AWIA Risk and Resilience Assessment

Learn More

The Business Challenge

Serving large communities comes with a never-ending list of challenges, compliance being a core obstacle for many organizations. On October 23, 2018, America’s Water Infrastructure Act (AWIA) was added to the mix, mandating water systems serving more than 3,300 people conduct risk and resilience assessments and develop or update emergency response plans (or potentially face a penalty of up to $25,000 per day for non-compliance).

How We Help

With compliance comes deadlines — and Securance is committed to helping water utilities hurdle these obstacles with ease. We cover all cybersecurity aspects of AWIA compliance. Your final report will not only help your organization achieve compliance, but also set you on the path to truly secure cyber infrastructure.

Our risk and resilience assessment service includes:

  • Security controls review and gap analysis of the IT environment against NIST standards
  • Vulnerability and penetration tests of external and internal networks and applications
  • Detailed configuration reviews of supporting IT infrastructure, including firewalls, routers and switches, server operating systems, and databases
  • Assessment of the operational technology (OT) environment, including industrial control systems (ICS), distributed control systems (DCS), supervisory control and data acquisition (SCADA) systems, and advanced metering infrastructure (AMI)
  • Review of and updates to your organization’s cyber emergency response plan (ERP), including disaster recovery and incident response components


To learn more about our services and start your journey towards AWIA compliance, download our slip sheet or contact us today.

How it works

  1. Executive-level consultants provide hands-on leadership to ensure every project is a success. Each engagement is led by senior-level consultants with 20 or more years of experience.
  2. Our consultants leverage their experience to maximize efficiency. You can expect a board-ready draft report within one week after our assessment is done.
  3. In our reports, we translate technical findings into business risks that all stakeholders, in and outside of IT, can understand and appreciate.

Related Services


Our Latest Success