Tomorrow it will be three months since the Chemical Facility Anti-Terrorism Standards (CFATS) program was officially closed by CISA after congress failed to renew the program authorization. Since July 28th, the 3,242 facilities (as of the last official accounting [removed from paywall]) covered by the program have continued to operate without facility security oversight by the federal government. Some facilities have continued to operate their security program as if no oversight was necessary, but others have reduced their security costs by eliminating procedures and processes that were no longer justifiable on a cost basis without the necessity of complying with the CFATS regulatory requirements. As industry and CISA have clamored for a restoration of the program authorization, there has been little discussion about what that restoration process would look like.
From a legislative perspective, the restoration could be a relatively easy matter of the Senate taking up HR 4470 [removed from paywall] and passing that bill. That would change the program sunset date to July 27th, 2025, and the program would be up and running again. Except…. CISA would have to figure out how to deal with determining which facilities were still in compliance with their negotiated site security plans, what changes to site security plans that have been made were acceptable, and establishing a re-compliance process for facilities with unacceptable changes to their site security plans. It could easily be argued that those CFATS processes would need to be established by a change in regulations which could take years to establish under the normal regulatory processes. We could easily reach a point where the effective date of the revised regulations would occur after the revised sunset date.
Since Congress was responsible (due to its failure to act in
a timely manner in changing the sunset date for the program) for the closing of
the CFATS program, they ought to do the heavy lifting of restoring the program.
This could be done by including in the restoration legislation directions for
CISA to follow in restarting the program. CISA would then be authorized to
implement those clearly stated requirement in a direct final rule, which could
be accomplished within weeks instead of years if CISA had to craft the rules
from scratch.
For a look at what legislation should look like, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/cfats-restoration-legislation
- subscription required.
No comments:
Post a Comment