CISA Publishes Update to the Infrastructure Resilience Planning Framework

The Cybersecurity and Infrastructure Security Agency (CISA) released an updated Infrastructure Resilience Planning Framework (IRPF) today to better help state, local, tribal, and territorial (SLTT) planners manage risk to critical infrastructure systems and enhance their resilience. First released in 2021, today’s update to the IRPF adds important new resources and tools to better support partners as they face an evolving threat environment.

What is the IRPF 1.1? 

The IRPF is a framework that enables users to identify critical infrastructure, assess related risks, and develop and implement resilience solutions. The framework helps them understand interconnected infrastructure systems and can be incorporated into many types of plans such as economic development, capital improvement plans, hazard mitigation, and emergency response/recovery. The IRPF’s audience is state, local, tribal, and territorial governments, regional planning commissions, infrastructure owners and operators, and large manufacturing clusters.

The main changes featured in the 1.1 updated include:

    • Creation of a new tool for identifying critical infrastructure, the Datasets for Critical Infrastructure Identification guide.
    • Added guidance on the challenges of getting a diverse set of opinions when planning.
    • New information regarding the Drought planning guide.
    • Additional clarity on PPD-21.
    • More information regarding existing ISD assessment program.
    • Increased references to other existing tools and CISA programs.

The IRPF 1.1 will be posted to

Questions, Comments, and Follow-ups 

If you have questions, comments, or would like to receive a presentation, feel free to email us at

Steve Lyddon
Protective Security Advisor, Region 5, Illinois
Cybersecurity and Infrastructure Security Agency
U.S. Department of Homeland Security
Cell:  217-299-3954 |