FY 2025 Nonprofit Security Grant Program Frequently Asked Questions

General Program Questions

1. What is the purpose of the FY 2025 Nonprofit Security Grant Program?

The Fiscal Year (FY) 2025 Nonprofit Security Grant Program (NSGP) is one of the grant programs that support the U.S. Department of Homeland Security (DHS)/Federal Emergency Management Agency’s (FEMA) focus on enhancing the ability of state, local, tribal, and territorial governments, as well as nonprofit organizations, to prevent, protect against, prepare for, and respond to terrorist or other extremist attacks. These grant programs are part of a comprehensive set of measures authorized by Congress and implemented by DHS to help strengthen the nation’s communities against potential terrorist or other extremist attacks. The NSGP provides funding to nonprofit organizations at high risk of a terrorist or other extremist attack for facility hardening and other physical security enhancements and activities.

2. What legislation authorized funding for the FY 2025 NSGP?

The program is authorized by the Full-Year Continuing Appropriations and Extensions Act, 2025, Pub. L. No. 119-4, § 1101.

3. How much funding is available under the FY 2025 NSGP?

The total amount of funds available under the FY 2025 NSGP is $274.5 million:

• $137.25 million for NSGP-Urban Area (UA); and
• $137.25 million for NSGP-State (S).

4. What are the changes in funding levels between FY 2024 and FY 2025?

The FY 2025 funding level for NSGP is the same as the original FY 2024 appropriation, $274.5 million. $180 million in supplemental funding was later added to the FY 2024 funding opportunity. Of the $274.5 million in FY 2025, $137.25 million is allocated to the NSGP-UA program, and $137.25 million is allocated to the NSGP-S program.

5. What is the difference between NSGP-UA and NSGP-S?

NSGP-UA provides funding to nonprofit organizations located within an FY 2025 designated high-risk urban area. NSGP-S provides funding for nonprofit organizations located outside of FY 2025 designated high-risk urban areas.

The FY 2025 NSGP Notice of Funding Opportunity (NOFO) includes a list of the FY 2025 designated high-risk urban areas. 

6. When will the FY 2025 NSGP NOFO be released, and where will it be located?

The FY 2025 NSGP NOFO was released on July 28,, and is available online at  www.grants.gov.

7. Who is eligible to apply for FY 2025 NSGP funds?

The State Administrative Agency (SAA) is the only entity eligible to apply for FY 2025 NSGP funds. The SAA applies to FEMA on behalf of eligible nonprofit organizations (subapplicants) that are at high risk of terrorist or other extremist attack. 

8. How do nonprofit organizations apply?

Eligible nonprofit organizations must apply to their SAA for NSGP funds. Nonprofit organizations may not apply to FEMA directly. 

The SAA is the only eligible applicant and submits applications to FEMA on behalf of nonprofit organizations (subapplicants). Contact your SAA for information on how to apply.

9. What is the application period and deadline?

The application period started when the FY 2025 NSGP NOFO was released on July 28. The application deadline for nonprofit organizations is determined by your SAA. Contact your SAA for details on the application deadline.

10. What is a period of performance (POP) for the NSGP?

The POP is the amount of time you have to complete your proposed projects. For the NSGP, the POP for the SAA is 36 months. SAAs generally impose a shorter POP for nonprofit organizations, so it is important to check with your SAA. The POP also includes any Environmental and Historic Preservation (EHP) considerations required for the project, if applicable. For more information on the EHP process, consult the Subapplicant Quick Start Guide. 

The NSGP is a reimbursement grant. Only expenditures incurred during the POP listed in your subaward documentation from the SAA are allowable.

11. What other resources are available to address general programmatic, technical, and financial questions?

    • For general questions regarding preparedness grant programs, please contact the FEMA Grants News at (800) 368-6498 or by e-mail at fema-grants-news@fema.dhs.gov, 9 a.m. – 5 p.m. Eastern Time, Monday through Friday.
    • For additional resources on FEMA preparedness grant programs, visit Preparedness Grants | FEMA.gov.
    • For additional resources on FEMA procurement and grant processes, visit Contracting with Federal Funds for Goods and Services Before, During and After Disasters | FEMA.gov.
    • For support regarding financial grants management and budgetary technical assistance, applicants may contact the FEMA Award Administration Help Desk at ASK-GMD@fema.dhs.gov.
    • For NSGP-specific questions, email FEMA-NSGP@fema.dhs.gov, or reference our other existing resources, including the NSGP NOFO and Ancillary Documents. 

