Best Practices: Meeting CFATS Performance Requirements A Town Hall Meeting



Similar documents
Re: Docket No. DHS , Advanced Notice of Proposed Rulemaking on the Chemical Facility Anti-Terrorism Standards

Written Statement of Clyde D. Miller Director, Corporate Security BASF Corporation

The Office of Infrastructure Protection

CSAT Site Security Plan

Office of Infrastructure Protection Infrastructure Security Compliance Division

Department of Homeland Security

SOCMA Frequently Asked Questions on CFATS and Appendix A

DHS Chemical Security Program: Cyber Security Requirements

Chemical Security Assessment Tool (CSAT)

Ten Tips for Completing a Site Security Plan

Supplemental Tool: NPPD Resources to Support Vulnerability Assessments

CRITICAL INFRASTRUCTURE PROTECTION. DHS Action Needed to Verify Some Chemical Facility Information and Manage Compliance Process

CSAT Top-Screen Survey Application

Homeland Security Alert

Actions to Improve Chemical Facility Safety and Security A Shared Commitment Report of the Federal Working Group on Executive Order 13650

November 30, Docket No. DHS Chemical Facility Anti-Terrorism Standards (CFATS) Appendix A. To Whom It May Concern:

CSAT Security Vulnerability Assessment

Written Statement of. Timothy J. Scott Chief Security Officer and Corporate Director Emergency Services and Security The Dow Chemical Company

Risk-Based Performance Standards Guidance Chemical Facility Anti-Terrorism Standards. May 2009

Bid Questions & Answers Help Guide

REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SECURITY CONSULTING BID INSTRUCTIONS

Ocoee, FL July 01, 2016 Advertisement No. 1

REQUEST FOR PROPOSAL RFP # For the Provision of After Hours Answering Services. Proposal Due Date/Time: October 19, 4:00 p.m.

PROPOSALS REQUESTED THE TOWN OF OLD ORCHARD BEACH POLICE DEPARTMENT FOR IP-BASED VOICE COMMUNICATION SYSTEM


Ocoee, FL May 13, 2016 Advertisement No. 1

REQUEST FOR PROPOSALS (RFP) Redesign and Development of the Town of Tarboro Website

City of Dubuque, Iowa Request for Proposals for Software & Implementation of ADA Compliance & Transition Plan Management

Description: Publication Date: 9/21/2015. Closing Date/Time: Open Until Contracted

Tax Return Preparer Penalties Under Section AGENCY: Internal Revenue Service (IRS), Treasury.

REQUEST FOR COMMENTS REGARDING THE EXCISE TAX ON AMOUNTS PAID FOR THE RIGHT TO PROVIDE MILEAGE AWARDS

NYSED DATA DASHBOARD SOLUTIONS RFP ATTACHMENT 6.4 MAINTENANCE AND SUPPORT SERVICES

PREQUALIFICATION DOCUMENT FOR PROVISION OF WEBSITE HOSTING AND MAINTENANCE SERVICES - TENDER NO KENAS NO/19/2013/2015

DEPARTMENT OF AGRICULTURE. Food and Nutrition Service. Agency Information Collection Activities: Proposed Collection; Comment Request

B. Request for Information (RFI) for Contract Management and Project Management Software Solutions

Request for Information to Inform Hydraulic Fracturing Research Related to

City of Brantford Vendor Performance Scorecard for Consultant Services

AMS Determination Questions

Issue Date: March 4, Proposal Due Date: Tuesday, March 18, 2014 by 11:00 AM Mountain Time to:

Request for Proposal

Guidance Regarding Deferred Discharge of Indebtedness Income of Corporations and

Regulatory Circular RG14-022

Title: Contract Management Software Solutions (CMS) and Procurement Front-End System

HUMAN RESOURCES PROCEDURE 10.5

Board Information. Licensure Information

CHECKLIST TO DESIGNATE AREAS OF EVALUATION FOR REQUESTS FOR PROPOSAL (RFP)

