Create a free Manufacturing.net account to continue

CFATS — The Process

The site security plan goes more smoothly if you understand CFATS and plan accordingly.

Oct 7, 2010

ADT CFATSFor the past four years, the Department of Homeland Security (DHS) and the chemical industry have been working to secure facilities that use, produce or store certain chemicals. The Chemical Anti-Terrorism Standards (CFATS) mandate was developed to set a high security standard without rigid inflexible requirements. There are three main steps to meeting CFATS — a top screen, a security vulnerability assessment (SVA) and finally, a site security plan (SSP).

Top Screens

About 34,000 facilities have submitted top screens to the DHS to determine if their facility is considered at risk and subject to CFATS. Many chemical plants received notification that they needed to conduct a top screen, but the lack of a notification does not necessarily mean that an organization is off the hook — the CFATS mandate may still apply. If a facility uses, makes or stores any of the chemicals of interest (COIs) in quantities above the screening threshold quantity, a top screen needs to be conducted. COIs and thresholds are listed in Appendix A of the CFATS legislation and are posted online.

DHS developed an online tool called the Chemical Security Assessment Tool (CSAT) to help facilities and businesses maneuver through the CFATS process — from company registration to a template for the final SSP. Company registration is the first step, followed by the top screen questionnaire.

The person filling out the top screen questionnaire must be chemical terrorism vulnerability information-authorized, meaning someone who has had training by the DHS on the handling of sensitive material and information. Once completed, the top screen is submitted online to the DHS. The top screen data is part of what is used to determine if the facility needs to comply with the CFATS mandates.

Top screens were supposed to be completed and submitted to the DHS by January 22, 2008, but industry experts believe there are many companies out there that may not realize they are subject to the mandates. The DHS has estimated that as many as 45,000 top screens should be submitted by the time the process is complete.

The Security Vulnerability Assessment

After completing a top screen, the next step is to wait for a letter from the DHS, which lets the facility know that it has tiered out, meaning the mandates do not apply, or it is given a preliminary tier assignment between one and four, with one having the most risk. So far, the DHS has given a preliminary tier assignment to about 7,000 facilities and approximately 27,000 facilities have tiered out.

Those with a preliminary tier assignment must move on to the next step, which is to submit a SVA using the online CSAT. The purpose of the SVA is to determine the likelihood of an attack on a facility being successful and the amount of anticipated damage that would result. In the SVA, facilities may be asked to identify critical assets associated with each COI listed in the tier letter, as well as inventory and describe facility security equipment, including access control procedures and systems, and shipping and receiving procedures.

Facilities are also asked to look at a series of DHS-defined attack scenarios and evaluate the response and consequence of each critical asset/COI combination. These scenarios are based on the characteristics of the COI and the security issues listed in the facility’s preliminary tier letter. The facility is then required to provide an informed judgment on how successful the attack could be and how effective the emergency response would be.

The SVA is a complex process — usually requiring a team of professionals — and can take several hundred hours to complete. From the date of receiving the preliminary tier letter, facilities have the following amount of time to file an SVA: Tier 1 is 90 days, Tier 2 is 120 days, Tier 3 is 150 days and Tier 4 is 180 days.

The DHS then evaluates the SVA and can do one of three things:

  • Let the facility know that, based on the SVA, it is not considered at risk and not subject to CFATS at this time. If the facility’s COI inventory changes, then it may need to submit another top screen.
  • Confirm the facility’s original ranking.
  • Change the tier ranking based on the SVA.

In the last two cases, the facility receives a letter from the DHS confirming the original or altered ranking. The letter also includes a list of the COIs at the facility that concerns that DHS and the security issues associated with those COIs. It also notifies the facility management of the date the SSP is due to the DHS.

The Site Security Plan: The First Step

The SSP is based on 18 risked-based performance standards (RBPS). These RBPSs are meant to provide facilities with guidance on the type and level of security required by the DHS, but they are not strict guidelines and they do not prescribe any specific solutions. Before filling out the SSP questionnaire, each facility should lay out a plan. Take all of the information gathered, and using the 18 RBPSs, develop a plan and procedure to cover each standard.

For example, look at the first RBPS. RBPS1 requires facilities to restrict the area perimeter. The higher the tier ranking, the higher the performance expectation for nearly all of the RBPSs. So, a Tier 1 facility would be required to have a higher level of perimeter security than a Tier 3 or 4 facility. While fencing and landscaping may be enough for one facility, another may need fiberoptic fencing and in-ground radar.

The risk-based nature of the SSP makes planning ahead even more important. It gives the entire CFATS team the time and perspective to look at the facility and its security as a whole. For many facilities, that means a much smoother SSP submittal and approval process. Once the SSP is complete and submitted, it must be approved and implemented. At that point, the DHS performs an inspection and facilities can expect ongoing DHS periodic inspections and visits. 

