Security Vulnerability Assessments (SVA)

The U.S. Department of Homeland Security (DHS) imposes comprehensive federal security regulations for high risk chemical facilities through the Chemical Facility Anti-Terrorism Standards (CFATS) program. This rule (6 CFR Part 27) establishes risk-based performance standards for chemical facility security. It requires facilities above threshold quantities of Chemicals of Interest (COI) to submit a Chemical Security Assessment Tool (CSAT 2.0) Top-Screen. DHS utilizes the CFATS Tiering Methodology to determine which facilities are most vulnerable and “high-risk.”

As requested by DHS, each facility may be required to prepare a Security Vulnerability Assessment (SVA) and to develop and implement Site Security Plans (SSP). The SVA identifies facility security vulnerabilities and the SSP includes measures that satisfy the identified risk-based performance standards. DHS developed the CSAT to collect and analyze key data from chemical facilities in order to comply with the regulations.

Contra Costa County in California developed a series of more stringent guidelines to enforce process safety as part of the Industrial Safety Ordinance (ISO). One of the actions taken by Contra Costa County is requiring all California Accidental Release Prevention (CalARP) Program 2 and Program 3 facilities to perform an SVA.

Risk Management Professionals has incorporated a chemical facility security element as part of Process Hazard Analyses (PHAs) for a spectrum of chemical facility types since 1995. While completing SVAs for water facilities, the company has pioneered the implementation of comprehensive security assessment methodologies for other industries. Risk Management Professionals provides robust SVA services utilizing industry standards and best practices, including the DHS CSAT SVA Methodology, AIChE CCPS Security Vulnerability Analysis Methodology, Sandia National Laboratories (VAM-CF SM), and API’s Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries.

Site Security Plans (SSP)

Risk Management Professionals can develop a Site Security Plan (SSP) based on the DHS Risk Based Performance Standards (RBPS). Every qualifying facility must develop a SSP pursuant to the regulations. The intent is to select and implement appropriate protective measures and practices to meet RBPS requirements.