Contract# DSU Call Center Services Q&A

REQUEST FOR PROPOSAL INFORMATION SECURITY PROGRAM PROVIDER

MICHIGAN DEPARTMENT OF TECHNOLOGY, MANAGEMENT AND BUDGET UCC and CPC MDOS Letters to FileNet PROJECT MANAGER STATEMENT OF WORK (SOW)

TOWN OF NORTON. A Guide to Posting Meetings, Agendas & Minutes

Request for Proposal: Network Switches

Your proposal must contain recommendations to satisfy the requirements described in the "Terms of Reference" sections supplied with this request.

NOTICE OF EXAMINATION

AUDIT REPORT. Cloud Software as a Service (SaaS) Procurement and Governance Audit. June 9, 2016

United States Department of Agriculture Office of Inspector General

Old Phase Description New Phase Description

PROCEDURE FS 1 PROCUREMENT POLICY

Request for Proposal: Network Switches

Request for Proposal: Network Switches

Department of Homeland Security Office of Inspector General

Request for Proposal: Network Switches

Outside Business Activities: Key Requirements and Leading Practices Thursday, May 28 11:15 a.m. 12:15 p.m.

CRITICAL INFRASTRUCTURE PROTECTION. DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts

WIVENHOE GROUP ONE PHEASANT RUN * MILLSTONE TOWNSHIP, NEW JERSEY TEL: * FAX:

Request for Proposal. St. Andrew's Parish Parks & Playground Commission Bid Deadline: July 17, 2015 at 12 Noon

Department of the Treasury Division of Purchase and Property QUICK REFERENCE GUIDE: SUBMIT A QUOTE SELLERS

CHAPTER Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033

Invitation for Proposal NOTICE IS HEREBY GIVEN THAT SEALED PROPOSALS ARE SOUGHT AND REQUESTED FOR THE FOLLOWING:

Internet Society. Network Services Request for Proposal For IETF Meetings

Exhibitor Invitation

STEP 2 INPUT THE FOLLOWING QUESTIONS ABOUT PAYSTUB ONLINE

ACTION: Notice of proposed rulemaking and notice of public hearing. SUMMARY: This document contains proposed regulations relating to Additional

State of Washington. BHAS Help Desk Support Services. July 2015 V1.0

UNT System Business Service Center Service Level Agreement Revised 11/18/2013

REQUEST FOR PROPOSAL (RFP) BID# RFI - IMPLEMENTATION OF ONLINE PAYROLL REMITTANCES

City of Hermosa Beach Notice Inviting Bids Electronic Patient Care Reporting System (epcr)

REQUEST FOR PROPOSAL

NIH Web Collaboration Service-Level Description

Review of U.S. Coast Guard's FY 2014 Drug Control Performance Summary Report

Video Production Services for the Ontario College of Trades (the College)

EPA Policy on Assessing Capabilities of Non-Profit Applicants for Managing Assistance Awards

City of Long Beach. Request For Information Number TS For Financial Management and Human Resources Software Solution

REQUEST FOR PROPOSAL

REQUEST FOR PROPOSALS

Maintenance Management Software

U.S. Department of Agriculture Office of Inspector General Western Region Evaluation Report

Office of the Inspector General

NOTICES OF PROPOSED RULEMAKING

REQUEST FOR PROPOSAL FOR A CONFERENCE PLANNER FOR THE CANADIAN BIOETHICS SOCIETY

CITY OF FAIRVIEW HEIGHTS, IL. REQUEST FOR PROPOSALS. Time Collection & Payroll Services

Solicitation Information 10 May 2012

AGENCY: Federal Emergency Management Agency, DHS. ACTION: Committee Management; Notice of Federal Advisory Committee Meeting.

