Posts

Nothing Found

Sorry, no posts matched your criteria

CORE-Observatory

MARITIME SECURITY – Progress and Challenges with Selected Port Security Programs, GAO, June 2014 (CORE1019)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The report provides a comprehensive review of progress and challenges of various port security activities and programs the Department of Homeland Security (DHS) has carried out since 9/11. In essence, the report is a summary and an update of a number of more detailed GAO reports on maritime supply chain security. The report states that needs to strengthen further its efforts on maritime domain awareness through intensified communication among maritime stakeholders. Regarding the US domestic port security, the report recommends DHS to reassess its Port Security Grant Program (PSGP) that allows ports to request funds for security projects and to improve quality of vulnerability assessment in US ports. The report also urges DHS to overcome challenges of risk-based targeting and scanning of US-bound shipping containers.  The findings and recommendations of this report help CORE consortium understand the current state of the US maritime security regime. This understanding benefits particularly the demonstrations of WP9 and WP14. Also educational and training as well as risk clusters of CORE may find the report’s information useful. The report is available for download at: www.gao.gov/assets/670/663784.pdf.

[s2If is_user_logged_in()]

Full review: This GAO document summarizes the US maritime supply chain security and provides useful information for the CORE project across its work packages. This information most obviously benefits WP9 and WP14 that involve US-bound maritime trade lanes. However, also the CORE’s risk cluster can find useful insight in the report, for example about challenges and opportunities of risk-based container targeting and screening approaches. This summary GAO document caters the needs of state-of-the-art work packages and the CORE’s educational and training cluster that aims to produce relevant and up-to-date material about supply chain security for a variety of stakeholders.

Cross-references:

  • Combating Nuclear Smuggling: Additional Actions Needed to Ensure Adequate Testing of Next Generation Radiation Detection Equipment. GAO-07-1247T. Washington, D.C.: September 18,
  • Supply Chain Security: CBP Has Made Progress in Assisting the Trade Industry in Implementing the New Importer Security Filing Requirements, but Some Challenges Remain. GAO-10-841. Washington, D.C.: September 10, 2010.
  • Supply Chain Security: CBP Needs to Conduct Regular Assessments of Its Cargo Targeting System, GAO-13-9. October 25, 2012.

Additional keywords: Maritime security, Port Security Grant Program (PSGP), risk-based controls, targeting, container scanning

 

CORE1019

[/s2If]

MARITIME SECURITY – Progress and Challenges in Key DHS Programs to Secure the Maritime Borders, GAO, November 2013 (CORE1018)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This report is a summary of previous GAO reports on US maritime supply chain security and border controls. The report focuses on progress and challenges in four main areas of the Department of Homeland Security’s (DHS) activity on the maritime security. The report highlights that DHS and its component Coast Guard agency could improve its maritime domain awareness through increased information sharing and more advanced vessel-tracking systems. The Customs and Border Protection (CBP) in turn could step up its role in securing US-bound container traffic by conducting more frequent risk assessment audits in key foreign ports that ship cargo into the US and by fostering more close relationship with foreign authorities. The GAO report also recommends the Coast Guard to rethink its maritime surveillance, interdiction and security operations because current protection and support is not adequate in high priority locations. The report also calls for more collaboration and coordination among maritime authorities, port operators and ocean carriers. Finally, the report encourages the DHS to develop performance metrics and data collection procedures the agency uses to assess and monitor its maritime security programs and activities. This report gives a recent update on the US maritime security activities that might be helpful for CORE demonstrations and clusters. The report is available for download at: www.gao.gov/assets/660/659087.pdf.

[s2If is_user_logged_in()]

Full review: This summary GAO documents provides detailed background material about the US maritime security programs. This information is very relevant for the CORE demonstrations WP9 and WP14 that involve shipping cargo from and into the US. The information this document offers also help the CORE’s risk and IT clusters to learn lessons from the US approach to risk-based maritime security and security-related IT integration.