Nonprofit Organization Eligibility

12. How do I determine whether a nonprofit organization is eligible?

To be eligible for the FY 2025 NSGP, a nonprofit organization must:

• Meet the description under section 501(c)(3) of the Internal Revenue Code (IRC) of 1986 and be exempt from tax under section 501(a) of such code;
• For NSGP-UA, be located within one of the FY 2025 designated high-risk urban areas;
• For NSGP-S, be located outside of the FY 2025 designated high-risk urban areas; and
• Be able to demonstrate, through the application, that the organization is at high risk of a terrorist or other extremist attack.

13. Can nonprofit organizations pass through funds to other organizations?

Nonprofit organizations cannot pass through funding to other organizations. Only SAAs can pass through funding to selected nonprofit organizations.

14.  Which NSGP sub-program should I apply for?

If the physical address of the nonprofit organization for which you are applying is within a FY 2025 designated high-risk urban area, then you must apply to NSGP-UA. A complete list of all eligible urban areas for FY 2025 NSGP is listed in Appendix B of the NOFO. If the physical address of the nonprofit organization for which you are applying is outside of a FY 2025 designated high-risk urban area, then you must apply to NSGP-S. If you are unsure whether your nonprofit organization’s physical address is located within or outside of a FY 2025 designated high-risk urban area, contact your SAA. SAAs and nonprofit organizations should be aware that city limits do not always equate to the urban area footprint. 

15. Can organizations that have received funding or have been rejected in the past apply again?

There is no prohibition on applying to the NSGP multiple years in a row, regardless of whether you have received funding or been rejected in past years. However, once an organization receives funding, they are no longer eligible for first-time recipient additional points, as described in the NOFO.

16. Can nonprofit organizations apply for both state-funded and federally-funded grants?

Several states have state-led programs very similar to the federal DHS/FEMA NSGP. There is no prohibition at the federal level to apply for both programs. Please contact the SAA concerning the state program for any restrictions.

17. What is the maximum amount of funding I can apply for? Can I apply for multiple locations/facilities for the same organization?

Nonprofit organization subapplicants with one site may apply for up to $200,000 for that site. Subapplicants with multiple sites may apply for up to $200,000 per site for up to three sites per NSGP-UA and NSGP-S funding stream, for a maximum of $600,000 per nonprofit organization per state. Each unique site must have a unique Vulnerability Assessment and completed IJ. If a nonprofit organization has physical locations both within and outside of a FY 2025 designated high-risk urban area, they may apply to both funding streams (NSGP-S and NSGP-UA) but may not exceed a total of six applications for a total of $600,000 in requested funding per state. In states with no Urban Area, no more than three applications per nonprofit organization are allowable.

Applications received for the wrong funding stream (NSGP-UA or NSGP-S) will be deemed ineligible.

18. What constitutes a site when applying for NSGP funding?

The NSGP defines a “site” as a singular address or physical building. If a nonprofit organization has multiple buildings at the same address, each building can be identified by name (e.g., “Building A,” “Building B”). Each site applying for funding must have its own unique Vulnerability Assessment and application. 

Application Development for Nonprofit Organizations

19. What do I need to submit to my SAA to apply for FY 2025 NSGP funds?

Each eligible nonprofit organization must submit the following to their SAA:

Vulnerability Assessment

A vulnerability assessment specific to the location/facility for which the nonprofit organization is applying. Currently, there are no other FEMA-specific requirements for the Vulnerability Assessment, but SAAs may have state-specific requirements. 

NSGP Investment Justification (IJ) 

The IJ is a required application form used to apply for NSGP funds. It includes sections on the nonprofit organization’s risks, vulnerabilities, and the proposed projects that are intended to address or mitigate the identified risks and vulnerabilities. Proposed projects must be for the locations that the nonprofit organization occupies at the time of application. The IJ must:

• Demonstrate the ability to provide enhancements consistent with the purpose of the program and guidance provided by DHS/FEMA;
• Be both feasible and effective at reducing the risks for which the project was designed;
• Be able to be fully completed within the three-year period of performance; and
• Be consistent with all applicable requirements outlined in the funding notice and the Preparedness Grants Manual. 

