Risk & Resilience Assessment & Emergency Response Plan Updates

America’s Water Infrastructure Act of 2018, signed into law as Public Law No: 115-270 on October 23, 2018, expanded the requirements for water utilities to maintain and update their security plans. Water utilities must conduct risk and resilience assessments and revise emergency response plans (ERPs) every five years under this act.


Systems serving 100,000 people or more must submit their initial certifications by March 31, 2020; systems serving 50,000 to 100,000 people, by December 31, 2020; and systems serving between 3,300 and 50,000 people, by June 30, 2021. An ERP is also required within six months following completion of the RRA that address how the system would respond to threats addressed in the assessment.


Our team at St.Germain has training and experience to complete your these required documents. The lead on this team, Keith Taylor, attended US EPA Risk Assessment Methodology for Water (RAM-W) training and completed RRAs and ERPs for nine water utilities in Maine with populations from 4,400 to over 34,000 between 2004 and 2006.  Most recently, St. Germain is in the process of updating the RRA and ERP for the Kennebunk, Kennebunkport, and Wells Water District for the third time.

Our assessment will: 

identify threats, vulnerabilities, and consequences; evaluate threat-asset pairs, risk to utility, and cost-effective measures to reduce risk and vulnerability; assess the resilience of pipes and constructed conveyances, physical barriers, source water, water collection, and intake, pretreatment, treatment, storage and distribution facilities; and, appraise the resilience of monitoring practices; financial infrastructure; the use, storage, and handling of various chemicals; and the overall operation and maintenance of the system.

St.Germain will implement the VSAT 6.0 software program preferred by the USEPA, resulting in documents that will meet or exceed the requirements. Various threat, consequence, and countermeasure scenarios will be completed to determine the vulnerability of each asset, and the most effective new countermeasures that should be employed, if needed.