Cross-references:

  • Maritime Security: Ferry Security Measures Have Been Implemented, but Evaluating Existing Studies Could Further Enhance Security. GAO-11-207. Washington, D.C.: December 3, 2010.
  • Supply Chain Security: DHS Could Improve Cargo Security by Periodically Assessing Risks from Foreign Ports. GAO-13-764. Washington, D.C.: September 16, 2013.

Additional keywords: Maritime security, maritime surveillance, risk-based controls, targeting, container scanning

 

CORE1018

[/s2If]

 

MARITIME SECURITY – Ongoing U.S. Counterpiracy Efforts Would Benefit From Agency Assessments, GAO, June 2014 (CORE1017)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This GAO report explains how the US government agencies have fought sea piracy around the Horn of Africa and at the Gulf of Guinea since 2010. The report also describes the current state of sea piracy threats in these two areas, and it urges US government agencies to reconsider their resource allocations, strategies and tactics related to the counterpiracy efforts. The report points out that the number of annual piracy incidents at the Gulf of Guinea has surpassed the yearly incidents off the Horn of Africa. This shift in pirate attacks prompt changes in the US counterpiracy operations. However, as the report points out, the US government agencies responsible for the counterpiracy activities have not recently conducted reassessments of their actions, despite the changing conditions. The report therefore recommends the US government agencies to re-evaluate the counterpiracy efforts, especially at the Gulf of Guinea that is becoming the most important hotspot of the international sea piracy. This GAO report provides information about modern sea piracy from which CORE’s maritime demonstrations might benefit. The report is available for download at: www.gao.gov/assets/670/664268.pdf.

[s2If is_user_logged_in()]

Full review: This GAO report delivers a comprehensive analysis of the current state of sea piracy at the two African hotspots and the US government’s counterpiracy efforts. This information benefits those CORE demonstrations that involve maritime shipping. The detailed description of the US counterpiracy efforts might also inspire the risk cluster to find effective and efficient risk-based solutions to protect maritime logistics and transport from sea piracy.

Cross-references:

  • Maritime Security: Federal Efforts Needed to Address Challenges in Preventing and Responding to Terrorist Attacks on Energy Commodity Tankers. GAO-08-141. Washington, D.C.: December 10, 2007.
  • Maritime Security: Actions Needed to Assess and Update Plan and Enhance Collaboration among Partners Involved in Countering Piracy off the Horn of Africa. GAO-10-856. Washington, D.C.: September 24, 2010.

Additional keywords: Maritime security, sea piracy

 

CORE1017 

[/s2If]

 

A Decade of GAO’s Supply Chain Security Oversight, 2015 (CORE1113)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The US Government Accountability Office (GAO) is an independent government watchdog organization that has been publishing many reports on the US government’s supply chain security initiatives over the past ten years. This article reviews 25 most relevant GAO’s reports that discuss strengths, weaknesses and future challenges of the US policies and regulations on supply chain security. The review findings reveal interesting facts about similarities and differences of the US and the EU approaches to supply chain security. This comparison opens new venues for further Transatlantic benchmarking as well as harmonisation and mutual recognition of supply chain security programs. This review was conducted as part of European FP7-Project CORE.  The reviewed document is available for download here: https://hicl.org. Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review: The GAO reports suggest that the US administration has been struggling with effective performance monitoring and auditing of its supply chain security initiatives. The reports indicate that there is some confusion about costs of security initiatives for the government and for the business community. There is also a lack of common understanding about the actual benefits of many of these programs. The GAO reports also urge US government officials to adopt risk-based approach to supply chain security, for example to use information and intelligence to assess risk levels of specific shipments, people, trading companies, and other entities, and then employ security solutions that are commensurate to the risk level. The GAO reports also emphasize the importance of involving the industry in the process of defining new policies and regulations.

Altogether, the review team found that the GAO documents are not only highly relevant for SCS management and governance but also of high quality. The study concludes that it might be useful for the EU to establish a quality-assurance organization similar to the US GAO. This new EU body would oversee spending of the EU and its member states on supply chain security programs and projects and this way improve efficiency of such investments.