The IJ is the only document submitted to FEMA by the SAA. As a result, it is important to avoid referencing any external materials in your IJ. Please consult the Subapplicant Quick Start Guide for more information on completing the IJ.

Mission Statement

A Mission Statement and any mission-implementing policies or practices that may elevate the organization’s risk must also be submitted to the SAA. The SAA will use the Mission Statement, along with the information provided in the IJ, to determine the central purpose of the organization and will validate the nonprofit “organization type” selected by the nonprofit organization in the IJ. The organization type may be one of the following: 1) Ideology-based/Spiritual/Religious; 2) Educational; 3) Medical; or 4) Other.

SAA-optional documentation

Some SAAs may allow supporting documentation related to actual incidents that have occurred at the location/facility, if applicable. This documentation could include items such as police reports, insurance claims, or photographs. Include a brief description of the items you are submitting in your IJ. Be sure to check with your SAA if optional supporting documentation is allowed.

Any other SAA-required documentation 

Contact your SAA for information on any additional requirements.

20. What makes a strong IJ?

• Clearly identified risks, including threats, vulnerabilities, and consequences;
• Description of findings from a previously conducted Vulnerability Assessment;
• Details of any incidents including description, dates, etc.;
• Brief description of any supporting documentation (such as police reports or photographs) that is submitted to the SAA as part of the application, if applicable;
• Explanation of how the investments proposed will mitigate or address vulnerabilities identified in a vulnerability assessment;
• Verification that all proposed activities are allowable costs per the FY 2025 NSGP NOFO;
• Realistic milestones that consider the EHP review process, if applicable; and
• Description of the project manager(s) and level of experience.

21. What are ways that a nonprofit organization can demonstrate that it is at a high risk of a terrorist or other extremist attack?

Ways an organization can demonstrate that it is at high risk of a terrorist or other extremist attack include but are not limited to:

• Describe any incidents that have occurred at the facility.
• Describe any threats (e.g., verbal threats, vandalization) made against the organization.
• Describe current events with specific attention to incidents impacting organizations that have been targeted due to a similar mission, belief, or ideology.
• Contact organizations/agencies that can provide information on the current threat environment, such as local law enforcement agencies, local emergency management offices, Federal Bureau of Investigation Field Offices, or Regional Protective Security Advisors. To reach a Protective Security Advisor, email Central@cisa.gov.

22. Why am I required to self-identify with one of the following four categories: 1) Ideology-based/Spiritual/Religious; 2) Educational; 3) Medical; or 4) Other?

As noted in question 19, organizations that are at heightened risk due to their ideology, beliefs, or mission are prioritized in the final scoring process.

23. What kinds of security-related activities are allowable?

Allowable costs include contract security, as well as planning, equipment, training, and exercises. Below are some examples:

• Planning – Activities related to the development of plans such as:
  • Security Risk Management Plans;
  • Continuity of Operations Plans; and
  • Response Plans.
• Equipment – Those items listed in the Authorized Equipment List as allowable under NSGP.
• Training:
  • Active shooter training; and
  • Security training for employees or members of the organization.
• Response exercises.

For a complete description of allowable activities, see the FY 2025 NSGP NOFO and the FY 2025 Preparedness Grants Manual.

24. What is the maximum percentage allowed for management and administration (M&A) of the program?

Nonprofit organization subrecipients may use up to 5% of their subaward for M&A purposes. M&A expenses must be based on actual expenses or known contractual costs. Requests that are simple percentages of the award, without supporting justification, will not be allowed or considered for reimbursement. M&A costs for the NSGP are calculated as up to 5% of the total federal award allocated to the subrecipient, not on final expenditures at close out.

25. Do nonprofit organizations have to own the building they apply for?

No, but any work funded by the NSGP must be permissible by the owner.

