ISCD Publishes CFATS Quarterly

Yesterday the DHS Infrastructure Security Compliance Division (ISCD) published the latest version of their Chemical Facility Anti-Terrorism Standards (CFATS) Quarterly. According to the ‘Latest News Entry” on the CFATS Knowledge Center: “This issue highlights the CSAT 2.0 SVA/SSP surveys, cybersecurity, an update on new Chiefs of Regulatory Compliance, new resources and materials, as well as the 2017 Chemical Sector Security Summit.”

SVA/SSP Surveys

This brief article lists some new questions that facilities will have to answer when they first complete the CSAT 2.0 SVA/SSP. This list is a little different from the one that initially appeared on the SVA/SSP web site right after the CSAT 2.0 tool was introduced. The new list includes:

• Q3.10.050 Personnel Presence

• Q3.10.400 through Q3.10.420 Inventory Controls

• Q3.40.400 through Q3.40.430 Cyber Control and Business Systems (new)

• Q3.50.320 Personnel Surety, Types of Affected Individuals (new)

• Q3.50.710 Recordkeeping Affirmation (new)

Regulatory Compliance Managers

ISCD now has Regulatory Compliance Managers serving in each of its regional offices. The brief article notes that: “In addition to managing CFATS regional operations, CRCs will lead our regional efforts to coordinate with other federal, state, and local representatives and spearhead regional CFATS-related outreach and engagement.” The list of Compliance Managers includes contact information.

Commentary

It is interesting to compare this CFATS Quarterly to the recently published ICS-CERT Monitor. While both documents are used by the parent organization to share information about their programs with the affected public, the two publications are significantly different. The Monitor has the look and feel of a corporate annual report with a similar lack of useful information. The Quarterly is not nearly as sophisticated in its presentation, but it provides more useful information. That is especially important in a regulatory organization.