In accordance with the C-TPAT Manufacturer Security Recommendations issued by U.S. Customs, our evaluators will carry out on-site security facility evaluation to assess the factory’s current state of security compliance to U.S. Customs general security recommendations.
The evaluation will include a meeting with the factory’s management, an interview with a select number of workers, an on-site inspection of the factory facilities as well as a review of various security related documents/records. Where security gaps are found, the factory and contractors need to agree on a mutually acceptable timeline for security enhancements and improvements. As supply-chain security is a developing area, Buyer expects that these measures will evolve over time. Security measures of concern are listed below
Physical Security
All buildings should be constructed of materials, which resist unlawful entry and protect against outside intrusion. Physical security should include:- Adequate locking devices for external and internal doors, windows, gates, and fences.
- Perimeter fencing should enclose the areas around cargo handling and storage facilities.
- Segregation and marking of international, domestic, high-value, and dangerous goods cargo within the warehouse by a safe, caged, or otherwise fenced-in area.
- All containers bound for Carter’s & Oshkosh in the U.S. are sealed with a high security seal that meets or exceeds the current PAS ISO 17712 standard for high security seals.
- Written procedures exist stipulating how seals are to be controlled and affixed to loaded containers. These include procedures for recognizing and reporting compromised seals and or containers to local authorities or U.S. Customs.
- Only designated employees have access to seals.Gates through which vehicles and/or personnel enter or exit must be manned and/or monitored.
- Parking area for private vehicles should be separate from the shipping, loading dock, and cargo areas.
- Buildings must be constructed of materials that resist unlawful entry.
- Adequate locking devices for external and internal doors, windows, gates, and fences.
- Adequate lighting provided inside and outside the facility including parking areas.
- Internal/external communications systems in place to contact internal security personnel or local law enforcement police.
- Segregation and marking of international, domestic, high-value, and dangerous goods cargo within the warehouse by a safe, caged, or otherwise fenced-in area.
- Adequate lighting provided inside and outside the facility to include parking areas.
- Separate parking area for private vehicles and that is separate from the shipping, loading dock, and cargo areas.
- Internal/external communications systems in place to contact internal security personnel or local law enforcement police.
Access Controls
- Access Control Application information, such as employment history and references, should be verified prior to employment.
- Background checks and investigations should be conducted for prospective employees and periodic checks and reinvestigations should be performed.
- Procedures in place to remove facility and system access for terminated employees.
- Unauthorized access to the shipping, loading dock and cargo areas should be prohibited. Controls should include:
- The positive identification of all employees, visitors and vendors.
- Automated systems must use individually assigned accounts that require a periodic change of password. IT security policies, procedures, and standards must be in place and provided to employees in the form of training.
- A system must be in place to identify the abuse of IT including improper access, tampering, or altering business data. All system violators must be subject to appropriate disciplinary actions for abuse.
- Procedures for challenging unauthorized/unidentified persons.
- An employee identification system must be in place for positive identification and access control purposes.
- Employees should only be given access to those secure areas needed for the performance of their duties.
- Procedures in place to control the issuance, removal, and changing of access devices.
- Visitors must present photo identification for documentation purposes upon arrival. All visitors should be escorted and visibly display temporary identification. Security personnel must
- dequately control the issuance and removal of identification badges.
- Proper vendor ID should be presented for documentation purposes upon arrival.
- Procedures in place to identify, challenging, and address unauthorized/unidentified persons.
- Having a designated security officer to supervise the introduction/removal of cargo.
- Properly marked, weighed, counted, and documented products.
- Procedures for verifying seals on containers, trailers, and railcars.
- Procedures for detecting and reporting shortages and overages.
- Procedures in place to ensure that all information used in the clearing process is complete, accurate, and protected against the exchange, loss, or introduction of erroneous information.
- Procedures must be in place to ensure that information received from business partners is reported accurately and timely.
- Procedures in place to ensure cargo is properly marked, weighed, counted, and documented.
- Procedures for detecting and reporting shortages and overages.
- Procedures for tracking the timely movement of incoming and outgoing goods.
- Procedures to notify customs and other law enforcement agencies in cases where anomalies or illegal activities are detected or suspected by the company.
- Procedures for tracking the timely movement of incoming and outgoing goods.
- Proper storage of empty and full containers to prevent unauthorized access.
- Procedures to notify Customs and other law enforcement agencies in cases where anomalies or illegal activities are detected or suspected by the company.
- Education and Training Awareness
- A security awareness program should be provided to employees including recognizing internal conspiracies, maintaining product integrity, and determining and addressing unauthorized access. These programs should encourage active employee participation in security controls.
- A threat awareness program should be established and maintained by security personnel to recognize and foster awareness of the threat posed by terrorists at each point in the supply chain.
- A security awareness program is provided to employees including recognizing internal conspiracies, maintaining product integrity, and determining and addressing unauthorized access. These programs encourage active employee participation in security controls.
- Additional training should be provided to employees in the shipping and receiving areas, as well as those receiving and opening mail.
- Currently, Buyer evaluates based on a point scoring system for security measures taken by a factory. Points will be awarded for each of the requirement listed on our self-assessment questionnaires and a total score will be given.
- End of C-Tpat Compliance article
0 Comments