alert - warning

This page has not been translated into Tiếng Việt. Visit the Tiếng Việt page for resources in that language.

Private Sector Entities Seeking a Priority-Rating Authorization

Private sector entities that manage critical infrastructure may need a priority rating authorization to secure their operations under the Defense Production Act (DPA).

This guide summarizes when and how private sector entities can apply for this authorization, especially in the context of national emergencies or to enhance critical infrastructure protection and restoration.

Eligible for Priority Rating Authorization

Critical Infrastructure

Systems and assets crucial to U.S. national security, economic security, public health, or safety. This includes both physical and cyber-based systems, such as:

  • Energy facilities
  • Water systems
  • Telecommunications
  • Health services

Protection

Measures taken to reduce threats, vulnerabilities, or the impacts of incidents like terrorist attacks.

Restoration

Efforts to return services and performance capabilities after they have been damaged or degraded.

Federal Oversight

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) coordinates national efforts to protect critical infrastructure.

This involves:

  • Collaborating with Sector Risk Management Agencies (SRMAs) responsible for specific sectors like energy, health, or transportation.
  • Assisting private entities and government levels to plan and mitigate risks.

Sector Risk Management Agencies (SRMAs)

Sector Sector Risk Management Agencies (SRMA)
ChemicalDepartment of Homeland Security (DHS)
Commercial FacilitiesDepartment of Homeland Security (DHS)
CommunicationsDepartment of Homeland Security (DHS)
Critical ManufacturingDepartment of Homeland Security (DHS)
Dams SectorDepartment of Homeland Security (DHS)
Defense Industrial Base SectorDepartment of Defense (DOD)
Emergency ServicesDepartment of Homeland Security (DHS)
Energy SectorDepartment of Energy (DOE)
Financial ServicesDepartment of the Treasury
Food and AgricultureU.S. Department of Agriculture (USDA) & Department of Health and Human Services (HHS)
Government Services and FacilitiesDepartment of Homeland Security (DHS) & General Services Administration (GSA)
Healthcare and Public HealthDepartment of Health and Human Services (HHS)
Information TechnologyDepartment of Homeland Security (DHS)
Nuclear Reactors, Materials, and WasteDepartment of Homeland Security (DHS)
Transportation SystemsDepartment of Homeland Security (DHS) & Department of Transportation (DOT)
Water and Wastewater SystemsEnvironmental Protection Agency (EPA)

How to Apply for a Priority Rating Authorization

Figure 42: Recovery may require protective measures for critical infrastructure operation
  • Determine Your Sector: Identify which sector your entity belongs to (e.g., Energy, Healthcare) and which SRMA oversees it.
  • Engagement with SRMA:
    • If already engaged with sector-specific risk management activities through your SRMA, initiate your request for priority rating authorization through them.
    • If not recognized by an SRMA but believe you qualify, contact the appropriate SRMA directly.
  • Making Your Request: In the priority rating authorization template, demonstrate that your operations are essential for national security or are at risk due to a national emergency or significant event. Provide details on any existing protection activities or the impacts of service disruptions.

Key Points to Remember

Engagement is Crucial

Active participation in sector risk management activities is expected for all critical infrastructure entities.

Documentation Matters

When applying, ensure your request is detailed, highlighting how your entity contributes to or impacts national security.

More Information

Graphic
Magnifying glass over a bar chart

Full Guidance

For details on priority rating authorizations for private entities, view the full guidance.

For more information or to start your authorization process, contact the relevant SRMA affiliated with your sector.