Common MTSA Facility Violations

Recently the Coast Guard listed the most common MTSA Facility Violations.  This is a good list to ensure your program is ready for their next inspection.  This is also a good list to pass on to the guard force:

Typical deficiencies areas:

  • Access Control
  • Restricted Areas
  • Drills and Exercises
  • Owner/Operator Requirements
  • Audits and VSP/FSP Amendments

Most common deficiencies noted on inspection are:

Failure to secure access points:

  • Gates left open or unattended.
  • Facilities failing to provide an escort for persons without TWIC.

Failure to check identification:

  • Individuals gaining access to facilities by piggy backing.
  • Security personnel failing to properly screen vehicles and personnel entering the facility.

Damage to perimeter fencing:

  • Holes found in perimeter fence.
  • Vegetation growing over fence line, allowing unauthorized access to occur.
  • Emergency egress gates not secure.

Missing signage:

  • Missing or improperly placed Secure Area and Restricted Area signage.

Misunderstanding or not knowing the security procedures as stated in the approved FSP:

  • Facility personnel or contract guard services failing to conduct screening at the rate specified in their FSP.
  • Facility personnel or contract guard services not properly trained on relevant provisions of the FSP.

Restricted Areas not properly marked.

  • Areas where FSP is stored (offices, file cabinets, etc.) not containing proper signage designating the area as a Restricted Area.
  • Facilities missing “Restricted Area” signage, for example:
    • Facility perimeter
    • Server rooms
    • Control centers

Not storing required documentation within a Restricted Area:

  • Sensitive Security Information (SSI) not kept in an area designated as a Restricted Area.

Drills and Exercises:

  • Failing to perform security drills in 3 month intervals.
  • Failing to perform an annual security exercise.
  • Failing to label drill and exercise documentation as SSI and store properly.
  • Failure to maintain drill and exercise records.

Improper notifications to USCG:

  • Breaches of security not immediately reported to USCG or National Response Center.
  • FSPs not being submitted for renewal prior to the expiration date.
  • FSPs containing unapproved changes and amendments.

Training:

  • Facility owners or operators failing to notify facility employees of what parts of the facility are secure areas and public access areas and ensuring such areas are clearly marked.
  • Facilities failing to train personnel with security duties; including facility personnel, contract security guard service, and/or TWIC escort companies on relevant provisions of the FSP.

Proper FSP Updating:

  • Owner/Operator failing to ensure annual audits of the FSP are conducted by persons with requisite knowledge as required by the regulation.
  • Current list of FSOs not updated in the FSP.
  • Owner/Operator section of FSP missing TWIC requirements.
  • Failing to designate a FSO and failing to designate a 24hr contact number for FSO.

Proper Implementation of FSP:

  • Owner/Operator failing to ensure that the facility operates in accordance with the approved FSP.
  • Facilities failing to follow incident procedures outlined in approved FSP.
  • Facilities failing to provide security personnel with the ability to monitor video surveillance systems per approved FSP.

Failure to conduct annual audits:

  • Facilities failing to conduct an annual audit of the FSP.
  • Failing to provide certifying documentation of annual audit.
  • Failing to follow audit requirements in accordance with the regulation.
  • Facilities failing to review the FSP and submit changes to the USCG for approval.
  • Failing to update the FSA each time the FSP is submitted for revisions.

Remember, an FSP is not a “binder on the shelf”, but a security operating plan that must be fully implemented and followed in every day operations.