Well the last working day of September 2007 has come and gone. If the DHS website it to be believed, the notifications have gone out to the first chemical plants to complete Security Vulnerability Assessments (SVA). According to the latest data publicly available, Congressional Testimony on July 24th, there are at least 194 facilities that have completed their Top Screen process and could be determined to be at high risk for terrorist attack and thus required to complete an SVA. For many reasons DHS is being spectacularly uncommunicative about the progress of implementation of the CFATS regulations.
One thing we do know is that on their public web site, where they have posted extensive documentation on CATS registration, CVI requirements, and Top Screen completion, there are no instructions about how to complete the SVA, other than the general comments on the FAQ page. Now this is either because DHS is restricting access to these instructions (a possibility) or there are no instructions available (more likely). In either case, DHS is doing little to make the critics or supporters of CFATS feel good about the pace of implementation.
While I understand that a certain amount of secrecy and discretion is required in the implementation of any security program, DHS is providing too much ammunition to its critics, especially those that accuse DHS, and the Bush Administration in general, of collusion with industry. These are the people that are in favor of nationwide implementation of New Jersey like regulations that favor elimination of all hazardous chemicals and public disclosure of all security plans. If the current management of DHS wants to be forced to implement these types of regulations, then they need to do nothing more than continue on their current course of obfuscation and foot dragging.
DHS needs to be more forth coming in its implementation of CFATS. There needs to be a public acknowledgement about the numbers of facilities that have completed the Top Screen and the relative number that have been declared high risk facilities. If there have been any facilities that have been less than cooperative on completing the Top Screen requirements, that number should also be disclosed. The date of official notification to complete the SVA for the first set of high risk facilities should also be disclosed. No one should expect DHS to disclose names or even general location of facilities, but there is no security justification for not disclosing numbers at this point.
Finally, DHS needs to be more publicly forthcoming about the reasons behind the delays in announcing the final version of Appendix A, DHS Chemicals of Concern. The vast majority of chemical facilities in the United States are not going to join CFATS implementation until they are required to do so and are waiting for the final version of Appendix A to provide the necessary notification. The chemical industry and the public deserve to know why DHS is dragging its feet in publishing this crucial document.