diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
index 609bed1f6..ac898b9ee 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
@@ -165,33 +165,39 @@ public class NodePackageAnalyzer extends AbstractNpmAnalyzer {
     @Override
     protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
         engine.removeDependency(dependency);
-        File file = dependency.getActualFile();
-        if (!file.isFile() || file.length() == 0) {
+        File dependencyFile = dependency.getActualFile();
+        if (!dependencyFile.isFile() || dependencyFile.length() == 0) {
             return;
         }
         try {
             // Do not scan the node_modules directory
-            if (file.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
-                LOGGER.debug("Skipping analysis of node module: " + file.getCanonicalPath());
+            if (dependencyFile.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
+                LOGGER.debug("Skipping analysis of node module: " + dependencyFile.getCanonicalPath());
                 return;
             }
         } catch (IOException ex) {
             throw new RuntimeException(ex);
         }
-        File baseDir = file.getParentFile();
+        File baseDir = dependencyFile.getParentFile();
         if (PACKAGE_LOCK_JSON.equals(dependency.getFileName())) {
             File shrinkwrap = new File(baseDir, SHRINKWRAP_JSON);
             if (shrinkwrap.exists()) {
                 return;
             }
         }
+        final File nodeModules = new File(baseDir, "node_modules");
+        if (!nodeModules.isDirectory()) {
+            LOGGER.warn("Analyzing `{}` - however, the node_modules directory does not exist. "
+                    + "Please run `npm install` prior to running dependency-check", dependencyFile.toString());
+            return;
+        }
 
-        try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
+        try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(dependencyFile))) {
             final JsonObject json = jsonReader.readObject();
             final String parentName = json.getString("name");
             final String parentVersion = json.getString("version");
             final String parentPackage = String.format("%s:%s", parentName, parentVersion);
-            processDependencies(json, baseDir, file, parentPackage, engine);
+            processDependencies(json, baseDir, dependencyFile, parentPackage, engine);
         } catch (JsonException e) {
             LOGGER.warn("Failed to parse package.json file.", e);
         } catch (IOException e) {
@@ -228,7 +234,7 @@ public class NodePackageAnalyzer extends AbstractNpmAnalyzer {
                         throw new AnalysisException("Problem occurred while reading dependency file.", e);
                     }
                 } else {
-                    LOGGER.error("Unable to find child file {}", f.toString());
+                    LOGGER.warn("Unable to find node module: {}", f.toString());
                     child = new Dependency(rootFile, true);
                     //TOOD - we should use the integrity value instead of calculating the SHA1/MD5
                     child.setSha1sum(Checksum.getSHA1Checksum(String.format("%s:%s", name, version)));
@@ -256,37 +262,5 @@ public class NodePackageAnalyzer extends AbstractNpmAnalyzer {
                 }
             }
         }
-
-//            gatherEvidence(json, dependency);
-//
-//            // only run this if we are in evidence collection or the NSP analyzer has been disabled
-//            if (engine.getMode() == Mode.EVIDENCE_COLLECTION
-//                    || !engine.getSettings().getBoolean(Settings.KEYS.ANALYZER_NSP_PACKAGE_ENABLED)) {
-//                //Processes the dependencies objects in package.json and adds all the modules as dependencies
-//                if (json.containsKey("dependencies")) {
-//                    final JsonObject dependencies = json.getJsonObject("dependencies");
-//                    processPackage(engine, dependency, dependencies, "dependencies");
-//                }
-//                if (json.containsKey("devDependencies")) {
-//                    final JsonObject dependencies = json.getJsonObject("devDependencies");
-//                    processPackage(engine, dependency, dependencies, "devDependencies");
-//                }
-//                if (json.containsKey("optionalDependencies")) {
-//                    final JsonObject dependencies = json.getJsonObject("optionalDependencies");
-//                    processPackage(engine, dependency, dependencies, "optionalDependencies");
-//                }
-//                if (json.containsKey("peerDependencies")) {
-//                    final JsonObject dependencies = json.getJsonObject("peerDependencies");
-//                    processPackage(engine, dependency, dependencies, "peerDependencies");
-//                }
-//                if (json.containsKey("bundleDependencies")) {
-//                    final JsonArray dependencies = json.getJsonArray("bundleDependencies");
-//                    processPackage(engine, dependency, dependencies, "bundleDependencies");
-//                }
-//                if (json.containsKey("bundledDependencies")) {
-//                    final JsonArray dependencies = json.getJsonArray("bundledDependencies");
-//                    processPackage(engine, dependency, dependencies, "bundledDependencies");
-//                }
-//            }
     }
 }
diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java
index 088df25fb..f6de7f441 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java
@@ -43,7 +43,9 @@ import javax.json.JsonException;
 import javax.json.JsonObject;
 import javax.json.JsonObjectBuilder;
 import javax.json.JsonReader;
+import static org.owasp.dependencycheck.analyzer.NodePackageAnalyzer.DEPENDENCY_ECOSYSTEM;
 import org.owasp.dependencycheck.exception.InitializationException;
+import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.URLConnectionFailureException;
 
 /**
@@ -110,6 +112,16 @@ public class NspAnalyzer extends AbstractNpmAnalyzer {
             setEnabled(false);
             throw new InitializationException("The configured URL to Node Security Platform is malformed", ex);
         }
+        try {
+            final Settings settings = engine.getSettings();
+            final boolean nodeEnabled = settings.getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED);
+            if (!nodeEnabled) {
+                LOGGER.warn("The Node Package Analyzer has been disabled; the resulting report will only "
+                        + " contain the known vulnerable dependency - not a bill of materials for the node project.");
+            }
+        } catch (InvalidSettingException ex) {
+            throw new InitializationException("Unable to read configuration settings", ex);
+        }
     }
 
     /**