The National Aeronautics and Space Administration (NASA) Principal Advisor for Enterprise Protection (PAEP) was appointed to provide security requirements, restrictions and safeguards for implementing NASA programs, projects, and organizations as a means to protect NASA Strategic Critical Capabilities and Technologies (SCCAT), and ultimately, national security.
Cardno helped the first PAEP develop the organizational and operational framework and work execution processes to implement the Enterprise Protection Program (EPP).
Cardno also provided expertise across policy developments, procedural requirements, management processes, decision-support methods, information and training, and recommendations for strategic implementation.
The EPP is the cross-Agency program providing independent assessment and oversight to address protection, vulnerability, susceptibility, and mitigation assessments of NASA missions and activities. The program identified and introduced protection recommendations into existing NASA requirements, budgeting acquisition, and cooperation development processes.
Cardno’s work on the EPP, assisted in the development of the preliminary policy directive for NASA Programs and Projects to identify and interpret malicious threats and to assess potential protection options. The EPP was also designed to support Programs and Projects by communicating identified risk to SCCAT with industry, vendors, contractors, and external partner organizations, both nationally and internationally.
During the early stages of the EPP, the PAEP engaged subject matter experts to conduct vulnerability, susceptibility, and mitigation assessments of NASA missions and activities, and advised the NASA Administrator on findings, results and implications of such assessments.
With Carndo’s support, the first PAEP reviewed the range of options available to address malicious threats to SCCAT inherent in NASA systems considered so vital to the United States, that their incapacitation or destruction would have a debilitating effect on national security. Potential strategies and plans to counter malicious threats, including resiliency, restitution, disaggregation and other appropriate concepts were evaluated.