This is part of a continuing series of blog posts on the
public comments submitted about the DHS 60-day ICR notice for the CFATS
Personnel Surety Program (PSP). The other post in the series is:
We are more than half way through the comment period on this
ICR notice and we only added one comment in the last week bringing the total to
three. I am surprised that there have been no comments to date from any
chemical companies, though I do expect that will change as we get closer to the
May 21st deadline for comments. We do have our first
corporate comment this week, however, from AGL Resources, a natural gas
distribution company.
AGL has three specific suggestions for improving the PSP
dealing with:
• Vendor PSP certification;
• Bulk data submissions to the PSP;
and
• Exemption from PII data sharing
rules.
The issue of dealing with vetting vendor employees will be
the area that will give high-risk chemical facilities the most problem with the
PSP. While facility security managers are certainly going want to restrict
vendor access to critical areas of the facility to the largest extent possible,
there is still going to be some unaccompanied access required for selected
vendors.
I don’t expect ISCD to get too specific about how this
should be handled; the §550 rule about specifying security measures hangs heavy
over their heads. Generally speaking, I would expect them to address this issue
in the ICR by stating that each facility will have to address the issue in
their site security plans which will be reviewed on an individual basis.
I really believe that the most effective way to handle this
issue for most facilities is that they would require such vendors to have a
TWIC that would be verified by a TWIC reader at some centralized location
(security company most likely) and then checked against an approved list at the
facility entrance. Larger facilities would be able to afford a TWIC reader at
the gate.
Which brings up an interesting question; how long before we
have a Tablet Application that scans IDs and compares them to a facility access
list?
Posts
No comments:
Post a Comment