110 likes | 409 Views
Securing the Chemical Sector: An Outline of the Chemical Facility Anti-Terrorism Standards (CFATS) Program May 2008 . Agenda. Chemical Facility Anti-Terrorism Standards (CFATS): Mission Regulatory Scope: Chemicals of Interest/Appendix A Risk Based Performance Standards (RBPS)
E N D
Securing the Chemical Sector: An Outline of the Chemical Facility Anti-Terrorism Standards (CFATS) Program May 2008
Agenda • Chemical Facility Anti-Terrorism Standards (CFATS): Mission • Regulatory Scope: Chemicals of Interest/Appendix A • Risk Based Performance Standards (RBPS) • Chemical Security Assessment Tool (CSAT) • Chemical-terrorism Vulnerability Information (CVI) • Roll Out • CSAT Help Desk
Chemical Security – The Mission • P.L. 109-295 requires the DHS to regulate chemical facilities that present a high level of security risk with priority on highest risk facilities. DHS will: • Identify “high security risk” facilities • Develop Risk Based Performance Standards (RBPS) for security at chemical facilities • Approve and disapprove SVA and SSP • Perform Inspections to confirm facility security is in accordance with SSP • Enforce facility compliance and seek remedies • Manage objections and appeals process • Receive, manage, store, and restrict access to Chemical-terrorism Vulnerability Information • Provide Consultations and Technical Assistance upon request
Chemicals of Interest: Appendix A • DHS will identify the universe of potentially high risk facilities using its Chemicals of Interest (COI) list or Appendix A. • A chemical facility that possesses any Appendix A chemical at or above its screening threshold quantity (STQ) must complete and submit a CSAT Top-Screen to DHS. • Appendix A was out for public comment until May 9, 2007, and DHS received thousands of comments that influenced the final Appendix A, published on November 20, 2007. • The final version of Appendix A will enable DHS to meet its mandate and also facilitate industry compliance.
CFATS and Risk Based Performance Standards (RBPS) • RBPS serve as the security building blocks for the CFATS program. • RBPS drive the security performance at facilities in each of the four risk-based tiers. • RBPS provide facilities with flexibility and allow for the use of existing measures, ideas and expertise. • RBPS cover various aspects of security. • A facility only has to meet those RBPS that apply to it. • Restricted Area Perimeter • Securing Site Assets • Screening and Access Controls • Deter, Detect, and Delay • Shipping, Receipt, and Storage • Theft and Diversion • Sabotage • Cyber • Response • Monitoring 11. Training 12. Personnel Surety 13. Elevated Threats 14. Specific Threats, Vulnerabilities, or Risks 15. Reporting of Significant Security Incidents 16. Significant Security Incidents and Suspicious Activities 17. Officials and Organizations 18. Records
Chemical Security Assessment Tool (CSAT) • The IT backbone of CFATS implementation is CSAT– the suite of tools that will be used to: • Identify potentially covered facilities (Registration) • Conduct an initial assessment of consequentiality (Top Screen) • Assess security vulnerabilities of those facilities achieving a certain level of consequentiality (SVA) • Develop and document a Site Security Plan for those facilities achieving a certain level of risk - as determined by the Chemical Security Division, using the Top Screen and SVA data, as well as internal Threat data. (Site Security Plan) • User Registration and the Top-Screen are now operational. • SVA and SSP are being prepared for deployment. • The newest CSAT component, the TSDB Screening Tool, will be available in the Summer/Fall of 2008.
CSAT -- Process CSAT Top-Screen Register CSAT Users CSAT SVA Site Security Plan Facility Tier and Asset Specific Security Issue(s) Validate Facility, Preparer, Submitter & Authorizer information Preliminary Approval Not covered at this time or Preliminary Facility Tier Inspection for Final Approval
Chemical-terrorism Vulnerability Information (CVI) • The Advance Notice explained the creation of a new category of information protection, CVI, and set forth the rules governing its maintenance, handling, and disclosure. • DHS provides CVI training and certification. • All CVI materials must be appropriately marked, handled, and stored. • Eligible Persons to use CVI: • Facility employees • Federal employees, contractors, and grantees • State/local government employees • Violation of CVI rules is grounds for a civil penalty and/or other enforcement or corrective action by DHS and appropriate personnel actions for Federal employees.
CFATS Roll Out • Phase 1 • Focuses on facilities most likely to be high risk. • CSCD is engaged and working with phase 1 facilities. • Phase 2 began with the publication of final Appendix A • All facilities with chemicals of interest at or above the STQs in final Appendix A officially start completing and submitting Top-Screens.
www.dhs.gov/chemicalsecurity • CSAT helpdesk can assist you: 1-866-323-2957 • The CSAT Help Desk email address is CSAT@DHS.gov