(a)
(b)
(A) Identification and evaluation of critical assets and infrastructures.
(B) Identification of the threats to those assets and infrastructures.
(C) Identification of weaknesses in physical security, security against cybersecurity risks, passenger and cargo security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, contingency response, and other areas as determined by the Secretary.
(2) Upon completion of an assessment under this subsection for a facility or vessel, the Secretary shall provide the owner or operator with a copy of the vulnerability assessment for that facility or vessel.
(3) The Secretary shall update each vulnerability assessment conducted under this section at least every 5 years.
(4) In lieu of conducting a facility or vessel vulnerability assessment under paragraph (1), the Secretary may accept an alternative assessment conducted by or on behalf of the owner or operator of the facility or vessel if the Secretary determines that the alternative assessment includes the matters required under paragraph (1).
(c)
(1) make a current copy of the vulnerability assessment conducted under subsection (b) available to the port authority with jurisdiction of the facility and appropriate State or local law enforcement agencies; and
(2) integrate, to the maximum extent practical, any security system for the facility with compatible systems operated or maintained by the appropriate State, law enforcement agencies, and the Coast Guard.
Editorial Notes
Amendments
2018—Subsec. (b)(1). Pub. L. 115–254, §1805(d)(1)(A), struck out "and by not later than December 31, 2004" after "subsection (a) of this section" in introductory provisions.
Subsec. (b)(1)(C). Pub. L. 115–254, §1805(d)(1)(B), inserted "security against cybersecurity risks," after "physical security,".
2010—Subsec. (c). Pub. L. 111–281 added subsec. (c).
2004—Subsec. (b)(1). Pub. L. 108–458 substituted "and by not later than December 31, 2004, the Secretary" for ", the Secretary" in introductory provisions.
Statutory Notes and Related Subsidiaries
Effective Date of 2018 Amendment
Pub. L. 115–254, div. J, §1805(d)(3), Oct. 5, 2018, 132 Stat. 3535, provided that: "The amendments made by this subsection [amending this section and section 70103 of this title] shall apply to assessments or security plans, or updates to such assessments or plans, submitted after the date that the cybersecurity risk assessment model is developed under subsection (a) [46 U.S.C. 70112 note]."
Coordination with TSA on Maritime Facilities
Pub. L. 115–254, div. J, §1803, Oct. 5, 2018, 132 Stat. 3533, provided that: "The Secretary of Homeland Security shall—
"(1) provide the Administrator of the TSA [Transportation Security Administration] with updates to vulnerability assessments required under section 70102(b)(3) of title 46, United States Code, to avoid any duplication of effort between the Coast Guard and the TSA; and
"(2) identify any security gaps between authorities of operating entities within the Department of Homeland Security that a threat could exploit to cause a transportation security incident (as defined in section 70101 of title 46, United States Code)."
Definitions
Pub. L. 115–254, div. J, §1802, Oct. 5, 2018, 132 Stat. 3533, provided that: "In this division [see section 1801 of Pub. L. 115–254, set out as a Short Title of 2018 Amendment note under section 101 of this title]:
"(1)
"(A) the Committee on Commerce, Science, and Transportation of the Senate;
"(B) the Committee on Homeland Security and Governmental Affairs of the Senate;
"(C) the Committee on Homeland Security of the House of Representatives; and
"(D) the Committee on Transportation and Infrastructure of the House of Representatives.
"(2)