Telgian Compliance Manager (TCM) is a data collection portal, allowing organizations to submit, manage and track forms, documents and reports related to security compliance needs and requirements. In addition, TCM adheres to more than 50 global compliance IT standards and includes Microsoft Advanced Threat Analytics and distributed denial of services protection against outside threats and suspicious activity.
The Chemical Facility Anti-Terrorism Standards (CFATS) Module
The TCM CFATS module assists client compliance with the Department of Homeland Security (DHS) Chemical Facility Anti-Terrorism Standards (CFATS) as follows:
- Identifies and organizes the requirements of the DHS-CFATS eighteen (18) Risk Based Performance Standards
- Is designed in alignment with CSAT 2.0, the DHS’s web platform for all CFATS submissions
- Is designed for both Site Security Plan or Alternative Security Program approaches
- Provides continuous tracking of compliance activities, plan and document reviews and revisions
- Documents and tracks the Required Annual Audit in parallel as you enter Site Security Plan or Alternative Security Program data into the TCM tool
- Allows you to capture, update and retain ALL documentation REQUIRED by CFATS RBPS 18 in real time
- TCM is hosted in Microsoft Azure. Cloud Computing offers many benefits, such as:
- Availability – No maintenance-associated down-time
- Mobility – Access is available when and where you need it
- Scalability – Ready to meet the changing client demands
- Collaboration – Real-time collaboration across wide geographic space
- Security – The Microsoft Azure cloud offers comprehensive security support to include:
- Comprehensive adherence to over 50 global compliance IT standards
- Advanced Threat Analytics which monitor patterns of networks, systems and users, flagging suspicious activity
- Distributed denial-of-service defense (DDoS) for continual monitoring of outside data attacks
- Data center facilities guarded by outer and inner perimeters with increasing security at each level, including perimeter fencing, security officers, locked server racks, multifactor access control, integrated alarm systems, and around-the-clock video surveillance by the operations center
Background on the Department of Homeland Security Chemical Facility Anti-Terrorism Standards
In 2007 Congress formally established the Chemical Facility Anti-Terrorism Standards (CFATS)regulatory program (6 CFR Part 27) to identify and regulate certain facilities deemed high risk by their possession of certain chemicals. Based upon the Chemical Facility Anti-Terrorism Standards (CFATS) screening process, facilities can be determined to be of a high-risk nature based upon their possession of certain chemicals of interest (COI) at specific quantities and concentrations. To help in the identification and protection of a facility that’s classified as high-risk, there are four steps to the Chemical Facility Anti-Terrorism Standards (CFATS) procedure:
- Step 1: Top-Screen — Chemical Facility Anti-Terrorism Standards (CFATS) has any facility that’s in possession of a Federally designated chemical of interest, or COI, complete a Top-Screen by entering all pertinent information via the Chemical Security Assessment Tool — a secure online web portal administered by the DHS.
- Step 2: Risk Tier Determination — Next, the DHS notifies facilities as to whether or not they are determined to be a security risk. Facilities that aren’t determined to be a risk aren’t required to meet any further Chemical Facility Anti-Terrorism Standards (CFATS) regulations. Those that are determined to be a security risk are assigned a risk Tiering level — between Tier 1 and Tier 4 — and are required to adhere to all Chemical Facility Anti-Terrorism Standards (CFATS) compliance regulations.
- Step 3: Submission of SVA and SSP or ASP — After receiving a security tier determination, facilities have 120 days to submit a security vulnerability assessment (SVA) and a site security plan (SSP) or alternative security program (ASP) by means of the online Chemical Security Assessment Tool (CSAT). The SSP, or ASP, addresses physical security measures, policies, practices and procedures that support compliance with the 18 Risk Based Performance Standards outlined in the Chemical Facility Anti-Terrorism Standards (CFATS) regulation
- Step 4: Inspection and Ongoing Compliance — Upon review of the SSP, or ASP, the DHS will conduct a formal inspection of the facility against the submitted plan, and if approved, a letter of compliance is issued. Inspectors will then conduct subsequent compliance inspections to ensure agreed upon security measures and protocols are being followed; that training, drills and exercises are being conducted, tracked and documented; vulnerability assessments and security plan reviews and revisions are conducted and documented; and appropriate personnel records are being maintained.