The Next CFATS Update

Here it is the last day of March already and I expect that we will be seeing the next CFATS update publication from the good folks at the Infrastructure Security Compliance Division (ISCD) in the next week. I have been reporting on these updates since they were first published almost two years ago. What I would like to do today is put in my request for what I think should be included.

First off I want to say that ISCD is to be congratulated on making the effort to share this valuable information with the regulated community. They are under no legal obligation to do so which makes this doubly impressive. Please keep them coming.

Having said that, even good things can be improved. Let’s start with the data; there are two types of data that should be included in the monthly report:

Compliance inspections – With over half of the facilities now having authorized site security plans and having started the compliance inspection process on those facilities that have had approved site security plans for over a year, it is time for ISCD to start providing statistics on compliance inspections; the number of compliance inspections completed, the number of compliance inspections passed.

Facilities no longer covered by CFATS – ISCD has been reporting a declining number of facilities covered by the CFATS program and this is probably a good thing. It would be nice however to know more about how that is happening. ISCD could report the number of facilities that have gone out of business, the number that have reduced inventories to below the Screening Threshold Quantities and the number that have removed the DHS chemicals of interest from the facility.

Starting sometime in the near future ISCD is going to have to start talking about its implementation plan for the new CFATS requirements imposed by the passage of HR 4007 last year. The deadline for the publication of the expedited facility security plan certification process is fast approaching for example. It would be nice if ISCD were to explain its plan for implementing that process.

The current (dead in the water) proposal for the personnel surety program was finally killed by the provisions of HR 4007. It would be helpful if ISCD publicly acknowledged that and withdrew the current information collection request. A brief description of the plan for implementing the HR 4007 personnel surety requirements would also be helpful.

ISCD has tried to establish a reputation for communication with the regulated community. The CFATS Update is one good example of that effort. Expanding that effort to cover the implementation of the HR 4007 requirements would be very helpful.