This is part of a series of blog posts looking at the potential for the authorization of CISA’s existing ChemLock program and using it as a voluntary replacement for the now defunct Chemical Facility Anti-Terrorism Standards (CFATS) program. Other posts in this series include:
Making
ChemLock Safety Act Compliant – ChemLock Program Background,
ChemLock and
Tiering, and
Reader Comment – TSDB Screening for ChemLock.
NOTE: Previous articles in this series have been removed from the CFSN Detailed Analysis paywall.
TSDB Screening
One of the more controversial elements of the CFATS program was the personnel surety process. Part of the risk based performance standards outlined in 6 CFR 27.230, DHS required facilities to perform “appropriate background checks on and ensure appropriate credentials for facility personnel, and as appropriate, for unescorted visitors with access to restricted areas or critical assets”. Three of the four requirements under this paragraph {§27.230(a)(12)} are relatively standard background checks performed by many businesses. The fourth requirement {§27.230(a)(12)(iv)} was more problematic: “Measures designed to identify people with terrorist ties”.
The only relatively comprehensive data base that could be used to satisfy that requirement is the Terrorist Screening Database (TSDB) maintained by the Transportation Security Administration (TSA). Unfortunately for the CFATS program, employers do not have access to the TSDB, even for the purposes of vetting employees at designated high-risk facilities.
ChemLock and Screening
There is currently no process within CISA’s voluntary chemical security program, ChemLock, that facilities could be used to conduct a similar TSDB screening process. One of the main reasons for this is that Congress needs to specifically authorize non-governmental use of the TSDB since much of the information included in the database comes from classified sources.
As part of the congressional authorization of the ChemLock program that I am advocating for here, Congress should include in that authorization the authority for CISA to process data from chemical facilities for screening against the TSDB. Since the ChemLock program is voluntary (and will have to remain that way if there is any chance for it to be authorized in the current congressional climate) the screening of employees for terrorist ties would also have to remain voluntary.
Having said that, as part of the Safety Act (6
USC 441 et seq) tie-in that I am arguing for here, facilities that are
attempting to get Security Act certification from CISA would have to conduct
TSDB vetting as part of the pre-requisite for that certification. Who would
have to be vetted would be directly tied to the Tier ranking that I discussed
in a previous post. Facilities would be allowed to identify specific chemical
security zones within the facility, and anyone being authorized unaccompanied
access to those zones would be required to have been vetted through the TSDB. Facilities
identified as being at a Tier 5 (the lowest threat level, not previously
covered by the CFATS program) would only be authorized to vet a limited number
of people in critical positions described in their site security plan.
For more information on the TSDB screening issue, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/chemlock-and-tsdb-screening
- subscription required.
Posts
No comments:
Post a Comment