Reference: Männistö, T., and Hintsa J., (2015), “A Decade of GAO’s Supply Chain Security Oversight,” Proceedings of the Hamburg International Conference in Logistics (HICL), September 24-25, 2015, Hamburg

 

CORE1113

[/s2If]

SUPPLY CHAIN SECURITY – DHS Could Improve Cargo Security by Periodically Assessing Risks from Foreign Ports, GAO, September 2013 (CORE1007)

/0 Comments/in , , , , , , , , , , , , , , , , , /by

Summary: This GAO report reviews maritime supply chain security programs that the Department of Homeland Security and its component agencies – mainly the Customs and Border Protection (CBP) and the Coast Guard – have implemented since 2001. The report examines (1) the extent to which DHS has assessed risk levels of foreign ports and allocated security resources accordingly and (2) activities DHS has taken to monitor and improve efficiency and effectiveness of its security initiatives. Drawing on numerous interviews of key stakeholders and examination of key documents, the report recommends CBP to consider expansion of its Container Security Initiative (CSI) into new ports based on a periodic risk assessment of foreign ports. The report also highlights opportunities for further harmonization of the US maritime security initiatives with their foreign counterparts through mutual recognition agreements. Since this report contains fundamental information about the US maritime security programs, many CORE work packages are likely to benefit from the insights this report provides. Especially, the demonstrations, which involve ocean shipping, as well as the risk cluster, can use this information to support and guide their work. The document is available for download at: http://www.gao.gov/assets/660/657893.pdf (accessed 13.3.2016)

[s2If is_user_logged_in()]

Full review: The report provides a comprehensive outlook on the US maritime supply chain security initiatives that the DHS and its component agencies – mainly CBP and Coast Guard – have implemented since 2001. The report features some interesting figures that map the security initiatives on the global supply chain and that illustrate current solutions the US government employs to screen and examine US-bound shipping containers. The CORE’s demonstrations that involve maritime shipping are likely to benefit from the information this report provides. Also the risk cluster can use the information, and especially the mapping of the US maritime security initiatives over the global supply chain, to design risk-based, layered approaches to maritime supply chain security. The education cluster can also reuse the contents of this report to produce relevant and informative training material for various supply chain stakeholders that are involved in the seaborne trade and logistics.

Cross-references:

  • Maritime Security: Progress and Challenges 10 Years after the Maritime Transportation Security Act. GAO-12-1009T. Washington, D.C.: September 11, 2012.
  • Supply Chain Security: Container Security Programs Have Matured, but Uncertainty Persists over the Future of 100 Percent Scanning. GAO-12-422T. Washington, D.C.: February 7, 2012.
  • Homeland Security: DHS Could Strengthen Acquisitions and Development of New Technologies. GAO-11-829T. Washington, D.C.: July 15, 2011.
  • Maritime Security: Responses to Questions for the Record. GAO-11-140R. Washington, D.C.: October 22, 2010.
  • Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended. GAO-10-887. Washington, D.C.: September 29, 2010.
  • Supply Chain Security: CBP Has Made Progress in Assisting the Trade Industry in Implementing the New Importer Security Filing Requirements, but Some Challenges Remain. GAO-10-841. Washington, D.C.: September 10, 2010.

Additional keywords: Mutual recognition, Customs-trade partnership against Terrorism (C-TPAT), Container Security Initiative (CSI), maritime security, counter-terrorism

CORE1007

[/s2If]

SUPPLY CHAIN SECURITY – Container Security Programs Have Matured, but Uncertainty Persists over the Future of 100 Percent Scanning, GAO, February 2012 (CORE1005)

/0 Comments/in , , , , , , , , , , , , , , , /by

Summary: This GAO document analyses the progress and challenges of the US maritime supply chain security initiatives. The document puts a special emphasis on (1) the advance cargo information (ACI) schemes that enable the US Customs and Border Protection (CBP) to assess risk levels of US-bound cargo containers, (2) technologies to track, monitor and screen the shipping containers for weapons of mass destruction (WMD) and other contraband, and (3) to evaluate the progress towards the 100-percent scanning of the US-bound containerized cargo. As the overarching theme, the report addresses the current state of the partnerships the component agencies of the Department of Homeland Security (DHS) have been fostering with the private sector and foreign governments. Besides the demonstrations, which deal with the US-related maritime logistics, the CORE’s risk and educational clusters can benefit from the insight and information this report offers. The document is available for download at: http://www.gao.gov/assets/590/588253.pdf (accessed 12.3.2016)

