Chemical Facility Anti-Terrorism Standards T. Ted Cromwell Sr. Director, Security and NJ ELG Operations Meeting
Today s Presentation ACC Action Major Rule Components Select Risk-Based Performance Standards Restrict Perimeter and Screen Access Secure Site Assets Recordkeeping/Reporting Training/Drills Personnel Surety 2
Action to Date ACC members have invested over $6 billion since 9/11 to enhance security through the Responsible Care Security Code (RCSC) which is mandatory for all of our members We represent over 90% of the U.S. chemical manufacturing capacity at approximately 2040 facilities nationwide Over 60% of ACC members are small business and yet regardless of facility size and chemicals used or produced, all ACC members have implemented the Security Code 3
Chemical Facility Anti-Terrorism Standards DHS Rule Components Appendix A list of chemicals and thresholds used by DHS to conduct a rough screen and prioritize sites Over 40,000 sites evaluated some still trickling in Assess for theft/diversion, sabotage, offsite consequence and economic criticality Over 7,000 sites were preliminarily deemed high risk. They must complete a vulnerability assessment Chemical Security Assessment Tool (CSAT) for tiers 1 3 and other approved methods (RCSC) for tier 4. 4
Chemical Facility Anti-Terrorism Standards 18 Risk-Based Performance Standards (RBPS) apply in whole or in part based upon vulnerabilities identified sites then select the appropriate combination of metrics based upon case-by-case analysis Site Security Plans (SSP) DHS reviews and approves SSPs which will codify the performance metrics and CSAT results once approved the site must implement the measures Enforcement includes $25,000 fines and potential facility shutdown for non-compliance Rule sunsets on October 1, 2009 5
Chemical Facility Anti-Terrorism Standards DHS rule components for high risk sites Restrict Area Perimeter Secure Site Assets Screen and Control Access Detect, Deter and Delay Shipping, Receipt and Storage Theft and Diversion Sabotage Cyber Security Response Monitoring Training Personnel Surety Elevated Threats Specific Threats Reporting Incidents Significant event response Designating Officials Recordkeeping 6
RBPS 1 Restrict Area Perimeter RBPS 2 Secure Site Assets #1 Secure and monitor the perimeter of the facility #2 Secure and monitor restricted areas or potentially critical targets within the facility Similar goals to minimize the likelihood of a successful and/or undetected penetration of the facility s perimeter and critical assets On foot or in vehicle By force, stealth, or deception Two fundamental aspects: Secure - Physically limiting accessibility to the facility/asset Monitor - Maintaining domain awareness of the perimeter/asset, including the areas immediately beyond the perimeter (the buffer zone ) 7
RBPS 1 & 2 Measures Four major categories include: Human Barriers fences, gates, guards, patrols Vehicle Barriers bollards, ditches, jersey walls Standoff distance buffer zones around the facility or key asset green areas, distance to receptor Monitoring/Surveillance video, IDS, lighting Layered security which combines these features will most often be needed to meet the requirements 8
Restricting Access? 9
RBPS 3 - Screen and Control Access Control access to the facility and to restricted areas within the facility by screening and/or inspecting individuals and vehicles as they enter: Measures to deter the unauthorized introduction of dangerous substances and devices that may facilitate an attack, or actions having serious negative consequences Measures implementing a regularly updated identification system that checks the ID of facility personnel, contractors and others seeking access 10
Five major categories include: RBPS 3 Measures Personnel ID photo ID checks, employee and contractor badges, biometrics Hand carried items inspections visual, ex-ray metal detectors Control point measures traffic calming, vehicle barriers, restrict access points, gates turnstiles, access control systems Vehicle ID and inspection visual, explosive detection, cargo inspection systems Parking security limit parking within secure areas, parking permits, gates, access 11
RBPS 11 Training Ensure proper security training, exercises and drills of facility personnel Measures to increase employee awareness, identification and response to suspicious behavior, unauthorized access etc. Develop and implement programs on a regular basis Include local first responders Document type, frequency etc. of programs for DHS inspector verification 12
RBPS 12 Personnel Surety Perform appropriate background checks on and ensure apporpriate credentials for facility personnel, and as appropriate, for unescorted visitors with access to restricted areas or critical assets: Verify and validate identity Check criminal history Verify and validate legal authorization to work Identify those with terrorist ties Submit certain information for DHS/FBI to complete analysis Contractors and anyone else gaining access to restricted areas will need to meet these requirements 13
RBPS 12 Personnel Surety Who Needs an Appropriate Background Check? All individuals who have unescorted access to critical or restricted areas or assets Current employees YES New employees YES Contractors YES Transport drivers YES Visitors -YES 14
RBPS 18 Recordkeeping CFATS has specific requirements for records at 6 CFR 27.255 Facilities must maintain 3 years of records for: Training, drills and exercises Security threats, incidents and breaches Maintenance, calibration and testing of security equipment Letters of DHS authorization and approval Documentation of audit and inspection results Six years of records are required for: Submitted top-screens, SVAs and SSPs All related correspondence with DHS Stored appropriately and available to DHS on request 15
Outlook Congressional activity will be significant in 2009 Implementation of the CFATS rule (including capital outlays) continues to ramp up through 2009 and 2010 Expectations for DHS to expand voluntary initiatives targeting facilities not subject to the rule are moving parallel to CFATS DHS working to close potential security gaps with TSA, Coast Guard and others throughout the chemical supply chain 16
Thank You! T. Ted Cromwell ted_cromwell@americanchemistry.com 703-741-5246 www.americanchemistry.com http://www.americanchemistry.com/s_rctoolkit/index.asp 17