What is the CARVER Target Analysis and Vulnerability Assessment Methodology?
The CARVER Target Analysis and Vulnerability Assessment Methodology is a system which uses specific procedures, that are both qualitative and quantitative in nature, to interpret and determine the Probability of Attack (Pa) from an adversary against critical infrastructure assets and/or key resources.
CARVER distinguished itself as an offensive target assessment tool, originally developed for use by the U.S. military and the Intelligence Community for evaluating the vulnerabilities of enemy assets and determining how best to exploit those vulnerabilities to attack a target. It utilizes a numerical ranking matrix to identify vulnerable components of an infrastructure. Each asset is assigned a numerical value between 1-5 (5 being the most severe) which is then measured against other assets.
Utilized by the U.S. Department of Homeland Security (DHS), as well as NATO and the United Nations security forces, CARVER is considered by many security experts to be the definitive assessment tool for protecting critical assets.
Become a Certified CARVER Assessment Professional (CCAP)
Earn this designation upon completion of the online CARVER Target Analysis and Vulnerability Assessment Training Course. You will be emailed a certificate, which is also valid for continuing education units for ASIS-International CCP members.GET CERTIFIED!
Welcome to the "Fundamentals of the CARVER Target Analysis and Vulnerability Assessment Online Training Course."
If you have any responsibility for the safety and security of the people and/or assets of an organization, you should be very familiar with the CARVER Methodology.
Why do I need to understand the CARVER Methodology?
- Provides measurements of effectiveness for your current security posture
- Allows for a standardization of security measures
- Assists in the allocation and justification of security budgets
- Offers Design-Basis-Threat (DBT) scenarios to assist with emergency preparedness and crisis management training
- Outlines a threat spectrum between the likelihood and impact of an attack
- Identifies and prioritizes key assets within your organization
- Analyzes estimated recovery times should an incident occur
- Positioning yourself in the industry so that you are consistently growing your brand and snowballing your income
- Much more…
"Our nation’s critical infrastructure and key resources (CIKR) continue to be vulnerable to a wide variety of threats. Because the private sector owns the vast majority of the nation’s CIKR - banking and financial institutions, commercial facilities, telecommunications networks, and energy production and transmission facilities, among others - it is vital the public and private sectors work together to protect these assets and system.”
- The Report on Critical Infrastructure Protection, The Government Accountability Office (GAO)
“The CARVER Target Analysis and Vulnerability Assessment Methodology is one of the most effective tools that a security professional can use to identify and evaluate weaknesses in a critical infrastructure system. It is an efficient process, which produces a numeric score against assets, to determine their probability of being attacked. It allows the person conducting the assessment to examine a potential target through the eyes of an aggressor. I first learned about CARVER during my time in Vietnam, where it was used by both the intelligence and the special operations communities. It is time tested and it works.”
General James L. Jones, Former U.S. National Security Advisor to the President of the United States, Former Supreme Allied Commander Europe and Combatant Commander USEUCOM, 32nd Commandant of the Marine Corps