Category Archives: FSO

Preparing for a CFATS Compliance Inspection

Many companies aren’t prepared when they receive a letter from the DHS Infrastructure Security Compliance Division (ISCD) notifying them of an upcoming facility Compliance Inspection (CI). You might have documents that are out of date, or you may be missing the necessary forms. If left unchecked, you could be forced to waste time and money in enforcing corrective actions. When it comes to advising our clients to be prepared, these are the top three tips we give them for a successful CFATS Compliance Inspection.

Review Your Documents

When you receive a notice from DHS about an upcoming inspection, this is always a good time to review your security plan and required documents to make sure that you have everything in order. Also, this is a good time to verify that you have conducted the required drills and/or exercises, and an annual audit of the security plan.

Training Moment

Training is very important for facility personnel and this is a good opportunity to make sure all your training is up to date and to have a general discussion regarding security of the facility. The training can focus on topics that will most likely be covered during the inspection; including access control, monitoring, screening, security personnel (who is the FSO, Alt. FSO?), NTAS security measures, etc.

 Organize

One thing that we recommend and develop for majority of our clients is to have a single security plan binder with all relevant documents and forms. This is a perfect, centralized place to store and secure all the forms and documents that the inspectors will want to review during the inspection. We have had great success with these binders for all of our regulated clients; CFATS, MTSA, TSA, DOT, etc. As we tell our clients, it is best to get the inspectors the requested material in a timely fashion and get the inspection over with as quickly as possible.

Recently one of our clients had a Compliance Inspection that they passed without any issues, “We went through our security plan book while the inspector was here and we were complimented on how all the files were in one book and not in different locations.  We didn’t spend much time with it, because everything was in the binder that they had questions about.”

Let us know if we can help you prepare for your CFATS Compliance Inspection and develop a security binder for you and help you succeed with your inspections.

To read about what to expect from a CFATS CI, click here.

TSA Begins Issuing New TWIC Cards

The Transportation Security Administration (TSA) began issuing the new TWIC NexGen cards on July 10, 2018. The new cards incorporate enhanced security features (click here to read more).

Details about the new TWIC NexGen card:

  • Current TWIC card holders do not need to replace a valid TWIC card with the new TWIC card design.
  • Regulated entities that require TWIC for access will accept and recognize both the current and new TWIC designs until the card’s expiration.
  • The new card design is compatible with qualified TWIC readers.
  • To deter alteration of the card’s expiration date, the new card includes a color-coded expiration date box that will update on an annual basis.
  • The fee for the newly re-designed TWIC card remains unchanged ($125.25) and the credential is valid for five years.

Click here to read more about the TWIC NexGen cards.

Click here for a TWIC NexGen Authentication Guide

New Coast Guard Facility Inspection Form

Effective immediately, USCG facility inspectors are going to start using a new form for facility inspections. The new form, CG-835F, replaces CG-Form 835, “Vessel/Facility Inspection Requirements”. CG-835F is specifically formatted for facility inspections. There are no major changes to the new form or the information collected during the inspection.

Facility owners and operators may start seeing Coast Guard facility inspectors using the new form immediately, but some inspectors may still use the older CG-835 form during the transition.

Click here for a link to the new CG-385F form.

TWIC Reader Delay for Certain Facilities

The Coast Guard has proposed to delay the effective date for implementation of TWIC Readers for certain facilities. The proposed delay is for two categories of facilities:

  • Facilities that handle certain dangerous cargoes in bulk, but do not transfer these cargoes to or from a vessel, and;
  • Facilities that receive vessels carrying certain dangerous cargoes in bulk, but do not, during that vessel-to-facility interface, transfer these bulk cargoes to or from those vessels.

The Coast Guard proposes delaying the effective date for these two categories of facilities by 3 years, until August 23, 2021.

Other vessels and facilities, including facilities that receive large passenger vessels and facilities regulated under 33 CFR 105.295 that handle certain dangerous cargoes in bulk and transfer it to or from a vessel, would be required to comply with the final rule by August 23, 2018.

Click here for the Notice of Proposed Rulemaking.

Click here and here for additional information regarding the TWIC Reader Rule.

2018 Port Security Grant Program Posted

Yesterday, the Department of Homeland Security and FEMA posted the 2018 Port Security Grant Notice of Funding Opportunity (NOFO).  Federal allocation this year is $100 million, more than last year.  However, for private, for profit companies, the federal match is 50/50 vs the 25%/75% if last year.  Which means, that if a recipient applies for $100,000 in funding for an appropriate security project, DHS will award $50,000 and the company receiving the award will need to provide $50,000 in matching funds.

That may make the grants program less attractive for many companies; however, it is logical that fewer will apply, so the chances of winning an award may be better than last year.

The deadline for filing applications is June 20th – we have less than 30 days.

In the last few years, Don Greenwood & Associates Inc. has help clients write and submit ten grant applications and have won awards for eight of the ten, including the largest award given to a private company in 2016 – just under $1 million dollars.  Writing successful grant applications depends on the consultant’s ability to draft a persuasive argument that the facility in question needs the award to support the goals of the larger community, the Area Maritime Committee, as well as the submitting company and port facility.

