In order to assess potential impacts on customer employees, patrons, operations, and facilities, the threat agents are considered in terms of the agent identity, the amount and form of the agent, the delivery mechanism, where an event occurred in the customer's process, and the intended target. These factors are collectively specified as “Scenarios.” To maintain consistency between scenarios, a fixed structure is usually imposed upon the scenario description. The structure consisted of the following data elements:

• Agent (name, form, other defining characteristics)
• Amount
• Container
• Process Location (where the event occurs)
• Action (type of release - e.g., disperses into the air, explodes, aerosolizes)
• Event/operation that initiates the release (e.g., falls, is hit, is ignited, is compressed in equipment)
• The scenarios cover single events, as well as multiple events, the latter suggesting a coordinated attack. Scenario targets can include the customer's employees, its patrons, and  its operations and facilities.

Sample Scenarios

• Anthrax, powdered spores treated to maximum dispersibility, 1 gram total; contained in one letter; in a processing facility; small amounts of spores are blown around; during processing on equipment
• GB (Sarin), 600 grams diluted to 30 percent in acetonitrile, in a small nylon/polyethylene bag sealed inside another bag and wrapped in newspaper, on a subway train, leaks a puddle of diluted Sarin which rapidly evaporates and disperses into the air, after it is punctured by the sharpened tip of an umbrella.

These scenarios are based on published details of the 2002 anthrax attacks on the U.S. Postal System and the 1995 Tokyo subway attacks, respectively. They illustrate the details required to evaluate the scenario against the various criteria.