Feel secure about vulnerability assessments

Take advantage of some pointers from security professionals

By Frank Pisciotta, Business Protection Specialists, and Deborah Allen, Potash Corp.

3 of 3 1 | 2 | 3 > View on one page

• decrease the consequences of an event.
Risk is reassessed after proposed countermeasures are applied to the scenarios addressed in your SVA. Measures accepted by management must then be incorporated into your site security plan.
Results of the SVA will be entered into CSAT and will form the basis of the site security plan. In fact all vulnerabilities identified in the SVA must be addressed in the site security plan, which is due 120 days after your SVA is complete.

Protecting information
It’s crucial to safeguard Chemical-Terrorism Vulnerability Information (CVI) from disclosure to unauthorized persons. While a company likely will certify only a limited number of employees as able to handle CVI, all employees must know enough about what to do if CVI documents are found unsecured. Staff must be taught how to recognize this information based on this labeling:

Chemical-terrorism Vulnerability Information
 (Placed in the header of each page.)

Each cover page, title page and page within the document should have the following statement inserted: WARNING: This record contains Chemical-terrorism Vulnerability Information controlled by 6 CFR 27.400. Do not disclose to persons without a “need to know” in accordance with 6 CFR 27.400(e). Unauthorized release may result in civil penalties or other action. In any administrative or judicial proceeding, this information shall be treated as classified information in accordance with 6 CFR 27.400(h) and (i).
Any documentation prepared due to your SVA should be labeled accordingly.

A start towards security
These new standards will substantially expand the security requirements for many chemical facilities that have never before been covered under government security guidelines. Clearly, it’s necessary to get a start on them. However, much work by both the private sector and the government will have to be done before all of the high risk chemical facilities in the United States can fully meet the standards.

Frank Pisciotta, CSC, is president of Business Protection Specialists, Canandaigua, N.Y. E-mail him at fp@securingpeople.com.
Deborah Allen, CPP, is director of product stewardship and security at Potash Corp., Northbrook, Ill. E-mail her at dlallen@potashcorp.com.

3 of 3 1 | 2 | 3 > View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments