at a PV Water
system turnout in
a strawberry field.
Photo courtesy of
What Makes an AWIA
Emergency Response Plan
By Stephen B. Baruch, D.Env., Marie Shadden,
Pacia Diaz, Ph.D. and Scott Thomas, Ph.D.
UTILITIES ARE ASKING HOW the American Water Infrastructure Act (AWIA) changed the
Emergency Response Plan (ERP). How is it different from pre-AWIA emergency plans? The
AWIA ERP is not just about what to do during an emergency incident. The ERP aligns with
the findings of the Risk and Resilience Assessment (RRA) to implement emergency preparedness. The
recommended risk mitigation measures that are listed in the RRA become a key part of the preparedness
section of the ERP.
One of the main goals of the
RRA is to identify the risks the
utility is exposed to and ultimately
identify options that can mitigate
undesirable consequences. Identi-fying
risk and potential mitigation
strategies before an event occurs
is a vital step that results in huge
dividends during times of crisis
During the RRA process, a
utility first identifies and char-acterizes
the likelihood of both
asset-specific and system-wide
threats and then quantifies the
consequences of disruption should
they occur. Based on this analysis,
the RRA includes recommended
actions, procedures, and equip-ment
that lessen the impact of a
malevolent act or natural hazard
on the public health, safety and
supply of drinking water provid-ed
to the community (US EPA,
2019). To align the RRA and ERP
and ensure coherent risk reduction
and emergency preparedness, the
RRA’s preliminary risk reduction
measures are subsequently incor-porated
into the ERP (Figure 1).
This is especially important be-cause
the ERP formalizes the util-
DOS and DON’TS
Here are some DOS and DON’TS based on AARC Consultants’
experience developing RRAs and ERPs with dozens of water
• DO identify known threats to critical assets and quantify
the likelihood and consequences of these threat events
to determine the degree of risk.
• DO include both IT and SCADA systems within the
• DO identify assets and strategies to use to mitigate
• DON’T treat the RRA and ERP development as a check-the-
box compliance requirement.
• DO have specific plans in place to deal with specific
threat events as they affect specific critical assets.
Utility staff need a playbook.
• DON’T create such a large and dense ERP that it
becomes unusable. Do make it accessible.
• DO incorporate the ERP into training and exercises.
Do make these learning opportunities interesting and
• DO protect this sensitive information. Don’t enable
Figure1: A Utility’s Path Toward Resilience