An Intensive 5-day Training Course
API 780: Security Risk Assessment (SRA) for Petroleum,
Petrochemical & Energy Infrastructure
Advanced Risk-Based Security Assessment, Threat Analysis, and
Infrastructure Protection Using the API 780 Methodology
Scheduled Dates
Online
| 17-21 Aug 2026 | Online | $3,950 | RESERVE A SEAT |
| 16-20 Aug 2027 | Online | $3,950 | RESERVE A SEAT |
Would an alternative date be more suitable?
We offer a variety of tailored training options, customized to meet your organisation's needs. Delivered anytime, anywhere, we make it easy to bring expert training directly to your team.
Why Choose this Training Course?
This API 780: Security Risk Assessment (SRA) for Petroleum, Petrochemical & Energy Infrastructure training course provides an advanced and structured understanding of the Security Risk Assessment (SRA) methodology developed by the American Petroleum Institute for the protection of petroleum, petrochemical, and energy infrastructure. This training course enables professionals to apply a systematic and risk-based methodology to identify, evaluate, and mitigate security threats affecting critical industrial facilities and hazardous material systems.
The oil and gas industry operates complex infrastructure that may be exposed to intentional threats including terrorism, sabotage, insider threats, cyber intrusion, theft of hazardous materials, and deliberate disruption of supply chains. API 780 provides a structured methodology for identifying critical assets, evaluating adversary capabilities and motivations, assessing vulnerabilities, and determining the appropriate level of security countermeasures. This training course provides practical guidance on applying the five-step SRA methodology to real-world industrial facilities including refineries, petrochemical plants, pipeline networks, storage terminals, and energy distribution infrastructure.
Participants will gain practical expertise in threat intelligence analysis, asset characterization, scenario development, vulnerability assessment, risk ranking, and security mitigation planning. The training course also addresses integration of SRA results with existing process safety management systems, emergency preparedness frameworks, and enterprise risk management practices to enhance the resilience and protection of critical infrastructure.
This API 780: Security Risk Assessment (SRA) for Petroleum, Petrochemical & Energy Infrastructure training course will highlight:
- Applying the API 780 five-step Security Risk Assessment methodology
- Identifying and prioritizing critical assets and infrastructure dependencies
- Evaluating threats, adversaries, and credible attack scenarios
- Conducting vulnerability assessments and security risk ranking
- Developing layered security countermeasures and risk mitigation strategies
What are the Goals?
At the end of API 780: Security Risk Assessment (SRA) for Petroleum, Petrochemical & Energy Infrastructure this training course, you will learn to:
- Understand API 780 security risk assessment methodology
- Identify critical assets and infrastructure dependencies
- Analyse threats, adversaries, and attack scenarios
- Evaluate vulnerabilities and security risk levels
- Develop effective security mitigation strategies
Who is this Training Course for?
Security risk assessment and infrastructure protection require multidisciplinary collaboration among security, operations, engineering, and safety professionals. This training course provides a structured methodology that supports professionals responsible for protecting critical industrial facilities and managing security risks affecting hazardous material operations.
This API 780: Security Risk Assessment (SRA) for Petroleum, Petrochemical & Energy Infrastructure training course is suitable to a wide range of professionals but will greatly benefit:
- Security and Infrastructure Protection Professionals
- Process Safety and Risk Management Engineers
- Operations and Plant Management Personnel
- Asset Integrity and Reliability Engineers
- Emergency Response and Crisis Management Professionals
- Engineers and Specialists Involved in Facility Risk Assessments
How will this Training Course be Presented?
This training course is delivered through expert-led technical presentations, structured discussions, and detailed case-based analysis of security events affecting petroleum and petrochemical facilities. Participants will learn how the API 780 methodology is applied in practice through real-world examples involving asset characterization, threat evaluation, vulnerability identification, risk ranking, and the development of countermeasure strategies. Industry best practices, regulatory frameworks, and lessons learned from major security incidents are integrated throughout the training course.
Organisational Impact
Organizations that send their employees to this training course will significantly enhance their ability to manage security risks affecting critical energy infrastructure.
- Improved capability to conduct structured security risk assessments
- Enhanced protection of critical infrastructure and hazardous material assets
- Better prioritization of security investments and mitigation measures
- Improved integration between security, safety, and operational risk management
- Strengthened resilience against intentional attacks and malicious activities
- Increased compliance with international security and infrastructure protection standards
Personal Impact
Participants attending this training course will strengthen their professional expertise in security risk assessment and infrastructure protection.
- Deeper understanding of industrial security risk management frameworks
- Enhanced ability to identify threats and vulnerabilities in complex facilities
- Practical skills in applying structured risk assessment methodologies
- Improved competence in evaluating and prioritizing security risks
- Stronger capability to design and recommend mitigation strategies
- Expanded professional expertise in security management for energy infrastructure
Daily Agenda
Day One: Security Risk Management in the Petroleum & Energy Sector
- Security threats and risk drivers affecting energy infrastructure
- Overview of the API 780 Security Risk Assessment methodology
- Risk management principles for industrial security
- Understanding the security risk equation (Threat × Vulnerability × Consequence)
- Security events affecting petroleum facilities (release, theft, sabotage, disruption)
- Types of adversaries and threat actors affecting energy infrastructure
- Integration of security with process safety and operational risk management
- Overview of the five-step API SRA methodology
Day Two: Asset Characterization and Critical Infrastructure Analysis
- Step 1 of API 780: Characterization of facilities and operations
- Identification of critical assets in petroleum and petrochemical operations
- Analysis of asset functions, hazards, and operational importance
- Identification of infrastructure dependencies and interdependencies
- Evaluation of potential consequences of asset compromise
- Consequence analysis including safety, environmental, economic, and reputational impacts
- Ranking asset criticality using consequence severity criteria
- Screening assets for inclusion in detailed security risk assessment
Day Three: Threat Identification and Adversary Analysis
- Step 2 of API 780: Threat assessment methodology
- Identification of potential adversaries and threat categories
- Analysis of adversary capabilities, motivation, and intent
- Evaluation of historical threat information and intelligence sources
- Threat ranking criteria and threat scoring methodologies
- Asset attractiveness analysis from the adversary perspective
- Development of credible threat–asset pairings
- Determination of likelihood of attempted attacks
Day Four: Vulnerability Assessment and Security Risk Evaluation
- Step 3 of API 780: Vulnerability assessment methodology
- Identification of vulnerabilities in facility design and operations
- Evaluation of existing security countermeasures and safeguards
- Application of layered protection strategies (deter, detect, delay, respond, recover)
- Development of credible attack scenarios for critical assets
- Evaluation of likelihood of successful attack execution
- Step 4 of API 780: Risk analysis and risk ranking
- Application of security risk matrices and prioritization of risk scenarios
Day Five: Risk Treatment, Security Countermeasures and Strategic Protection
- Step 5 of API 780: Risk treatment and mitigation planning
- Identification of security countermeasure strategies
- Evaluation of countermeasure effectiveness and reliability
- Cost-benefit analysis for security investments
- Determination of residual risk and verification of risk reduction
- Prioritization of security improvements and mitigation measures
- Integration of SRA results into facility security plans and management systems
- Continuous monitoring, review, and periodic reassessment of security risks
Certificate
- On successful completion of this Training Course / Online Training Course, a PetroKnowledge Certificate / E-Certificate will be awarded to the delegates.
