Wednesday, March 9, 2016

PSP User Manual – Miscellaneous

This is part of an on-going series of blog posts about the new Chemical Facility Anti-Terrorism Standards (CFATS) personnel surety plan (PSP) User Manual. This manual sets forth the instructions for using the new PSP tool in the on-line Chemical Security Assessment Tool (CSAT). Other blogs in this series include:

Initial Access to PSP Tool

The Authorizer for the facility will be provided initial access to the PSP Tool once ISCD has either authorized or approved a site security plan that includes provisions for meeting the requirements of 6 CFR 27.230(a)(12)(iv). Most facilities with authorized or approved site security plans were initially approved with a condition that they would have to revise that SSP once ISCD had put processes in place for the vetting of facility personnel and unaccompanied visitors against the Terrorist Screening Database (TSDB).

So once facilities have revised their SSPs and those revised SSPs have been approved, the PSP tool will be opened for the Authorizer. Presumably all SSPs authorized and/or approved in the future will include PSP provisions so the PSP tool will be opened when the SSP is authorized or approved. Remember, facilities that used the Enhanced Approval Process did not have to go through the authorization process.

Option 3 and Option 4 Procedures

Facilities that opt to use only Option 3 (Electronically Verified TWIC) and/or Option 4 (Other DHS Vetted IDs as Flash Passes) procedures are not required to submit information on those personnel thru the PSP Tool, so access to the tool will not be provided to those facilities. For facilities that use a combination of validations process that do require access to the PSP Tool will not need to enter information on personnel vetted under Options 3 or 4.

The PSP User Manual does not include any instructions on how to implement Options 3 or 4.

Bulk Uploads

As promised by ISCD provisions have been made to allow facilities to submit lists of names under Option 1 or Option 2 via spread sheet. This is done to both reduce the time on-line and to provide an easier means for personnel to do error checking before the data is submitted to the CSAT tool. Templates (in either .XLS or .XLSX formats) can be downloaded from the respective Option 1 or Option 2 ‘Affected Individuals’ tab on the PSP tool.

There is no mention of a minimum number of personnel that have to be listed on the template to use the bulk upload procedures. It looks like that even for just a couple of entries, it might be easier to use the bulk upload technique than by inputting the information by hand.

Data Validation

Appendix B in the User Manual provides detailed descriptions and data validation requirements for each of the data elements that will be submitted. If you are using the Bulk Upload technique described above, the data validation requirements should already be part of that formatting of the templates.

Even if you are not going to be using the bulk upload technique, it might come in handy to download those templates for data collection purposes. That way the Submitter should not have to worry about data validation issues when inputting the information into the PSP tool. In fact, those templates could be used to cut and paste information into the tool if they are not going to be used for bulk uploads.

No Longer Has Access

ISCD has included a data field in the Option 1 and Option 2 data submission to allow a facility to notify ISCD when an individual no longer has access to the covered facility. Congress specifically forbade {6 USC 622(d)(2)(i)} ISCD from requiring facilities to make a second data submission on any covered individual. Having said that ISCD is encouraging facilities to submit this information as it allows ISCD to stop completing periodic verifications of TSDB status (actually lack thereof) for Option 1 individuals or continuing to periodically verifying the ID status of Option 2 individuals when those individuals who are no longer covered by the program.

ISCD did make clear in their December Federal Register notice that individuals that have left a facility where no notification to DHS has been made of their no longer being covered individuals may seek Privacy Act redress to get their names removed from the PSP Tool.

Manage Alerts

There is a tab on the PSP Tool labeled ‘Manage Alerts’. This allows the facility to select if it will receive email alerts from the system about individual status in the PSP process or if the facility will just be alerted when they sign on to the tool. Unfortunately, this has nothing to do about the facility being notified if an individual whose data was submitted to the PSP appears on the TSDB; those notifications may be handled by law enforcement or DHS at the discretion of the Department of Justice.

The alerts provided in the PSP tool are limited to:

• Record – Submitted: (Option 1 and 2)
• Record – Verified: (Option 2)
• Record – Not Verified: (Option 2)
• Record – No Longer Verified: (Option 2)
• Record – Verification Pending: (Option 2)

The ‘Not Verified’ and ‘No Longer Verified’ alerts will require the facility to take actions that were outlined in the revised SSP.

No comments:

/* Use this with templates/template-twocol.html */