As we know, CFATS recommends three levels of training:

Training for the FSO or Site Security Officer (DHS uses both terms in different document sets).

Training for “Others with Security Responsibilities”.

Awareness training for all employees.

Our company has trained over 50 FSOs under both CFATS and the MTSA using online training.  We have learned that we must structure this training in such a way as to guarantee that the attendees really pay attention and participate.  So, we will only do distance learning or online training if the attendees are assembled in the client’s conference room with a supervisor acting as a monitor.  This ensures they are engaged and not doing email, other work, or even leaving their cubes for periods of time.  We will only certify the training and provide the Certificate  to the individual if the online session is monitored.

The real test of training quality will be done by an inspector on site, randomly picking a person and asking a fundamental security plan question.  We have seen this done to test the training during DHS inspections of our clients.  In the maritime context, the Coast Guard will stop an employee and ask them to explain the MARSEC Level definitions.  At CFATS facilities they may ask questions about CVI protections, and escorting in restricted areas.  They may ask an employee to explain how terrorists circumvent security.

Most of the online training we have looked out does not adequately cover the topics recommended in the RBPS Guidance Manual and I believe in the future we will see much more rigorous training requirements coming from DHS, including a process to certify the courses instructors.

I believe the house bill, HR2868, actually would require eight hours of annual training for the first two categories.