; Pub. L. 117–263, div. G, title LXXI, § 7143(c)(1), Dec. 23, 2022, 136 Stat. 3662.)

Editorial Notes

Amendments

2022—Subsecs. (a), (c). Pub. L. 117–263 substituted “Director of the Cybersecurity and Infrastructure Security Agency” for “Director of Cybersecurity and Infrastructure Security”.

2018—Subsecs. (a), (c). Pub. L. 115–278 substituted “Director of Cybersecurity and Infrastructure Security” for “Assistant Secretary for Infrastructure Protection”.

Statutory Notes and Related Subsidiaries

Rule of Construction

Nothing in amendment made by Pub. L. 117–263 to be construed to alter the authorities, responsibilities, functions, or activities of any agency (as such term is defined in 44 U.S.C. 3502) or officer or employee of the United States on or before Dec. 23, 2022, see section 7143(f)(1) of Pub. L. 117–263, set out in a note under section 650 of this title.