Contact us at 281-435-2339 or don@greenwoodsecurity.com for more information.

TWIC NexGen Card

TSA plans to implement a new TWIC card, TWIC NexGen, in fiscal year 2018.

The TWIC NexGen updates are focused on enhancing the card functionality, new security features of the card, changes to the Technology Infrastructure Modernization (TIM) system.

Click here for TWIC Authentication Features.

TWIC Authentication & Identification

Based on the requirements of each facility/vessel and specific threat levels, TWIC is designed to be used in various Access Control Systems at different levels of security.

  • Static Identification –
    • Proximity card – Contact or Contactless Card Reader
    • Identify card using Cardholder Unique Identifier (CHUID).
      • Federal Agency Smart Credential Number (FASC-N) may be checked against the TWIC Canceled Card List (CCL).
  • Crytographic Authentication
    • TWIC PIN authentication
    • No biometric authentication
  • Biometric Identification
    • Biometric authentication
    • No card authentication
  • Combined Authentication – 2 Factor Authentication
    • Biometric authentication
    • Card authentication
    • FASC-N verified against CCL

USCG/TSA is also currently developing a mobile app to verify TWIC cards. The app will be capable of verifying the Credential Identification Number (CIN) printed on the TWIC against the CCL.

Status of TWIC Reader Final Rule

The status of TWIC Final Reader Ruling was brought up at the recent AMSC meeting held on January 10, 2018, at the St. Charles EOC, by several members of the maritime community. The concern was referencing information being circulated, verbally, in the maritime community that this ruling was being delayed or changed. We advised the maritime community members that the Coast Guard would research the TWIC Final Reader Ruling from August 23, 2016 to determine it’s true status and effective date.

Coast Guard Sector New Orleans Facility Division contacted Coast Guard Headquarters to obtain the most up to date information on this ruling which is listed below.

CG Headquarters (CG-FAC) continues to work with DHS to address concerns with the TWIC Reader Rule that were detailed in the petition filed under Docket # USCG-2017-0447-0003. Options being considered to clarify/correct the reader rule are: Delay of the current TWIC Reader Rule, a reader rule amendment, a new regulation, and clarification through policy. Each option requires time to process, review, approve, gain clearance, and finally publish. Once a way forward is determined and approved, the Coast Guard anticipates to respond to the petition at that time.

Note; if no change to the rule is made and the rule is implemented on Aug 23, 2018, Coast Guard will evaluate each facility to which the rule applies and will work with each facility operator to ensure implementation while striving to minimize impact to the facility.

Thanks Lester J. Millet (MSOC Port of South Louisiana) and Mike Sawyer (USCG Sector N.O./Port Security Specialist) for this update.

3 Tips for a Successful USCG Inspection

Many companies aren’t prepared when they receive a letter from the U.S. Coast Guard notifying them of an upcoming facility security inspection. You might have documents that are out of date, or you may be missing the necessary forms. If left unchecked, you could be forced to waste time and money in enforcing corrective actions. When it comes to advising our clients to be prepared, these are the top three tips we give them for a successful USCG Inspection.

Review Your Documents

When you receive a notice from the USCG about an upcoming inspection, this is always a good time to review your FSP and required documents to make sure that you have everything in order. Also, this is a good time to verify that you have conducted the required quarterly drills, annual exercise, and annual audit of the FSP.

Training Moment

Training is very important for facility personnel and this is a good opportunity to make sure all your training is up to date and to have a general discussion regarding security of the facility. The training can focus on topics that will most likely be covered during the inspection; including TWIC, screening, security personnel (who is the FSO, Alt. FSO?), MARSEC security measures, etc.

Organize

One thing that we recommend and develop for majority of our clients is to have a single security plan binder with all relevant documents and forms. This is a perfect, centralized place to store and secure all the forms and documents that the USCG will want to review during the inspection. We have had great success with these binders for all of our regulated clients; MTSA, CFATS, TSA, DOT, etc. As we tell our clients, it is best to get the inspectors the requested material in a timely fashion and get the inspection over with as quickly as possible.

Recently one of our clients had a US Coast Guard inspection that they passed without any issues, “We went through our MARSEC book while the USCG was here and we were complimented on how all the files for MARSEC were in one book and not in different locations.  We didn’t spend much time with it, because everything was in the binder that they had questions about. “

Let us know if we can help you prepare for USCG Security Inspection and develop a security binder for you and help you succeed with your inspections.

CFATS Quarterly Update

Recently DHS released their Fall Quarterly Update providing more detail on the implementation of the CFATS program.

CFATS Update

As of September 1, 2017, CFATS covers 3,478 facilities. DHS has completed more than 2,700 Compliance Inspections (to read more about Compliance Inspections, click here). Since launching CSAT 2.0 a year ago, DHS has received more than 25,000 CSAT Top Screens. DHS is continuing to issue tiering letters to facilities as their Top Screens are received and reviewed.

You can read more about CSAT 2.0 here.

