On August 1, 2013, the Executive Order on Improving Chemical Facility Safety and Security (EO 13650) directed the federal government to improve the safety and security of chemical facilities and reduce the risks of hazardous chemicals to workers and communities. The EO established a Federal Interagency Working Group to:
- Improve operational coordination with state, local, and partners.
- Enhance Federal agency coordination and information sharing.
- Modernize policies, regulations and standards.
- Work with stakeholders to identify best practices.
Tri-chaired by the Cybersecurity and Infrastructure Security Agency's (CISA) Infrastructure Security Division (ISD), Department of Labor’s Occupational Safety and Health Administration (OSHA), and the Environmental Protection Agency’s (EPA) Office of Solid Waste and Emergency Response, the Working Group coordinated with state and local governments, first responders, chemical facility owners and operators, and community stakeholders to accomplish these goals.
CFATS and the CISA Gateway
Information systems play a vital role in allowing federal departments; state, local, tribal, and territorial (SLTT) government officials; and private sector partners identify, analyze, and manage risk to protect the nation. CISA established the CISA Gateway to improve information sharing and coordination among federal and SLTT agencies. This centrally managed repository of data and capabilities allow stakeholders to easily access, search, retrieve, visualize, analyze, and export critical infrastructure data from multiple sources.
CISA shares certain Chemical Facility Anti-Terrorism Standards (CFATS) data elements with authorized federal and SLTT agencies on a geospatial map to help these stakeholders identify regulated and unregulated chemical facilities located in their communities and what chemicals are housed in those facilities. This information can be used to support planning, preparedness, and prevention activities, and to develop a contingency plan to address risks.
The CISA Gateway uses three layers of information protection to ensure the data that stakeholders share is not exposed:
- Protected Critical Infrastructure Information (PCII)
- Chemical-terrorism Vulnerability Information (CVI)
- For Official Use Only (FOUO)
Level of authorized access is assessed on a case-by-case basis.
CFATS data is available in a FOUO and a CVI layer to authorized federal agencies, SLTT officials, and first responders with an established “need-to-know” as determined by CISA. FOUO access allows users to view information on any chemical facility that has filed a Top-Screen (such as name, location, and geospatial information) within their respective jurisdictions, whereas CVI access includes additional information, such as a facility’s risk-based tier.
To obtain access to the CISA Gateway, all users must be PCII certified and must complete required PCII Authorized User training. For access to CFATS data on the CISA Gateway, all users must complete CVI Authorized User training and have a valid need to know.
After completing PCII and CVI Authorized User training:
- Visit the CISA Gateway EO 13650 Portal.
- Click "Request an IP Gateway EO 13650 account here" link.
- Fill out the online form.
Email CISA-GatewayHelpdesk@cisa.dhs.gov with any questions or concerns accessing the CISA Gateway.
Read or download the printer-friendly CFATS and CISA Gateway fact sheet.
Actions Taken by CISA
Since the establishment of the CFATS program in 2007, CISA has engaged with industry to identify and regulate high-risk chemical facilities to ensure they have security measures in place to reduce the risk of chemicals of interest (COI) being weaponized. CFATS played a significant role in reducing the number of facilities storing threshold quantities of COI by working with these facilities to eliminate, reduce, or modify their holdings of certain COI.
Under this EO, CISA:
- Conducts Compliance Assistance Visits (CAVs) to assist CFATS-regulated facilities in understanding and meeting the program’s risk-based security standards. A facility can request a CAV at any point in the CFATS process.
- Shares certain CFATS elements on CISA Gateway EO 13650 Portal with authorized federal and SLTT agencies to help strengthen community preparedness and response.
- Solicited feedback through a CFATS Advance Notice of Proposed Rulemaking (ANPRM) on potential modification of the CFATS regulations to address ammonium nitrate and an ANPRM on potential updates to the list of chemicals of interest (COI) and other aspects of the CFATS regulation.
- Improved the methodology used to identify and assign risk tiers to high-risk chemical facilities by having external experts from industry and government review the process.
- Developed a guidance for the CFATS Risk-Based Performance Standards (RBPS).
- Worked with EPA to identify and notify potentially noncompliant facilities that possessed threshold quantities of CFATS COI.
- EPA’s webpage on Executive Order 13650
- OSHA’s webpage on Executive Order 13650
- Report on Actions to Improve Chemical Facility Safety and Security – A Shared Commitment
- Read or download the CFATS RBPS 9 – Response fact sheet
- Read or download the CFATS and CISA Gateway fact sheet
- Read or download the Resources for Law Enforcement and First Responders fact sheet
- CISA Gateway Digital Library
- CISA PCII Program
- CISA CVI Protections