[s2If is_user_logged_in()]

Full review: This report provides a general outlook on the US maritime supply chain security initiatives, but the contents of this document largely overlaps with other, reviewed GAO documents. However, this report offers some fresh perspectives on the US maritime security – particularly the best updates available on the advanced cargo information programs –, and therefore the CORE’s partners, which are engaged in demonstrations on maritime security, might benefit from studying this GAO document. Moreover, the CORE risk, educational and IT clusters might learn from this document how the US Department of Homeland Security (DHS) has implemented its supply chain security philosophy in the maritime context. In particular, the risk cluster may use the description of the US risk-based approach to cargo inspections as a starting point for the related CORE solutions. The IT cluster may learn from the ways how the US government has organized its IT processes and infrastructure that support the maritime security initiatives. Finally, the educational cluster can use the material of this report to produce meaningful training material for CORE’s stakeholders that are engaged in maritime supply chain security.

Cross-references:

  • Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended. GAO-10-887. Washington, D.C.: September 29, 2010.
  • Supply Chain Security: CBP Has Made Progress in Assisting the Trade Industry in Implementing the New Importer Security Filing Requirements, but Some Challenges Remain. GAO-10-841. Washington, D.C.: September 10, 2010.
  • Combating Nuclear Smuggling: Inadequate Communication and Oversight Hampered DHS Efforts to Develop an Advanced Radiography System to Detect Nuclear Materials. GAO-10-1041T. Washington D.C.: September 15, 2010.
  • Supply Chain Security: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers. GAO-10-12. Washington, D.C.: October 30, 2009.
  • Combating Nuclear Smuggling: Lessons Learned from DHS Testing of Advanced Radiation Detection Portal Monitors. GAO-09-804T. Washington, D.C.: June 25, 2009.

Additional keywords: Importer Security Filing (10+2 rule), Advanced Targeting System (ATS), 24-hour rule, 100-percent scanning requirement

CORE1005

[/s2If]

TRANSPORTATION SECURITY ADMINISTRATION – Progress and Challenges Faced in Strengthening Three Key Security Programs, GAO, March 2012 (CORE1004)

/0 Comments/in , , , , , , , , , , , /by

Summary: The report discusses status and future challenges of the Transportation Security Administration’s three key security programs: The Advanced Imaging Technology (AIT), the Screening of Passengers by Observation Techniques (SPOT) and the Transportation Worker Identification Credential (TWIC) program. The two earlier programs are related to the passenger security, which not in the scope of the CORE project. The third TWIC program – an initiative for vetting backgrounds of maritime workers that require access to regulated maritime facilities and vessels – is the only program on supply chain security. The report recommends that the Department of Homeland Security (DHS) would improve its internal procedures (e.g., enrolment practices, background checking and quality control) and define and measure performance criteria for assessing the TWIC program’s efficiency and effectiveness. This GAO report discusses mainly passenger security programs that are not interesting for the CORE and for most of the project partners. However, learning about the TWIC program might be useful for at least those CORE demonstrations on maritime supply chain security. The document is available for download at: http://www.gao.gov/assets/590/589587.pdf (accessed 12.3.2016)

[s2If is_user_logged_in()]

Full review: This GAO report has only a limited use in the CORE project because of its emphasis on passenger security programs (the Transportation Worker Identification Credentials (TWIC) program is the only program discussed in the report that has something to do with supply chain security). The CORE’s maritime demonstrations may find it useful to learn about the US way for managing credentials and access to regulated maritime facilities and vessels. The CORE’s risk cluster might learn something about conducting risk-based background checks for logistics workers, and the CORE’s educational cluster might use the description of CWIT, that this report provides, to produce training material and guidebooks on how to implement and maintain access control schemes.

