AWIA Risk and Resilience Assessment

Learn More

The Business Challenge

Serving large communities comes with a never-ending list of challenges, compliance being a core obstacle for many organizations. On October 23, 2018, America’s Water Infrastructure Act (AWIA) was added to the mix, mandating water systems serving more than 3,300 people conduct risk and resilience assessments and develop or update emergency response plans (or potentially face a penalty of up to $25,000 per day for non-compliance).

How We Help

For many organizations, compliance means pressure— in the form of deadlines, penalties, and reputational risk associated with noncompliance. Securance is committed to helping water utilities hurdle these obstacles with ease.

We are experts in all of AWIA’s cybersecurity requirements, and in the IT and operational technology (OT) systems water utilities depend on to deliver critical services. Your final report will not only help you achieve compliance, but will also set you on the path to truly secure cyber infrastructure.

Our risk and resilience assessment service includes:

Security Controls Review

We review the design and operating effectiveness of security controls across the technology environment, then perform a gap analysis against NIST standards, including the Cybersecurity Framework and Special Publications 800-53 and 800-82.

Technical Security Testing

We conduct vulnerability and penetration tests of external and internal networks and applications, as well as detailed configuration reviews of firewalls, network devices, and operating systems.

How it works

  1. Executive-level consultants provide hands-on leadership to ensure every project is a success. Each engagement is led by senior-level consultants with 20 or more years of experience.
  2. Our consultants leverage their experience to maximize efficiency. You can expect a board-ready draft report within one week after our assessment is done.
  3. In our reports, we translate technical findings into business risks that all stakeholders, in and outside of IT, can understand and appreciate.

Operational Technology (OT) Assessment

We review the security posture of the operational technology (OT) environment, including industrial control systems (ICS), distributed control systems (DCS), supervisory control and data acquisition (SCADA) systems, and advanced metering infrastructure (AMI).


Emergency Response Plan (ERP)

We review and, as necessary, update the cyber ERP, including disaster recovery and incident response components.


To learn more about our services and start your journey towards AWIA compliance, download our slip sheet or contact us today.

Related Services


Our Latest Success