Skip to main content Homepage

Water System Security

On this page:


As an outcome of the events of September 11th, 2001, there has been an increased effort to protect critical infrastructures at the national, state and local levels. Since drinking water has been identified as one of these critical infrastructures, it's no surprise that considerable attention is being focused on drinking water system security.

Historically, emergency response planning and security have been an integral part of water system operations, with the primary focus on natural disasters, system malfunctions and vandalism. Today, however, intentional acts of sabotage and terrorism must also be thrown into the mix. Whether the threat is international or domestic, water systems must begin to look at the security of their systems and incorporate scenarios and remedial actions into their emergency response planning to reflect these new concerns.

Drinking Water Services (DWS) has developed this site to assist water systems in understanding new regulations that might affect them and to centralize the growing body of information and resources available to assist them in staying current.

Rules & Regulations

State:  DWS adopted new rules (i.e., PDF iconOAR 333-061-0064 (pdf)) on October 25th, 2002, requiring all public water systems to have a written emergency response plan which incorporates the results of a Security Vulnerability Assessment (SVA). Learn more about Oregon's drinking water rules here. The requirements are listed below:
Federal:  The Bioterrorism Act of 2002 requires all community water systems with a population over 3,300 to complete SVAs and submit them directly to the U.S. Environmental Protection Agency (EPA). Do not submit them to DWS or the counties. Within six months of the federal deadlines, these water systems must also develop or revise an existing ERP and incorporate the results of their SVAs. See Table 1 below for the submittal schedule:

Table 1. EPA Security Vulnerability Assessment Schedule

Assessment: Due Date
Due Date
3,301 - 49,999 June 30th, 2004 Dec. 31st, 2004
50,000 - 99,999 Dec. 31st, 2003 June 30th, 2004
100,000 or more Mar. 31st, 2003 Sept. 30th, 2003

Instructions for complying with and submitting a vulnerability assessment are available on EPA's Water Security website. On this website you will also find a Vulnerability Assessment factsheet that summarizes the key points that an assessment must address along with guidance tools.

Some of the SVA tools recognized by EPA that can be utilized include the following:

Security News

The following websites provide news and information on water system and infrastructure security, risk management and emergency preparedness:


The following resources are available to assist public water systems in complying with Emergency Response Planning (ERP) and Security Vulnerability Assessment (SVA) issues:

Your browser is out-of-date! It has known security flaws and may not display all features of this and other websites. Learn how