CORE1004

[/s2If]

COSO. Enterprise Risk Management — Integrated Framework – Executive Summary. Committee of Sponsoring Organizations of the Treadway Commission. September 2004. (CORE1106)

/0 Comments/in , , , , , , , , /by

Summary: The Committee of Sponsoring Organizations of the Treadway Commission, COSO, defines Enterprise Risk Management, ERM, as a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. The entity objectives are set forth in following four categories: (i) Strategic – high-level goals, aligned with and supporting its mission; (ii) Operations – effective and efficient use of its resources; (iii) Reporting – reliability of reporting; and (iv) Compliance – compliance with applicable laws and regulations. According to COSO, ERM enables management to effectively deal with uncertainty and associated risk and opportunity, enhancing the capacity to build value. Within the context of FP7-CORE project – and, supply chain security management in general – ERM can be seen as a useful approach particularly when it comes to aligning security risk appetite and strategy; to enhancing security risk response decisions; and to reducing security related operational surprises and losses. Some other ERM aspects such as seizing opportunities (“positive risks”) may not apply in supply chain security management context. One more interesting note, which could also be applied for supply chain security: everyone in an entity has some responsibility for ERM. This executive summary document is available for download at: http://www.coso.org/documents/coso_erm_executivesummary.pdf

[s2If is_user_logged_in()]

Full review:
Background: The first version of the “Internal Control – Integrated Framework” was issued by the Committee of Sponsoring Organizations of the Treadway Commission, COSO, in early 1990s, to help businesses and other entities assess and enhance their internal control systems. The change of the millennium saw heightened concern and focus on risk management, and it became clear that a need exists for a robust framework to effectively identify, assess, and manage risk.  In 2001, COSO initiated a project, and engaged PricewaterhouseCoopers, to develop a framework that would be readily usable by managements to evaluate and improve their organizations’ enterprise risk management.
According to COSO (p.1), Enterprise Risk Management, ERM, encompasses:
•    Aligning risk appetite and strategy – Management considers the entity’s risk appetite in evaluating strategic alternatives, setting related objectives, and developing mechanisms to manage related risks.
•    Enhancing risk response decisions –Enterprise risk management provides the rigor to identify and select among alternative risk responses – risk avoidance, reduction, sharing, and acceptance.
•    Reducing operational surprises and losses – Entities gain enhanced capability to identify potential events and establish responses, reducing surprises and associated costs or losses.
•    Identifying and managing multiple and cross-enterprise risks – Every enterprise faces a myriad of risks affecting different parts of the organization, and enterprise risk management facilitates effective response to the interrelated impacts, and integrated responses to multiple risks.
•    Seizing opportunities – By considering a full range of potential events, management is positioned to identify and proactively realize opportunities.
•    Improving deployment of capital – Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation.
COSO (pp.3-4) states that ERM consists of eight interrelated components, derived from the way management runs an enterprise and are integrated with the management process:
•    Internal Environment – The internal environment encompasses the tone of an organization, and sets the basis for how risk is viewed and addressed by an entity’s people, including risk management philosophy and risk appetite, integrity and ethical values, and the environment in which they operate.
•    Objective Setting – Objectives must exist before management can identify potential events affecting their achievement.  Enterprise risk management ensures that management has in place a process to set objectives and that the chosen objectives support and align with the entity’s mission and are consistent with its risk appetite.
•    Event Identification – Internal and external events affecting achievement of an entity’s objectives must be identified, distinguishing between risks and opportunities. Opportunities are channeled back to management’s strategy or objective-setting processes.
•    Risk Assessment – Risks are analyzed, considering likelihood and impact, as a basis for determining how they should be managed.  Risks are assessed on an inherent and a residual basis.
•    Risk Response – Management selects risk responses – avoiding, accepting, reducing, or sharing risk – developing a set of actions to align risks with the entity’s risk tolerances and risk appetite.
•    Control Activities – Policies and procedures are established and implemented to help ensure the risk responses are effectively carried out.
•    Information and Communication – Relevant information is identified, captured, and communicated in a form and timeframe that enable people to carry out their responsibilities.  Effective communication also occurs in a broader sense, flowing down, across, and up the entity.
•    Monitoring – The entirety of enterprise risk management is monitored and modifications made as necessary.  Monitoring is accomplished through ongoing management activities, separate evaluations, or both.
Lastly, as potential readers / users of this report, COSO suggests following: Board of Directors; Senior Management; Managers and other personnel; Regulators; Professional Organizations; and Educators.
CORE1106
https://www.dropbox.com/s/aetbp8jr6dr4z31/CORE1106-coso_erm_executivesummary.pdf?dl=0