Table of Contents. Operations Manual April 2016 Page 2 of 40

GAO INFORMATION TECHNOLOGY DASHBOARD. Opportunities Exist to Improve Transparency and Oversight of Investment Risk at Select Agencies

CYBERSECURITY RISK MANAGEMENT

Interim Guidance and Request for Comments; Medical Device Excise Tax; Manufacturers Excise Taxes; Constructive Sale Price; Deposit Penalties

Bidder questions and Agency answers for DHS RFP BPC

REQUEST FOR QUOTATION

Early Learning and Child Care Initiative

AUDIT REPORT. Service Desk and Problem Management Audit Opinion: Satisfactory. November 14, Report Number: 2014-IT-04

Transcription:

Best Practices: Meeting CFATS Performance Requirements A Town Hall Meeting Thursday, January 27, 2011 Education Government Relations Research & Technology Standards 635 Slaters Lane Suite 110 Alexandria, VA 22314 (866) 817-8888 www.siaonline.org

Security Industry Association (SIA) SIA is a non-profit organization representing the interests of more than 350 manufacturers, integrators and distributors of electronic physical security technologies. For more information visit www.siaonline.org Education Government Relations Research & Technology Standards 635 Slaters Lane Suite 110 Alexandria, VA 22314 (866) 817-8888 www.siaonline.org

Speakers John Romanowich (Moderator) President & CEO, SightLogix Chairman, SIA Chemical Security Working Group Todd Klessman Branch Chief (Acting), Policy and Programs Branch, Infrastructure Security Compliance Division, Office of Infrastructure Protection Gregory Eatmon Global Security Manager, Baker Hughes Clyde Miller Director, Corporate Security, BASF Corporation Education Government Relations Research & Technology Standards 635 Slaters Lane Suite 110 Alexandria, VA 22314 (866) 817-8888 www.siaonline.org

Chemical Facility Anti-Terrorism Standards Status Update Todd Klessman Branch Chief (Acting), Policy and Programs Branch Infrastructure Security Compliance Division

Current Regulated Community DHS has received over 38,000 initial Top-Screens. Of the Top-Screens received and analyzed, DHS issued preliminary tier notifications and SVA due dates to over 7,000 facilities. As of January 2011, CFATS covers 4,755 facilities (4,094 Final tiered facilities, 661 preliminarily tiered facilities) across all 50 states. The breakdown of tiered facilities (preliminary and final) is as follows: Final Tier Total Facilities With A Regulated Final Tier Awaiting Final Tier 1 218 3 2 535 38 3 1126 146 4 2215 474 Total 4094 661 5

CFATS Implementation Status Site Security Plans (SSP): To date, ISCD has received, and is in the process of reviewing nearly 4,000 SSPs and Alternative Security Programs (ASP) submitted in lieu of SSPs. Pre-Authorization Inspections (PAI): Chemical inspectors continue to conduct PAIs to assist facilities in preparing appropriate SSPs. As of January 2011, more than 150 PAIs have been completed. Authorization Inspections (AI): The first CFATS AI was conducted in 2010, and as of January 2011, four AIs have been completed. Administrative Orders: To date, DHS has issued 63 Administrative Orders to facilities that failed to submit a Site Security Plan within the prescribed deadline; all 63 facilities are now in compliance with CFATS. 6

Major Ongoing & Planned Activities Appendix A Review: Evaluating the current Chemicals of Interest list and associated rules (e.g., Screening Threshold Quantities; mixture rules) Chemical Security Assessment Tool (CSAT) Updates: Refining the suite of CSAT tools based on lessons learned, input received from users, etc. CFATS/Maritime Transportation Security Act (MTSA) Harmonization: Working closely with U.S. Coast Guard to better harmonize the CFATS and MTSA regulatory programs Agricultural Production Facilities: Finalizing analysis of completed agricultural facility surveys to determine best approach to treatment of agricultural production facilities under CFATS Personnel Surety Program: Preparing responses to comments received during the second Paperwork Reduction Act Notice published in the Federal Register 7

