DHS defines Risk = Threat + Vulnerability + Consequences.

How you will be scored: The Investment Justification asks the applicant to describe findings from previously conducted risk assessments, including A) Threats, B) Vulnerabilities, and C) Potential Consequences of an attack. (2,200 character limit not including spaces) The information provided will be scored based on the indication of an understanding of the organization’s risk, including threat and vulnerabilities, as well as potential consequences of an attack. Out of 40 points, this section is worth 12 possible points, four for each component.


Threat = hazards, environment, profile and/or reasons that an attack might occur.

In considering threat, the applicant should discuss the identification and substantiation of prior threats or attacks against the nonprofit organization or closely related organization by a terrorist organization, network, or cell. A threat (hazard) is any indication, circumstance, or event with the potential to cause loss of, or damage to an asset. The applicant should also discuss findings from risk assessment, police findings, and/or insurance claims.


Approaching risk and threat assessments. From FEMA’s “Guide for Developing High Quality Emergency Operations Plans for Houses of Worship”

Since the NSGP was designed to counter terrorist threats, your answer to this section should focus on terrorist-based threats.

Use this information together with the  Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions.

  • Generalized threat. This section should demonstrate that you understand that you can adapt lessons learned from terrorist events around the world in order to identify threats to your facility. What did you learn from recent attacks, both against Jewish targets and others?
  • Types of threats. Our adversaries have a wide variety of weapons and tactics that they can use to achieve their objectives. Terrorists can be active shooters or use sharp-edged weapons, explosive devises, arson, mail and package attacks and other methods. Your answer for this section  should reflect your awareness of such threats, list them and relate them to incident. For example, the shootings at a synagogue in Copenhagen and Har Nof in Jerusalem, the Jewish Center in Kansas City and the Jewish museums in Brussels  and Washington, DC show the threat of active shooters. The stabbing at Chabad headquarters in Brooklyn and multiple attacks in Israel are a reminder that hostile intruders present ongoing dangers. The Riverdale and Manhattan bomb plots are exhibits of the continuing threat of improvised explosive devices and guns. The AQAP toner cartridge bombs addressed to synagogues in Chicago show the threat related to mail and packages.Likelihood. Experts advise security planners to weigh the differing threats and address those most likely first. One conclusion that can be gleaned from recent terrorist attacks is that the threats of active shooters and other hostile intruders are high, followed by improvised explosive devices and vehicle-borne IED’s, followed by mail or package bombs.
  • Likelihood. Experts advise security planners to weigh the differing threats and address those most likely first. One conclusion that can be gleaned from recent terrorist attacks is that the threat of active shooter and other hostile intruder attacks is high, followed by improvised explosive devices (IED) and vehicle-borne IED’s and then  mail or package bombs. Security planners should devote more resources to higher-likelihood threats.
  • Supplying Focus. While any kind of “previously conducted risk assessments” are accepted as sufficient, not all risk assessments connect the dots in the way presented above. In fact, a crime prevention survey basically looks at a single threat: crime (although the vulnerabilities identified in a crime prevention survey often overlap some of the vulnerabilities associated with terrorism) . Applicants who do not secure sophisticated surveys will have to supplement their existing survey to include the various terrorist threats.
  • Other resources.
    • Click here to see the definitive JFNA Threat Chronology, by Rob Goldberg (an update is in process).
    • For an excellent compendium of the recent events targeting the Jewish community see Steve Emerson’s, Past Plots Help Explain New Concerns Over Jewish Targets in IPT News, March 7, 2012.
    • The generalized threat can include a geographic component. Note that New York City is a prime terrorist target and that Jewish institutions are especially at risk. See “Nearly half of extremist plots in NYC aim at Jewish targets” from Reuters.
    • The threat increases in certain neighborhoods due to the high concentration of Jewish institutions. Organizations located in Williamsburg and Crown Heights can cite a 60 Minutes interview with Abdul Rahman Yassin (a participant in the first World Trade Center bombing) aired on June 2, 2009: “[Yousef] told me, ‘I want to blow up Jewish neighborhoods in Brooklyn.'” But after scouting Crown Heights and Williamsburg, Yasin says, Yousef had a better idea.
      “Ramzi Yousef told us to go to the World Trade Center… ‘I have an idea we should do one big explosion rather than do small ones in Jewish neighborhoods,'” If there are multiple Jewish institutions located in the same area you can include that yours is one of a cluster of institutions.
    • Note: the application reviewers know full well that Jewish organizations are under a generalized threat. In this section you should demonstrate (through these and other sources) that you understand the generalized risk and discuss how it might impact on your organization/institution.

Organization or site-specific threat. Specific, documented threats to your organization will help to distinguish your organization and lead to a better “score”.

  • Incidents ranging from bomb threats to anti-Semitic graffiti should be included in the documentation supporting your risk profile.While such incidents may not have been perpetrated by terrorists, they do show that your building or organization has attracted unwanted attention.
  • Note that the incident was reported to the police and/or insurance company. Include the date of the incident and to where the report was made. Dates and details can make the difference between a thorough and a partial answer.
  • You should also document if there is something that makes your building particularly attractive to terrorists, e.g., widely recognizable architectural design, location or the presence of high-risk occupants. Outspoken and prominent leaders may add to the threat profile.
  • Jewish organizations can state that they are at a high risk of terrorist attacks due to their ideology, beliefs and mission.

Up to 4 points.


Vulnerability = physical and operational weaknesses that may be exploited during an attack.

In considering vulnerabilities, the applicant should discuss the organization’s susceptibility to destruction, incapacitation, or exploitation by a terrorist attack. See Table 2 in DHS’ Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities  for more specifics.

  • Common vulnerabilities include:
    • open access (to services, classrooms and peripheral areas and siting in urban environments)
    • Lack of access controls (Your physical and human access controls should support procedures based on defined policies.)
    • Unprotected utilities.

In answering this section, transfer the key findings from your risk/vulnerability assessment. For example:

  • Existing access controls do not deny, limit or impede forced entry attempts or unauthorized entry.
  • The facility does not have CCTV monitoring equipment capable of detecting hostile surveillance.
  • There are many areas both inside and outside the facility where someone or something can be hidden or stowed in attempts to incur damage.
  • Current lighting levels around the facility are not  adequate to deter and/or detect hostile activity or persons.
  • In the event that a lockdown is necessary, many of the building’s internal doors are incapable of being locked from the inside.
  • Current emergency plans are inadequate and do not specify appropriate policies and procedures to mitigate or manage all security concerns and/or emergency situations.

Remember: This section establishes the need for the equipment and training requests in the Target Hardening section below.

Up to 4 points.

Potential Consequences

Consequences = impact on lives and operations if your vulnerabilities are exploited.

In considering potential consequences, the applicant should discuss potential negative effects on the organization’s assets (both human and physical), system, and/or network if damaged, destroyed, or disrupted by a terrorist attack

Your answer should be site-specific and reflect the circumstances making a building susceptible to attack, identify building weaknesses and lack of redundancy. Such weaknesses lead to an organization’s susceptibility to destruction, incapacitation, or exploitation by a terrorist attack.

In the Background section above, you wrote about your membership and programs. It is important to convey how a terrorist attack would impact on the delivery of services for the range of services offered to your various constituencies.

Up to 4 points.

Check out how to answer other sections of the Investment Justification by clicking the index to the left.