National Risk Management Act of 2023

National Risk Management Act of 2023

This bill requires the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security (DHS) to establish a recurring process to identify and assess risks to critical infrastructure and requires the President to deliver to Congress a national critical infrastructure resilience strategy designed to address the risks identified.

The process shall include elements to

• collect relevant information from Sector Risk Management Agencies relating to the threats, vulnerabilities, and consequences related to the particular sectors of such agencies;
• allow critical infrastructure owners and operators to submit relevant information to DHS for consideration; and
• outline how DHS will solicit input from other federal departments and agencies.

DHS must brief the Senate and House homeland security committees on

• the national risk management cycle activities undertaken pursuant to the strategy, and
• the amounts and timeline for funding that DHS has determined would be necessary to address risks and successfully execute the full range of activities proposed by the strategy.