THIRA/SPR
The Federal Emergency Management Agency requires that all Homeland Security Grant Program recipients annually submit a Threat and Hazard Identification and Risk Assessment (THIRA) and Stakeholder Preparedness Review (SPR), an in-depth evaluation of a jurisdiction’s ability to address identified terrorism threats, natural hazards and technological incidents. Haystax’s experienced project managers and analysts utilize best practices and lessons learned from supporting dozens of state and local THIRAs/SPRs nationwide over the last decade to guide jurisdictions through this complex process. We offer extensive research and analysis in the areas of developing threat and hazard scenarios; identifying expected impacts; establishing and/or updating standardized and non-standardized capability targets; and supporting assessment of the jurisdiction’s capabilities, gaps and gap-closing strategies in the context of the capability targets. Our THIRA/SPR consulting services provide holistic project management support, including stakeholder identification and engagement, schedule management, workshop planning and facilitation and process and knowledge documentation.
Facility Assessments
Security assessments are an ideal tool for evaluating existing physical facilities. The Haystax assessment will compare your physical security program to community best practices and security standards, determine the likelihood and consequences of various threats and identify ways to narrow any security gaps.
Our experienced on-site assessment team relies on a combination of observations during on-site visits, plus documentation reviews and interviews with site managers, staff and other stakeholders. The assessment report will include a summary of findings, focused on strengths and vulnerabilities, and a list of recommended security upgrades or policy changes.
With a Haystax assessment, you can be confident that your facilities are protected from their biggest known threats – and the unknown ones, too.
Cyber Risk Analysis
Most organizations have not assessed the buildings and operations that use their information security systems every day, and therefore do not have a concrete connection between their cyber risk and other non-IT risks. Haystax will apply its proprietary Cyber Risk Analysis tool to rapidly assess and prioritize information security assets. Once the assessment has been completed, Haystax will provide the risk profiles of the systems and critical facilities and help an organization identify gaps, optimally allocate resources and inform its cybersecurity strategy.