26. Can the building for an application be under construction?

Nonprofit organizations must be occupying and fully operational out of the facility listed in their Vulnerability Assessment and IJ at the time of application to be eligible for funding.

27. What is a Unique Entity Identifier (UEI)?

Nonprofit organizations must have a Unique Entity Identifier (UEI), which is obtained through SAM.gov. Nonprofit organizations are not required to have a UEI issued at the time of application but MUST have a valid UEI to receive a subaward from the SAA. Nonprofit organizations must register in SAM.gov to obtain the UEI but are not required to maintain an active registration in SAM.gov. Guidance on obtaining a UEI in SAM.gov can be found at GSA UEI Update and the Federal Service Desk Knowledge Base. It may take four weeks to obtain a UEI, and applicants should plan accordingly. Obtaining a UEI does not cost anything; it is free of charge.

28. How should a nonprofit organization determine the pricing for proposed projects in the IJ?

Nonprofit organizations should base their cost requests on reasonable estimates, which can include rough estimates received from vendors prior to applying, an online search of quotes for similar projects, etc., and organizations are encouraged to reasonably incorporate the potential for price changes. Nonprofit organizations are NOT required or expected to use exact numbers; educated estimates are acceptable. The same vendors can bid on the final project unless there is a conflict of interest. Policies and procedures on managing conflicts of interest for preparedness grants can be found in the Preparedness Grants Manual.

Nonprofit organizations must ALWAYS abide by federal and state procurement guidelines.

Application Review and Subaward

29. If I receive a subaward, where can I learn more about procurement policies?

As stated in question 28, nonprofit organizations must ALWAYS abide by federal and state procurement guidelines. Your SAA as the grant recipient will provide information for how procurement is managed in your specific state. States interpret federal guidance and integrate this guidance into their state guidance. For more information on federal procurement, please see Resource Library: Purchasing Under a FEMA Award | FEMA.gov and Procurement Under Grants Training | FEMA.gov.

30. How will my application be reviewed or evaluated?

FY 2025 NSGP applications will be scored by the SAA in coordination with its state, territory, and urban area partners, as applicable. The SAA will submit a prioritized list of IJs with all scores to FEMA. FEMA will not undergo a full scoring of each individual IJ like in previous years. In the final scoring process, organizations that are at risk due to their ideology, beliefs, or mission are prioritized. Additionally, organizations that have never received NSGP funding are also prioritized. 

Because of the timing of the FY 2025 NSGP Program, the NSGP-S and NSGP-UA funding will be issued as risk-based allocations to each state and territory. Subawards will still be governed by the standard competitive process. However, this will occur after award of the state- and territory-based allocations to ensure that all funds can be obligated before the fiscal year ends. More information will be released on the FY 2025 subapplication process later. 

Based on the review process described above, FEMA will then make funding recommendations to the Secretary of Homeland Security. All final funding determinations will be made by the Secretary, who retains the discretion to consider other factors and information in addition to FEMA’s funding recommendations. For additional information on how IJs are reviewed and scored at the SAA and federal levels, please refer to the FY 2025 NSGP NOFO.

31. Is there a security review performed on my application? 

Yes, there is a security review performed by the DHS Office of Intelligence and Analysis on prospective subrecipient nonprofit organizations. This review takes place after the competitive scoring and selection process is complete. The information provided is limited to the organization’s name and physical address, as submitted by the nonprofit organization.

32. How does FEMA EHP factor into the NSGP?

Please consult the Subapplicant Quick Start Guide for more information on EHP.

33. If my organization receives funds through the NSGP, will the federal government be able to impose restrictions on my organization in any other area of policy that may contradict the religious and/or other beliefs of my organization? 

Subapplicants are encouraged to seek legal counsel before applying for or agreeing to an NSGP subaward. NSGP subapplicants and subrecipients may wish to contact their counsel regarding particular operations and potential liability or concerns based on civil rights statutes and regulations. 

Two publicly available resources are available here:

• Faith-Based Rule at DHS | Homeland Security
• DHS Standard Terms & Conditions (including the civil rights requirements)

If NSGP subapplicants and subrecipients have questions about federal nondiscrimination obligations, they may contact FEMA’s Office of Civil Rights by emailing FEMA-OCR@fema.dhs.gov.