SVA/SSP Questions

One topic discussed in the update in the new questions that facilities will need to answer when submitting a new or revised SVA/SSP.

When submitting the SSP, the new questions facilities will need to address include:

  • Q3.10.050 Personnel Presence
  • Q3.10.400 through Q3.10.420 Inventory Controls
  • Q3.40.400 through Q3.40.430 Cyber Control and Business Systems
  • Q3.50.320 Personnel Surety, Types of Affected Individuals
  • Q3.50.710 Recordkeeping Affirmation

In addition to these new SSP question, facilities are asked to select whether a certain detection and delay security measure applies to perimeter and/or critical assets. The following SSP questions should be reviewed to ensure the location(s) are correctly associated with the security measures applied:

  • Q3.10.070 Mobile Patrols
  • Q3.10.120 Intrusion Detection Systems
  • Q3.10.180 through Q3.10.230 Intrusion Detection Sensors
  • Q3.10.290 and Q3.10.310 Closed Circuit Television
  • Q3.20.030 through Q3.20.160 Perimeter Security
  • Q3.20.430 and Q3.20.440 Access Control Systems
  • Q3.20.560 Anti-Vehicle Measures

Personnel Surety Program (PSP)

Tier 1 and Tier 2 facilities will see questions that address RBPS 12(iv), screening for terrorist ties. Questions Q3.50.330 through Q3.50.550 allow facilities to identify the option(s) chosen and measure(s) used to implement those options for compliance with RBPS 12(iv). To read more about those options, click here.

Additionally, DHS is going to integrate the Personnel Surety Program into the CSAT 2.0 Portal. This should make it much easier and provide better functionality for the user.

Chiefs of Regulatory Compliance

DHS also announced in this update that they have hired Chiefs of Regulatory Compliance (CRCs) for majority of their Regional Offices. CRCs will serve as the lead DHS representatives administering the CFATS regulation and serving as advisors to the Office of Infrastructure Protection Regional Directors.

Region CRCs:

  • Region 1 (VT, RI, ME, NH, CT, MA) – Charles Colley charles.colley@hq.dhs.gov
  • Region 2 (VI, PR, NJ, NY) – John Dean john.dean@hq.dhs.gov
  • Region 3 (DC, DE, WV, MD, VA, PA) – Don Keen donald.keen@hq.dhs.gov
  • Region 4 (MS, SC, AL, KY, FL, NC, TN, GA) – Cheryl Louck cheryl.louck@hq.dhs.gov
  • Region 5 (MN, WI, IN, MI, IL, OH) – Kathy Young kathryn.young@hq.dhs.gov
  • Region 6 (NM, OK, LA, AR, TX) – Steve Shedd steven.shedd@hq.dhs.gov
  • Region 7 (NE, KS, IA, MO) – Dave Martak david.martak@hq.dhs.gov
  • Region 8 (WY, ND, SD, MT, UT, CO) – Jim Williams james.williams@hq.dhs.gov
  • Region 9 (MP, GU, HI, NV, AZ, CA) – Marcie Stone marcie.stone@hq.dhs.gov
  • Region 10 (AK, ID, OR, WA) – Marc Glasser marc.glasser@hq.dhs.gov

Feel free to contact us if more information or support is needed.

Changes in USCG Leadership Indicate Strong Continued Interest in Port Security

  • Rear Adm. Paul Thomas moves from Prevention Policy to command of the Eighth District – New Orleans.
  • Rear Adm. John Nadeau assumes position as assistant commandant for Prevention Policy.

Rear Adm. Paul Thomas, in an article posted in Maritime Commons, stated:

This week marks my last as assistant commandant for prevention policy. I assume command of the Coast Guard’s Eighth District in mid-August. It has been a distinct privilege to lead and represent the men and women of the U.S. Coast Guard who are dedicated to ensure our national security and economic prosperity by ensuring the safety, security and environmental soundness of our Marine Transportation System globally . . .Thank you for your professional and productive relationship with the U.S. Coast Guard.

About Rear Admiral Nadeau, Thomas stated:

I am pleased to introduce Rear Adm. John Nadeau as the new assistant commandant for prevention policy effective today. His most recent assignment was as assistant commandant for capability, where he was responsible for identifying and sourcing new and extended capabilities, competencies, and capacity to meet mission requirements. Prior to that, he served as commanding officer of the Coast Guard Marine Safety Center where he led the review and approval of plans for the design, construction, alteration, and repair of U.S. and foreign flag commercial vessels subject to U.S. laws, regulations, and international standards. Rear Adm. Nadeau’s other assignments cover the full spectrum of marine safety and inspections and span the bulk of his nearly three decades long career: chief of inspections, senior investigating officer, MSU commanding officer, captain of the port and federal on scene coordinator, Officer In Charge, Marine Inspection, and chief of the Office of Design and Engineering Standards.

In summary: Prevention Policy is assumed by a strong advocate for robust port security with a background in marine safety and inspection, and the command of District Eight is assumed by the former assistant commandant for prevention policy.  These moves indicate a strong continued interest in port security programs.