|
by Jeff Moad, MA Editorial Staff   | Abstract: | New federal regulations are forcing chemical manufacturers to take a more comprehensive, risk-based approach to security. |
| Keywords: | risk-based approach to security |
What pieces of security and other information would be most important for your company to keep under lock and key and away from terrorists? Who in your plant is able to access this information, and what do you know about those people? Are your plant's protections against cyber-attacks and acts of sabotage adequate? Does your plant have processes in place to secure the shipping, receipt, and storage of materials?
Even in these hyper-security-minded times, these are questions that many manufacturers would be hard-pressed to answer. But managers at thousands of chemical plants in the United States are being required to do just that under a federal regulation that Congress passed in 2006 but is just starting to kick in.
The Chemical Facility Anti-Terrorism Standards (CFATS), part of the Department of Homeland Security Act of 2007, sets up a complex multi-step process intended to identify U.S. chemical facilities that could be targets of terrorist attacks and to make sure they have adequate security protections and processes in place.
While many large chemicals manufacturers are already well on their way to CFATS compliance, having voluntarily initiated security assessments soon after the terrorist attacks of Sept. 11, 2001, smaller manufacturers "will have more of a challenge because many haven't had the necessary business controls in place, and many have fewer resources to throw at the issue," says Tom Marriott, process industry leader at Deloitte.
But, in order to achieve CFATS compliance, it's likely that chemical manufacturers, large and small, will find themselves needing to implement a wide range of new systems, from product lifecycle management (PLM) applications for tracking product contents to human capital management (HCM) systems required to make sure that individuals accessing regulated information have the proper clearance and training.
One thing's for sure: A large number of chemical facilities are being touched by the CFATS regulations. An estimated 32,000 facilities that handle or store sufficient quantities of potentially dangerous chemicals, such as propane, chlorine, ammonium nitrate, and hydrogen peroxide, were required by the end of last year to submit basic information about their operations to the Department of Homeland Security (DHS).
Based on that screening, the DHS earlier this summer began notifying an estimated 7,000 facilities that they are considered "high risk" and must submit more detailed Security Vulnerability Assessments. The assessments require plant managers to detail their operations — from what methods they use to assess security risk to how they store and track potentially dangerous materials. The assessment form, for example, asks whether inventory measurement has been automated and how often measurement is done. Plants are required to submit those assessments between late September and late December.
The DHS will then place each high-risk facility in one of four risk categories, with escalating regulatory requirements. Facilities at the highest risk levels are then required to develop full site security plans that detail how they have addressed or will address 19 risk-based performance standards that touch on everything from how plants deal with cyber-security to how they store and protect records, guard against sabotage, and manage shipping, receipt, and storage of materials.
The DHS will then review and approve each plant's security plan. Chemical plants that fail to meet the CFATS requirements and deadlines will face fines of up to $25,000 per day and even possible shutdown by the DHS.
Page : 1 2 3 ... NEXT |