This is the second in a series of blog posts about
presentations made at the recent 2012 Chemical Sector Security Summit. The
first in the series dealt with the problems associated with the presentations
in general. The subsequent posts will deal with the information provided in the
slide presentations. The published presentations only provide the outline, I’ll
try to fill in what information that I can from other sources or my best
guesses.
The first presentation that I’ll look at is the SSP
Lessons Learned (or CFATS Update, depending on which web page you look at)
made by John Ferrell. The presentation states that he works in ISCD and the
most recent information I can find (from 2009 and that is certainly out-of-date
with the multiple changes in ISCD) shows him being an Inspector and the Acting
Section Chief for Strategic Operations.
CFATS Update
The presentation provides some statistical data on the CFATS
program as of August 1, 2012 (the most recent data that I’ve seen). It provides
four basic sets of data; regulated facilities (“approximately 4500”), tiering
distribution (3% Tier 1, 12% Tier 2, 29% Tier 3, 55% Tier 4), security issues
(94% Theft/diversion, 32% Release, 14% Sabotage), and facilities no longer
covered (1,809 removed COI, 925 reduced COI).
I find it interesting that the only time actual numbers are
provided is when they discuss the number of facilities removed from the
program. This comes out to about 38% of the original number of facilities. It
would be interesting to see if anyone has done anything to determine how many
(if any) of these removals were due to the economic downturn.
The fact that the security issues comes out to a total of
140% should not come as a surprise to anyone. Many facilities are going to have
multiple COI under different security issues and some chemicals are listed
under multiple security issues. What is scary is that the bulk of covered
facilities are theft/diversion COI. Insider pilfering, for example, of
relatively small quantities of these materials could result in the construction
of significant weapons (either IEDs or chemical weapons).
SSP Status
There is one slide on the status of the SSP program. A total
of 63 facilities have had their SSP authorized or conditionally authorized (nobody
has ever defined the term ‘conditionally authorized’ in a venue that I have
seen) that is only eight more than Secretary
Beers testified (pg 5) had been completed in February. The presentation
notes that 14 authorization inspections have been completed (as of August 1,
2012), but does not say that any SSPs have been approved (the hoped for result
of an authorization inspection).
Oh yes, the current goal of completing Tier 1 inspections
has slipped again, from by the end of FY 2012 to “as soon as possible”. That is
certainly comforting.
SSP Lessons Learned
There is a nice slide about what SSPs should include. Here
is the complete list:
• More detailed descriptions of
security measures
• Information on all 18 Risk-Based
Performance Standards (RBPS) – if an RBPS is not applicable, state why the RBPS
does not apply
• Safety and environmental measures
that contribute to security, if appropriate
• Descriptions of planned measures
the facility has committed to implement
• Descriptions of proposed measures
on which the facility would like Department feedback
• Whether a security measure is
applied facility-wide or to a specific asset
Now most of these are addressed (certainly incompletely) in the
questions asked in the SSP submission tool. Either industry is not
competent to answer these questions as asked (I seriously doubt that that is
the case) or ISCD is not asking the right questions. So, I’ll ask again a real
simple question, why hasn’t ISCD re-written the SSP questions so that industry
can provide the required information? If it makes the questions more
complicated, so be it.
Miscellaneous Information
The last two information slide provide typical fluff
information about the program, including some web links. One of the slides does
mention that facilities can directly contact the local Commander (regional head
of Chemical Facility Inspectors) and notes that the contact information had
been made available in the ‘Conference booklet’. This would be some nice
information to have on the DHS web site.
Posts
No comments:
Post a Comment