[/s2If]

C-TPAT Program Benefits Reference Guide, 2014 (CORE1032)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This guidebook outlines the key elements and benefits of the Customs-Trade Partnership Against Terrorism (C-TPAT) program that is designed to secure global supply chains and to improve United States border security. Document is available at: https://www.cbp.gov/sites/default/files/documents/C-TPAT%20Program%20Benefits%20Guide.pdf (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: C-TPAT partners receive a wide range of benefits listed below:

  • C-TPAT Partners are examined at a considerably lower rate than non-C-TPAT Partners.
  • C-TPAT certified/validated highway carrier Partners are granted expedited border crossing privileges. C-TPAT Partners at many Canada/Mexico land border ports of entry have access to Free and Secure Trade (FAST) Lanes.
  • Some categories of C-TPAT importer Partners are exempt from stratified exams.
  • C-TPAT shipments subject to examination are moved ahead of any non-C-TPAT shipments, to the extent possible.
  • In the event of a significant disruption/delay in cargo processing operations, actions are taken to maintain communication and coordination with C-TPAT Partners for business resumption.
  • C-TPAT Partners’ trade compliance issues are given priority over those issues related to non-C-TPAT Partners.
  • Each C-TPAT Partner is assigned a Supply Chain Security Specialist (SCSS) who coordinates between the C-TPAT Partner and the US Customs and Border Protection agency (CBP). The Specialist also assists the Partner with supply chain security issues.
  • Partners have access to the C-TPAT’s automated Portal system, to communicate with CBP and exchange program related information in a secure manner.
  • C-TPAT Partners are eligible to attend C-TPAT events like the annual Conference and other training seminars organized by the program.
  • C-TPAT importer Partners are eligible to participate in the Importer Self-Assessment (ISA) Program.
  • The Penalty Mitigation benefit is granted to sea carriers for late submission of data required under the Importer Security Filing requirements.
  • C-TPAT members are eligible to participate in other U.S. Government pilot programs, such as the Food and Drug Administration’s Secure Supply Chain program.

In addition, some benefits are associated with Mutual Recognition Arrangements (MRAs) when two customs authorities formally acknowledge the security requirements or standards of one program, as being equivalent to the other program. Some of the resulting benefits to the trade community are illustrated below:

  • C-TPAT importer Partners that also conduct export operations and Partners of the foreign Customs Administration programs (manufacturers and exporters of record) are granted a reduction in their overall cargo risk score, implying fewer examinations at export and import ports.
  • A C-TPAT validation for an overseas partner is not required if an MRA is in place because CBP recognizes the status of the Partner in the foreign partnership program.
  • Companies covered by MRAs need only to comply with a common set of security requirements, avoiding the hassle of following multiple sets of requirements from one partnership program to another.
  • MRAs lead to more transparency in international commerce. Mutual exchange of information between these partners facilitates trade across Mutual Recognition Partner nations.

CORE1032

[/s2If]

C-TPAT Best Practices Catalog Addendum, 2009 (CORE1031)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This addendum document lists cargo security best practices with focus on prevention of weapons of mass effect, terrorists, and/or contraband from infiltrating into the international supply chain. Each best practice is linked to a specific business entity, such as a Manufacturing Company, a Highway Carrier, an Importer or a Foreign Consolidator but these may apply to other business types as well. The document is available at: https://www.cbp.gov/sites/default/files/documents/ctpat_bpa_2009_0.pdf (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The best practices are outlined as follows:

Risk assessment: Programs are in place to enable the identification of the most vulnerable supply chain areas, to grade suppliers supply chain security criteria. Specific processes have been developed to manage the supplier’s products, software and services and internal monitoring systems to enhance the safety and security procedures.

