With the unsuccessful bombing attempt in Times Square a few months ago, it is apparent that home-based terrorism continues to plague U.S. citizens and its infrastructure. The security of vulnerable infrastructures, such as chemical plants and other facilities that house combustible material, has had little oversight until recently. A plotted incident at one of these facilities could result in catastrophic loss.
However in 2007, the Department of Homeland Security was given the responsibility to develop and administer the appropriate security regulations for specific "high risk" facilities through the Section 550 of the DHS Appropriations Act of 2007. These facilities are now required by the Department of Homeland Security to develop and implement security plans in accordance the Chemical Facility Anti-terrorism Standards (CFATS). Any business or facility manufacturing, processing, using, or storing specific chemicals in specific quantities, unless exempt by statute or rule, must now adhere to CFATS requirements.
The Department assigns facilities to one of four risk-based tiers, ranging from high (Tier 1) to low (Tier 4) risk. It is estimated that over 6,000 facilities are covered by CFATS regulations. Facilities that submitted a Security Vulnerability Assessment (SVA) and were subsequently notified in writing as high-risk have access via the Chemical Security Assessment Tool (CSAT) to complete and submit the CSAT Site Security Plan (SSP) within 120 days. Congress established steep non-compliance penalties of up to $25,000 per day for missed deadlines and/or potential facility closure.
The SSP identifies and details countermeasure of security vulnerabilities. It should cover the current 18 Risk-Based Performace Standards, (RBPS) which covers
- Site Assets
- Screen and Control Access
- Deter, Detect, and Delay
- Shipping, Receipt, and Storage
- Theft or Diversion
- Personnel Surety
- Elevated Threats
- Specific Threats, Vulnerabilities, or Risks
- Reporting of Significant Security Incidents
- Significant Security Incidents and Suspicious Activities
- Officials and Organization
Facilities will be inspected after an initial Site Security plan (SSP) approval to ensure CFATS compliance.
For more tips and best practices on designing a crisis management program, download our Free Best Practices Guide.