As of July 28, 2023, Congress has allowed the statutory authority for the Chemical Facility Anti-Terrorism Standards (CFATS) program (6 CFR Part 27) to expire.
Therefore, CISA cannot enforce compliance with the CFATS regulations at this time. This means that CISA will not require facilities to report their chemicals of interest or submit any information in CSAT, perform inspections, or provide CFATS compliance assistance, amongst other activities. CISA can no longer require facilities to implement their CFATS Site Security Plan or CFATS Alternative Security Program.
CISA encourages facilities to maintain security measures. CISA’s voluntary ChemLock resources are available on the ChemLock webpages.
If CFATS is reauthorized, CISA will follow up with facilities in the future. To reach us, please contact CFATS@hq.dhs.gov.
The CSAT 2.0 Security Vulnerability Assessment (SVA) / Site Security Plan (SSP) Instructions provide the user with a question-by-question walkthrough of the SVA and SSP surveys. Facilities can utilize this document to support their completion of the surveys and assist in question completion.
Visit the CSAT SVA and SSP webpage for more information on the SVA and SSP.