A reader from DHS alerted me to the fact the DHS has also
set up their guidance document web site
yesterday. While similar in effect to the EPA site that I
mentioned earlier today, there are some interesting differences. As with
the EPA site, the DHS site provides separate pages for the following DHS components:
The DHS landing page includes an interesting discussion
about what constitutes a ‘guidance document’. Unusually for a government agency
it looks like DHS has taken a very proactive and expansive look at both the
letter and intent of EO 13891. DHS has also taken the extra step of providing a
procedure (described on the page) for addressing citizen complaints or
questions about these guidance documents. Nice touch.
CISA Documents
The CISA Guidance page provides an interesting look at how
much work the Cybersecurity and Infrastructure Security Agency has done in
providing guidance to the private sector. There are two subdivisions on the
page; Chemical Security and Protected Critical Infrastructure Information
(PCII). The Chemical Security section lists a large number of documents from
the Chemical Facility Anti-Terrorism Standards (CFATS) program. Almost all of
them are listed on the CFATS
web site but are scattered across a number of different pages on that site.
There is only document listed in PCII section of the page,
the PCII Program Procedures Manual.
Interestingly, the main DHS cybersecurity agency has no
publicly available cybersecurity guidance publications.
CFATS Sodium Chlorate Exemption
There is one CFATS related document that I have never seen
before; Clarification
for Sodium Chlorate Contained in Specific Products. That document includes
a 2015 letter from Director Wulf {Director of the CISA Infrastructure Security
Compliance Division (ISCD)} that notes:
“It has come to our attention that,
due to their chemical composition, certain sodium chlorate mixtures may not
present the same hazards as pure sodium chlorate and that further review of the
issue is necessary.”
He then goes on to provide an indefinite exemption for
reporting the following products on Top Screens “further review of the issue”:
• Defol 5
• Defol 750
• Pramitol 5 PS
• BareSpot Monobor-Chlorate
• BareSpot Weed and Grass
• BareSpot Ureabor
• BareGround Ultra
I am going to look into this in a little more depth in a
future blog post.
TSA Documents
The TSA sub-site is a completely different format from the CISA
site; at DHS is agency has it’s own website generation folks with their own
unique styles. Instead of listing different agencies with TSA with separate
listing of guidance documents, TSA has opted for a search style organization that
has a pull-down menu for ‘Topics’. Selecting the ‘Surface’ topic results in 4
pages of documents, many of which should obviously also show up for other ‘Topics’.
Under the ‘Surface’ document listing I found “Counterterrorism
Guide (CT) Freight Railroad (FR)”. This document is marked ‘For Official
Use Only’ (FOUO). As such, it probably could have been left off of this site as
a Sensitive But Unclassified (SBU) document. The other interesting thing about
the document is that it is prominently marked as being privately (QUICKSERIES PUBLISHING)
copywrite protected.
The TSA does have a ‘Cybersecurity’ topic listed on their
search tool. That returns a single publication; “Counterterrorism
Guide (CT) Cybersecurity”. It is also marked FOUO and copywrite protected
by the same company.
No comments:
Post a Comment