A Volatile Time
Homeland Security regulations tighten requirements related to chemical, petroleum product storage
- By Matt Scherer
- May 21, 2008
If you’re a security integrator working
with companies that store or produce
chemical or petroleum products, your
clients have probably asked for assistance
with the Department of Homeland
Security’s Chemical Facilities Anti-
Terrorism Standards.
Enacted in 2007, the regulation tightened
security program requirements for
any industry that stores volatile substances.
As security industry analysts
have noted in published media and government
reports, security programs for
some manufacturers, as well as storage
facilities for chemical-based products,
have been somewhat casual.
“While the government has focused
its attention on regulating security within
the chemical industry, other industries
can use CFAS guidelines to improve the
security effectiveness of their operations,”
said Jan McKenzie, ASSA
ABLOY’s director of national accounts.
McKenzie said her organization has
already helped its clients in the manufacturing
and logistics industries to adopt
some of the key points established in the
new DHS inspection program.
The CFAS standards can provide a
security professional with some guidance
in drafting internal guidelines. Here is a
summary of the regulation’s major points
that protect any logistics or manufacturing
distribution center:
A vigilant self-inspection program.
CFAS and other federal regulations provide
chief security officers with basic
guidelines for building self-inspection
programs. Once this security checklist is
completed, logistics center chief security
officers should update and review their
company’s self-inspection program as
often as possible.
“With the threat of terrorist attacks
against chemical industries as well as the
loss of potential revenue for nonchemical
industries, it’s important for these security
professionals to constantly review their
inspection programs,” McKenzie said.
“CSOs should consider hiring outside
consultants to audit their security programs
and report their findings to give an
independent assessment.”
McKenzie said a company’s CSO can
change security policies based on specific
audit findings, as well as update a budget
to add the infrastructure and human
resources needed to address the problem.
“While internal audits work, a security
penetration testing team can truly evaluate
how a company’s loss prevention
program is protecting its assets,” said
Sloan Foster, vice president of marketing
for HBMC Inc. “A professional firm can
infiltrate a company by simple things
such as following a worker through a
door and then finding an unoccupied
computer to gain access to financial data
or sensitive business information.”
Quick fixes aren’t the solution.
When a manufacturing firm’s CSO
completes an external or internal audit,
the CSO should realize that it takes time
to address all the issues uncovered in
an audit.
“To really address some security
issues, especially if additional funding is
needed, it can take time to get the money
as well as find the right vendor or installation
team to implement the necessary
changes,” McKenzie said.
A consistent installation process.
Manufacturers and logistics centers
should hire national security installation
firms that adhere to and understand a
company’s standardized security requirements
for each facility within the company’s
organization.
“We have seen customers who aggressively
expand the construction of new
facilities start to adopt the same standards
for their doors and openings from one
region of the United States to another,”
McKenzie said. “Unlike most security
programs right now, national vendor construction
programs adopt a common standard
in the construction of their facility’s
signs, flooring, door automation and IT
infrastructure.
“The security industry is just starting
to embrace a national standard for their
phase of most construction projects.”
Making real-time updates. As logistics
firms and manufacturers add more
equipment to their security infrastructures,
CSOs should immediately update
their self-inspection programs.
“Whenever a new type of security
equipment is added, it’s important for a
security team to consider how it impacts
the system’s operation and address it on
their checklist,” McKenzie said.
CSOs who have worked with ASSA
ABLOY Door Security Solutions representatives
update their security checklists
with the addition of a product like SARGENT
® v.S2 in their manufacturing or
distribution centers.
Preparing for the worst-case scenario.
Even when the best security plans
are in place, a logistics center CSO should
sit down with staff members to review
security breach response processes.
After completing that brainstorming
session, a CSO should then update the
company’s emergency response manuals.
To test the response process, a CSO
should hold a tabletop or simulated exercise
to practice reaction.
“The Navy provides a good example
of how security exercises can be applied
to a business,” said George Turney, a
retired chief warrant officer and a business
consultant. “By constantly conducting
security exercises at sea, if a serious
incident should occur, the ship’s crew
knows their roles and responses to a variety
of scenarios.”
With a well-thought-out security
checklist, updated equipment and an
ongoing evaluation of a logistics center’s
security processes, the CSO can protect
an organization’s infrastructure from an
external attack.
While American chemical logistics
centers have not yet been the targets of a
terrorist attack, the bombing in 1995 of
an Oklahoma City federal building
serves as an example of the devastation
caused by 5,000 pounds of a simple
chemical: ammonium nitrate fertilizer.
In an effort to protect their facilities
from an attack or the loss of materials,
proactive security managers can turn to
the CFAS and other government regulation
processes to deal
with challenges in
their workplace.