Wednesday, September 16, 2020

CISA Changes Policy on Dating Web Pages

 Up until yesterday the CISA web pages for the Chemical Facility Anti-Terrorism Standards (CFATS) all carried ‘last published’ date information near the top of the page. Yesterday that information was removed from the CFATS web site pages.

The landing page for the CFATS program was last previously changed on September 14th, 2020. On that date the following information was included just below the page title:

“Original release date: July 06, 2009 | Last revised: September 14, 2020”

That information was removed from the page yesterday.

Now CISA ‘owns’ their web site and can put whatever information they want on their pages, presumably so long as the sites are factually correct. And this ‘dating’ information has come and gone on the CFATS web site frequently. So why this complaint?

The CFATS web site provides information to the general public and the regulated public about the CFATS program. It explains the ins and outs of the CFATS regulations and describes changes that are both being considered for the program and those that have been made. When changes are made to the web pages, they reflect changes in the program that people should be aware of.

Unfortunately, CISA does an absolutely awful job of announcing or explaining changes to their web site. For example, the change to the landing page that was made on September 14th, was the removal of the Twitter® handle for Brian Harrel (@CISAHarrell) in the second paragraph of the page. This was done because Harrell is no longer part of CISA, having returned to the private sector. Fortunately, with the change in the ‘last revised’ date, I was able to go back and compare the previous version of the page and find out what changed.

With 45 separate pages being currently listed on the CISA ‘site map’ as being associated with ‘Chemical Security’ there is no way that the average person (or even a CFATS geek like me) can keep up with each page by inspection to see when data changes. Changes to the ‘last revised’ date provides a tool that can be used to make that ‘inspection’ easier.

I really think that CISA owes it to the regulated community to provide an announcement when changes are made to the site (probably on the CFATS Knowledge Center, which, BTW, is not listed on the CISA site map since it is independently maintained by the Infrastructure Security Compliance Division). Lacking that, a return to including date of change information on each page should be the minimum standard that CISA uses for web site maintenance.

No comments:

/* Use this with templates/template-twocol.html */