Your Shopping Cart
By using this site you agree to our use of cookies. Please refer to our privacy policy for more information. Close
Home
› Best Practices
Chemical Facility Anti Terrorism Standards – Background, Requirements and Recent Updates
- By: Staff Editor
- Date: July 29, 2010
Background
Post the 9/11 attacks and the formation of the Department of Homeland Security (DHS) it was decided that chemical facilities around the US needed to improve their security and protect vital information. As a result, Congress passed the Department of Homeland Security Appropriations Act in 2007 which gave the DHS authority to regulate high-risk chemical facilities in the US and also develop and implement chemical facility regulations. The Chemical Facility Anti Terrorism Standards (CFATS) was published in April 2007 and took effect from June of that year.
CFATS broadly requires high risk chemical facilities to enhance their security and establish new procedures for protecting chemical facility security information.
How are facilities deemed high risk?
The DHS determines whether a facility is high risk on a facility–by–facility basis. The classification of a facility as high risk generally depends on the type and amount of chemicals that it possesses.
CFATS Requirements
Those facilities that are covered by CFATS have to go through the following six phases in order to achieve regulatory compliance:
- Submission of a Top–Screen
- Notification of a preliminary risk-tier
- Submission of a Security Vulnerability Assessment (SVA)
- DHS notification of its final tier determination
- Submission of a Site Security Plan (SSP)
- Ongoing compliance.
Top-Screen Phase:
Facilities (including refineries and petrochemical plants) that possess any of the chemicals listed in Appendix A in specific amounts with the potential to create significant human lives or health consequences were required to complete the “Top-Screen” risk assessment through a secure web portal, named the Chemical Security Assessment Tool (CSAT). This process is used by the DHS to separate low risk and high risk facilities.
Notification of Preliminary Risk Tier
Facilities can be ranked as any one of four risk tiers (Tier 1 being highest risk and Tier 4 being low risk), depending on the DHS’ categorization. The DHS notifies owners and facilities of their high risk classification and their risk tier by letter. Facilities that do not "present a high level of security risk" are not subject to CFATS. These facilities have no further regulatory obligation, although a material modification at the facility may prompt further inquiry and possibly require resubmission of a Top-Screen. Facilities that do "present a high level of security risk" are subject to additional review and must complete an SVA.
Submission of Security Vulnerability Assessments (SVA)
The DHS requires high risk facilities to conduct Security Vulnerability Assessments (SVAs) and develop Site Security Plans (SSPs), and to submit them for approval. Tiered facilities submit SVAs, which DHS uses to determine a facility’s final tier.
Final tier determinations
DHS uses the SVA data to make final tier determinations. Therefore, some facilities no longer be covered by CFATs or may be more high risk.
As of December 2010, DHS has classified approximately 218 facilities as final Tier 1s, 535 facilities as final Tier 2s, 1,126 facilities as final Tier 3s, and 2,215 facilities as final Tier 4s. 3 preliminary Tier 1 facilities are awaiting final tier determinations, as are 38 preliminary Tier 2s, 146 preliminary Tier 3s, and 474 preliminary Tier 4s.
Site Security Plan (SSP)
Once facilities receive their final tier notification, they have 120 days to submit an SSP to DHS via the CSAT portal. The SSP must, among other things, identify and describe how each security measure will meet, as applicable, the eighteen Risk-Based Performance Standards (RBPSs). These include:
- Restrict Area Perimeter
- Secure Site Assets
- Screen and Control Access
- Deter, Detect, and Delay
- Shipping, Receipt, and Storage
- Theft or Diversion
- Sabotage
- Cyber
- Response
- Monitoring
- Training
- Personnel Surety
- Elevated Threats
- Specific Threats, Vulnerabilities, or Risks
- Reporting of Significant Security Incidents
- Significant Security Incidents and Suspicious Activities
- Officials and Organization
- Records
In order to improve understanding and compliance with the SSP process, the DHS began conducting Pre-Authorization Inspections (PAIs) to both give additional guidance to industry and receive feedback on how to improve the SSP tool. Additionally, in mid-2010, DHS began taking enforcement action against facilities that failed to timely submit SSPs.
Recent Updates:
In January 2009, DHS updated the Top Screen Questions and in September 2010, updated the Top Screen User's Manual.
CFATS was to expire in 2011, but bills have been introduced in Congress to extend it for a further seven years in order to provide continuity for the chemical industry and federal government to be able to fully implement the regulatory requirements.
Additional Resources:
Compliance Trainings
Pregnancy in the Workplace: Strategies to Protect Your Organization from Pregnancy Discrimination Claims
By - Christopher W. Olmsted
On Demand Access Anytime
By - Christopher W. Olmsted
On Demand Access Anytime
How to Vet an IRB: Expose and Fix Problems Before They Threaten Your Trial
By - Madhavi Diwanji
On Demand Access Anytime
By - Madhavi Diwanji
On Demand Access Anytime
Compliance Standards
Best Sellers
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
-
By: Miles HutchinsonAdd to CartPrice: $249
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
-
San Francisco, CA | Aug 6-7, 2020
-
Virtual Seminar | Jul 16-17, 2020
-
Virtual Seminar | Jun 18-19, 2020
-
Los Angeles, CA | Aug 20-21, 2020
-
Virtual Seminar | Jul 16-17, 2020
-
Virtual Seminar | Jun 25-26, 2020
-
Virtual Seminar | Jun 10, 2020
-
Virtual Seminar | Jun 3-4, 2020
-
Virtual Seminar | Jul 6-7, 2020
-
San Francisco, CA | Oct 22-23, 2020
-
Virtual Seminar | Jul 9-10, 2020
-
Virtual Seminar | Jun 3-4, 2020
-
Virtual Seminar | June 3-4, 2020
-
Miami, FL | Jul 29-31, 2020
-
Virtual Seminar | Jun 17, 2020
-
Provider: ANSIAdd to CartPrice: $142
- Add to Cart
- Add to Cart
- Add to Cart
-
Provider: ANSIAdd to CartPrice: $120
-
Provider: ANSIAdd to CartPrice: $250
-
Provider: SEPTAdd to CartPrice: $299
- Add to Cart
-
Provider: Quality-Control-PlanAdd to CartPrice: $37
- Add to Cart
-
Provider: At-PQCAdd to CartPrice: $397
- Add to Cart
- Add to Cart
- Add to Cart
- Add to Cart
You Recently Viewed