Help Desk Contact Information The CFATS Help Desk toll-free number is 1-866-323-2957. Hours of Operation are 7:00AM 7:00PM, Monday through Friday. The Help Desk is closed for Federal Holidays. The Help Desk email address is CSAT@DHS.gov. For CFATS Frequently Asked Questions (FAQs) and CVI training go to WWW.DHS.GOV/CHEMICALSECURITY. 8

ENTERPRISE SECURITY AND CRISIS MANAGEMENT ENTERPRISE SECURITY AND CRISIS MANAGEMENT PAI Lessons Learned January 2011 CONFIDENTIAL

PAI LESSONS LEARNED 3 man DHS inspection team / DHS requested the following company personnel be available during inspection: ofacility Manager ophysical Security Manager ofacility Security Officer oassistant Facility Security Officer osecurity Guard Force ocyber Security Manager oprocess Engineer First day consisted of introductions, a safety briefing, discussions about the process, an overview of facility operations, a tour of the facility, and a brief discussion of the shortcomings of the SSP. The next two days were spent reviewing the SSP deficiencies in each of the 18 RBPS categories. Inspectors brought a list of SSP inadequacies for the site that had been prepared by DHS reviewers. Inspectors focused heavily on RBPS s 1, 2, 3, 4, 5, 8, and 12. Inspectors focused on satisfying to the letter the metrics noted in the RBPS Guidance Manual per each tiering level. CONFIDENTIAL 1

PAI LESSONS LEARNED The inspectors were adamant that only EXISTING or PLANNED measures that meet RBPS guidance metrics would be given consideration. The facility must show a definitive path forward and proof that the planned steps are in process to being implemented and not just modeling (i.e. engineering designs, proposals, bids from vendors, contracts, etc.). The inspectors could not identify or prescribe what specific measures the facility needed to meet compliance, but did suggest options on how to achieve compliance. A layered approach to site security is definitively a better approach and strategy for compliance purposes. Following the inspection, the inspectors provided a quick debrief and noted that the SSP would be made available to the facility for editing. It was recommended that the facility use the text boxes provided in the SSP tool to apply expanded explanations and clarifications to all RBPS measures noted in the SSP. In other words, DHS wants the facilities to use the text box (4000 characters per text box) to fully explain any and all security measures, procedures, and policies so they can be fully understood and evaluated against the RBPS metrics. CONFIDENTIAL 2

PAI LESSONS LEARNED Inspectors then provided the following schedule: o Notice of Completion of PAI and opening of SSP for technical editing. o 45 days to complete technical editing of the SSP. o Once the SSP is edited and resubmitted, it will be reviewed and the plan reevaluated. o If the SSP review is satisfactory, a Letter of Authorization will be provided to the facility, which means that DHS has tentatively accepted the SSP. If the SSP review is unsatisfactory a Letter of Clarification will be issued by DHS. o After the Letter of Authorization, a final compliance inspection will be scheduled by DHS. o Following the final compliance inspection, if there are no issues identified, a Final Letter of Approval for the SSP will be issued by DHS. CONFIDENTIAL 2

Clyde D. Miller Director, Corporate Security

CFATS - Once Upon a Timeline 50,000+ facilities

Reality CFATS 2011 4750 +/- Regulated Facilities Top Screens Completed Preliminary Tiers Issued SVAs Completed Tiers 1 & 2 Final Tiering SSPs underway Site visits beginning Tiers 3 & 4 being tiered in waves

Challenges Standards vs. Prescribed Measures How much is enough? How much will it cost? Actual vs. Planned vs. Proposed Measures Assets in SVA vs. Assets in SSP Consider measures outside of traditional security measures The SSP is NOT a Site Security Plan If You Say You Do It, You Better Do It Congress Isn t Done

Town Hall CFATS Best Practices Site Security Plan (SSP) Submission Keys to Preparing SSP CFATS Investments/Authorization Question & Answer Period Concluding Remarks Education Government Relations Research & Technology Standards 635 Slaters Lane Suite 110 Alexandria, VA 22314 (866) 817-8888 www.siaonline.org

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information