CFATS Monthly Statistics

These metrics show the maturation and growth of the Chemical Facility Anti-Terrorism Standards (CFATS) program (6 CFR Part 27). Metrics under “Since Inception” include facilities that were tiered when the activity occurred but were subsequently determined to no longer be high-risk. Typical reasons for a change in high-risk status includes removal of chemicals of interest (COI), reduction of the quantity of COI onsite, replacement of the COI with a lower concentration COI, and/or facility sale or closure.

Note: This regulatory program is cyclical in nature, meaning activities such as Compliance Inspections (CIs) are recurring. CISA began conducting recurring CIs in March 2017.

Current Statistics

To date, CISA has received more than 96,000 Top-Screen submissions from more than 42,000 unique facilities. Of these, CFATS currently covers 3,321 facilities. These high-risk facilities are divided into four tiers, with Tier 1 facilities posing the highest security risk. Learn more about the CFATS Process.

CFATS Activities

Activity Since Inception         February 2020  
Authorization Inspections (AIs) 4,189 26  
Compliance Inspections (CIs) 6,108 170  
Compliance Assistance Visits (CAVs)          6,448 125  

* If an activity is canceled, it will be removed from the system. This may lead to a small change in the monthly numbers.

CFATS Facility Status

Status                   Currently Covered
Tiered 126
Authorized      142
Approved 3,053
Total 3,321


Approved Facilities: This metric shows the number of facilities that are currently approved. Once a facility’s security plan (Site Security Plan [SSP] or Alternative Security Program [ASP]) is approved and a Letter of Approval is issued, the facility enters into a regulatory cycle of CIs.

Authorized Facilities: This metric shows the number of facilities that are currently authorized. Once a facility has submitted their security plan (SSP or ASP), a Letter of Authorization will be issued if the security measures appear to satisfy the applicable established risk-based performance standards (RBPS) requirements.

Authorization Inspections (AIs): This metric shows the number of Authorization Inspections completed. Once a Letter of Authorization is issued, an AI is conducted at facilities to verify and validate that the content listed in the facility’s SSP or ASP is accurate and complete, and that existing and planned equipment, processes, and procedures are appropriate and sufficient to meet the RBPS specified in the CFATS regulation. This inspection occurs prior to the final approval of the facility’s SSP or ASP.

Compliance Assistance Visits (CAVs): This metric shows the number of Compliance Assistance Visits completed. CAVs provide CFATS-covered facilities and facilities of interest an in-depth knowledge of how to meet CFATS requirements, such as determining COI reporting requirements, submitting or resubmitting a Top-Screen, developing an SSP or ASP, editing an SSP based on a change in security posture or tiering, or assistance in complying with any other part of the regulation.

Compliance Inspections (CIs): This metric shows the number of Compliance Inspections completed. A CI is conducted after a Letter of Approval has been issued. It is part of the recurring inspection process to ensure the covered facility continues to implement its approved SSP or ASP, and that existing and planned security measures are appropriate and sufficient to meet the RBPS. CIs will typically occur every one to two years, or as needed.

Tiered Facilities: Once a facility has submitted a Top-Screen, CISA uses a risk-based tiering methodology to determine if the facility is high-risk. This metric shows the number of high-risk facilities that are currently tiered and are pending Authorizations and Approval.

Was this document helpful?  Yes  |  Somewhat  |  No