Chemical Facility Anti-Terrorism Standards (CFATS) Enforcement

The Chemical Facility Anti-Terrorism Standards (CFATS) program requires a facility that is determined to be high-risk to develop and implement security measures that meet applicable risk-based performance standards (RBPS) for securing chemicals of interest (COI).

Both the Homeland Security Appropriations Act of 2007, Pub. L. No. 109-295 § 550 and CFATS, 6 CFR Part 27, provide authority for the Cybersecurity and Infrastructure Security Agency (CISA) to conduct authorization inspections. Specifically, 6 CFR § 27.250(a) provides authority for CISA to enter, inspect, and audit the property, equipment, operations, and records of CFATS-covered facilities.

While CISA is committed to helping facility personnel understand and comply with CFATS by providing technical assistance or on-site consultation, the Agency also has the authority to enforce compliance with the program.

CFATS Violations

CFATS violations are divided into several categories:

CFATS Penalty Policy

CISA is authorized to issue an Administrative Order (A Order) and an Order Assessing Civil Penalty (B Order) to a chemical facility found to be in violation of CFATS. Both A Orders and B Orders may be appealed pursuant to the procedures set forth in 6 CFR Part 27 Subpart C.

Contact Information

For questions or to get more information, please email