This is part of a continuing series of blog posts about the
CFATS Personnel Surety Program that was described in a 60-day information
collection request (ICR) notice in Friday’s Federal Register. This post will
look at how TWIC Readers could be used in PSP. The earlier posts in the series
are listed below.
Many high-risk chemical facilities covered by CFATS share a
significant work force, corporate and contract, with MTSA covered facilities.
Additionally transportation workers (truck drivers and railroad personnel) may
make up a significant number of the ‘visitors’ that a site might expect to
extend some level of unescorted access to critical areas of the facility. As a
result there was a major level of vocal concern with the original CFATS PSP
proposal because it did not provide an easy option for facilities to take
advantage of the fact that TWIC holders had already been vetted against the
Terrorist Screening Database (TSDB). The new ICR notice specifically addresses
this concern providing for the use of TWIC Readers as one of the vetting
alternatives specifically available to facility security managers.
TWIC Reader
Requirements
The ICR notice does not provide any specific guidance on how
the TWIC Readers would be used at a high-risk chemical facility. This is not
surprising given the §550 prohibition against requiring any specific security
measure for the approval of a facility’s SSP. The notice provides
the following guidance:
“High-risk chemical facilities
could propose, in their SSPs or ASPs, to share the costs of TWIC readers and
any associated infrastructure at central locations, or high-risk chemical
facilities could propose to purchase and install TWIC readers for their own
use. The Department will assess the adequacy of such proposals on a
facility-by-facility basis, in the course of evaluating each facility's SSP or
ASP.”
TWIC Reader at the
Gates
The classic implementation of the TWIC Reader would be to
install readers at a gate to allow security personnel to automate the
verification of identity and appropriate vetting against the TSDB. This is the
type of use expected to be employed at high-risk MTSA facilities where all
personnel with unescorted access to the covered facilities or vessels are
required to have a TWIC.
If TWIC Readers were to be used for vetting all personnel
entering a facility for unescorted access each time they entered the facility,
this would be a significant extension of the vetting requirements outline in
the other two vetting options provided in this ICR notice as personnel would
effectively be vetted against the TSDB every time the TWIC Reader updated its
access to the Canceled Card List (CCL).
For facilities that have a large number of recurring
visitors that are to be given even some limited amount of unescorted access to
the facility, truck drivers and delivery personnel for instance, this could
simplify the vetting requirements for these personnel by simply requiring that
they possess a TWIC and then validating that TWIC with a TWIC Reader each time
they access the facility.
TWIC Reader at
Personnel Processing Center
The other option suggested in this ICR notice is the use of
the TWIC Reader at a shared central location. The most obvious example of this
would be to have a TWIC Reader at the Corporate Human Resources Department
where an individual’s TWIC would be validated as part of the corporate hiring
process. One would suppose that ISCD would prefer to see some sort of periodic
revalidation of the TWIC outlined in the SSP since they intend to do periodic
rechecks against the TSDB for personnel whom facilities submit information
under the PSP.
Because of the high-cost of TWIC Readers (this notice suggests
that the annualized three year cost of a TWIC reader and its upkeep at
$99,953.33 per reader) smaller facilities, or facilities separated from
corporate HR might wish to contract out the TWIC Reader validation to a
third-party such as a back-ground check vendor or security contractor. Again
one would suppose that there should be some sort of periodic revalidation of
those checks outlined in the facility SSP.
ISCD TWIC
Expectations
ISCD clearly does not expect very many facilities to avail
themselves of the TWIC Reader option for personnel vetting. According to Table 22 in the notice
they only expect that four facilities will install TWIC Readers as part of
their PSP, three at Tier 2 theft/diversion facilities and one at a Tier 2 Group
C (distribution type facility) facility. They base that on the number of
facilities that share MTSA and CFATS status. This would be the type facility
that would already be intending to use the TWIC Reader because of the impending
requirements under the recently published TWIC
Reader NPRM.
Does this mean that only those facilities will be allowed to
use TWIC Readers as part of their PSP? I don’t think so. These are clearly
facilities that would be expected to find the use of TWIC Readers to be most
valuable since they will already be in use at certain entrances (MTSA covered
areas of the facility) and virtually all personnel will already be required to
possess a TWIC. But, ISCD clearly expects that the cost of the TWIC Reader will
be a disincentive for its general use at facilities that are not already
required to implement use of the TWIC for facility access.
Posts
No comments:
Post a Comment