For more information, please visit www.adtbusiness.com/petrochem.

Latest in Home
Ep156
Boeing, Lockheed Passed Up for Air Force Drone Program
April 26, 2024
A Congolese miner sifts through ground rocks to separate out the cassiterite, the main ore that's processed into tin, in the town of Nyabibwe, eastern Congo, Aug. 16, 2012.
Apple Questioned Over Knowledge of 'Blood Minerals' in Supply Chain
April 26, 2024
Ap24113773691455
U.S. Probes Whether Tesla Autopilot Recall Did Enough to Make Sure Drivers Pay Attention
April 26, 2024
NASA astronaut Butch Wilmore, walks past NASA jets after he arrived at the Kennedy Space Center, Thursday, April 25, 2024, in Cape Canaveral, Fla.
NASA Astronauts Arrive for Boeing's First Human Spaceflight
April 26, 2024
Related Stories
Outofoffice
Home
Notice: No Mnet Newsletters Next Week
Outofoffice
Home
No Mnet Newsletters Until Jan. 3
Imts
Home
Preview Days Videos Help Attendees Pre-Plan IMTS 2022 Agenda
Out Of Office Istock 5eff498fc27a7
Home
Notice: No Newsletters Next Week
More
Ep156
Video
Boeing, Lockheed Passed Up for Air Force Drone Program
The program could be worth billions.
April 26, 2024
A Congolese miner sifts through ground rocks to separate out the cassiterite, the main ore that's processed into tin, in the town of Nyabibwe, eastern Congo, Aug. 16, 2012.
Supply Chain
Apple Questioned Over Knowledge of 'Blood Minerals' in Supply Chain
Suspicions arise over 3TG mineral sourcing, smuggling and global supply chain infiltration.
April 26, 2024
Ap24113773691455
Automotive
U.S. Probes Whether Tesla Autopilot Recall Did Enough to Make Sure Drivers Pay Attention
The recall fix involves an online software update to increase warnings to drivers.
April 26, 2024
NASA astronaut Butch Wilmore, walks past NASA jets after he arrived at the Kennedy Space Center, Thursday, April 25, 2024, in Cape Canaveral, Fla.
Aerospace
NASA Astronauts Arrive for Boeing's First Human Spaceflight
Boeing's Starliner capsule is making its debut with crew after years of delay.
April 26, 2024
The Honda Marysville Auto Plant is shown on March 18, 2020, in Marysville, Ohio.
Automotive
Honda to Expand EV Efforts in Canada; Toyota Expands in Indiana
Honda will invest $11 billion in the move.
April 25, 2024
Ep155
Video
Disneyland's Gas-Powered Autopia Cars Are Going Electric
The designer said those "God-awful gasoline fumes" need to go.
April 25, 2024
Untitled
Automotive
BAE & Cummins to Make Hybrid Drivetrain for Transit Buses
Hybrid electric buses don't require investment in extensive charging infrastructure.
April 25, 2024
I Stock 1264709557
Labor
How Changes to 'Noncompete' Agreements, Overtime Pay Could Affect Workers
Companies of all sizes will have to reclassify workers who will now qualify for overtime pay.
April 25, 2024
Sm 2 Missile 5522
Aerospace
RTX Awarded $344M Contract to Modernize Missile Development Program
The updated variants will share a newly designed guidance section.
April 25, 2024
The Marshall Steam Station coal power plant operates March 3, 2024, near Mooresville, N.C.
Energy
Tough New EPA Rules Would Force Coal-Fired Power Plants to Capture Emissions
Or shut down.
April 25, 2024
Ap24110430878853
Automotive
Ford's Q1 Net Income Falls 24%
The automaker's combustion engine unit saw sales and revenue decline.
April 25, 2024
I Stock 1482999928
Labor
NAM Opposes New Overtime, Noncompete Rules
The association says new regulations aimed at protecting worker rights will threaten IP and worsen the labor crisis.
April 24, 2024
The logo for the Tesla Supercharger station is seen in Buford, Ga, April 22, 2021.
Operations
Tesla 1Q Profit Falls 55%
But the company's stock jumped as the company moved to speed production of cheaper vehicles.
April 24, 2024
I Stock 458086589
Operations
Boeing Posts $355 Million Loss
The company is in "a tough moment."
April 24, 2024
The Stellantis sign appears outside the Chrysler Technology Center, Jan. 19, 2021, in Auburn Hills, Mich.
Operations
Jeep Maker Stellantis to Lay Off Unspecified Number of Factory Workers
The company faces increased capital spending, declining U.S. sales, and higher labor costs.
April 23, 2024