The American Chemistry Council (ACC) has made enhanced security activities mandatory for its members, to help assure the public that all member facilities are involved in making the United States more secure. The ACC board approved a new Security Code under Responsible Care that consists of increased specific commitments to further safeguard chemical operations from potential terrorist attacks.
Since September 11, the ACC has consulted and/or partnered with the Office of Homeland Security, Environmental Protection Agency, Federal Bureau of Investigation, Defense Department, Coast Guard, Sandia National Laboratories, and state and local governmental authorities.
ACC members have begun to prioritize their sites and will assess security at those sites. Sites will be prioritized into one of four tiers based on risk. Companies then will assess security at their sites based on this prioritization. They also will assess the security from supplier to manufacturer, retailer, and customer, as well as their cyber networks.
Once companies implement security measures identified in the assessment, independent third parties will verify that the physical site security measures have been implemented. Companies will have systems in place to assure continuous improvement. When assessing security of sites, companies will use methods being developed either by the independent Sandia National Laboratories or the Center for Chemical Process Safety (CCPS), or an equivalent approach.
The new code contains industry obligations including:
-
Commitment by senior leadership to continuous improvement through published policies; provision of sufficient, qualified resources; and established accountability.
-
Training and drills for employees, contractors, customers, and suppliers.
-
Companies are to consider as part of their decision-making process using inherently safer approaches, such as process changes and materials substitution.
-
Communications, dialogue, and information exchange on appropriate security issues with stakeholders, balanced with safeguards for sensitive information.
-
Evaluation, response, and reporting of security threats as appropriate, as well as analysis, response, investigation, reporting, and corrective action for security incidents.
-
Internal audit and continuous improvement processes.