Business partner requirements: Several security measures have been taken by entities. These include conducting supply chain security audits to ensure compliance of non-C-TPAT business partners; carrying out security audits of a foreign manufacturer; making security self-assessments, conducting onsite inspections to ensure freight security; shipping cargo only through accredited ports and steamship lines; monitoring compliance of manufacturing facilities; screening procurements to identify ineligible status of suppliers, and performing audits of business partners.

Conveyance/Container/Trailer Security: Examples of such security practices are: integrating special security features in the GPS (global positioning system); using laser beams to protect trailers; using colour codes for matching consignments; installing infrared sensors in docks to prevent unauthorized access; using special codes to identify correct shipments; documenting all seal changes for shipments in transit; ensuring delivery by authorized Company drivers; sealing containers; operating through C-TPAT carriers; using only “seaworthy” containers; installing in-transit temperature data sensors to ensure product quality; enclosing container storage area; conducting non-intrusive inspection prior to loading a vessel; establishing specific inspection points; using multiple security devices on each container; using automated container yards; instructing foreign suppliers to provide inspection checklists; using dock locking arms for container storage; installing motion sensors in a trailer; operating through contracted highway carriers and security services; documenting a seal destruction policy, and so forth.

Physical Access Controls: Some practices by Importers include establishing multiple security stations within the building; using metal detectors for employees; installing an electronic swipe card/ lock box systems for access control for sensitive documents; conducting electronic scanning of visitors’ drivers licenses; utilizing a third-party software system to manage key inventory; and providing panic buttons for company employees.

Physical Security: Several innovative solutions have been designed to ensure physical security, such as electronically closing gates and activating tire puncturing devices to prevent vehicle exits; using an electronic security information reporting system, installing invisible electronic fences; installing laser sensors; setting up optical light beams to detect intruders; fitting double locks on doors; Installing infrared sensors on fences; using body alarm functions for emergencies; appointing patrolling guards, using multiple glass meeting rooms; using multiple interior infrared security alarm beams to detect unauthorized access; and installing security guard view towers.

Personnel Security: An Importer requires business partners to provide a monthly master list of employees and immediately notify when their employees are hired or terminated, in order to ensure that only authorized business partner’s employees enter the manufacturing facilities.

Security Training/Threat Awareness/Outreach: Business entities have invested in a wide range of training programs. One such initiative is the four-tier C-TPAT training targeted for management and supervisors, shipping and receiving personnel, internal personnel dealing with contractors and hourly staff. Other businesses use different approaches, like establishing an online training portal;; offering general security training and of site-specific training for security guards; issuing security advisories; making regular security awareness assessments; establishing a situation matrix chart to address possible incidents; establishing a direct communication channel between the president of the company and employees; putting in place a toll free hotline for company personnel; conducting security drills and exercises; establishing a web-based security awareness training; documenting security incidents in a central database; and establishing a global communication system to contact all employees and contractors remotely.

Procedural Security: Instances of this type of security measures include a bio-thermal intrusion alarm system; a global SAP network to generate all written orders for import and export; automatic screening procedures of purchase orders for restricted parties; lock boxes for sensitive documentation; an automated loading module called the Automatic Truck Loading System (ATLS); a container seal number as the shipment tracking (invoice/bill of lading) number, and so forth.

Information Technology (IT) Security: Such security practices include a biometric fingerprint door lock; a remote data backup center; a retina scanning system for access to the computer system; requiring supervisory approval to copy data; use of electronic password protected purchase orders; establishing a daily “e-test” for employees to access computers, and so forth.

CORE1031

[/s2If]

Interviews

Nothing Found

Sorry, no posts matched your criteria