On May 05, 2019, Coast Guard Maritime Commons, the Coast
Guard’s blog for maritime professionals, published a notice that the Office of
Port and Facility Compliance (CG-FAC) has issued its Annual Review, available
on the CG-FAC website. The Maritime Commons post is at https://mariners.coastguard.dodlive.mil/2019/04/05/4-5-2019-port-and-facility-compliance-annual-report-published/ The Year in Review report is at the bottom of
the CG-FAC homepage at https://www.dco.uscg.mil/Our-Organization/Assistant-Commandant-for-Prevention-Policy-CG-5P/Inspections-Compliance-CG-5PC-/cgfac/
As stated in the document, “The mission of the Office of
Port and Facility Compliance (CG-FAC) is to provide safety, security, and
environmental stewardship for the nation’s ports and facilities.”[1]
Cargo and container security, facility security, TWIC, cyber security, the Area
Maritime Security Committees, and most of the Maritime Transportation Security
Act of 2002 (MTSA) activities vital to Facility Security Officers are managed from
this office. This is a short, very readable document. The very important
activities of this Office in 2018 are presented in brief summaries. There are
often links included to source documents.
Topics addressed in the report include:
- · Highlights of 2018:
- o Marine Transportation System Recovery
- o Biennial Facility Inspector & Port Security Specialist Workshop
- o Committee for the Marine Transportation System (CMTS) Workshop
- o Common Assessment and Reporting Tool (CART)
- o Explosive Handling Supervisor Program Manual
- o Regulated Bulk Liquid Transfer Monitor Manual
- o API 570 Policy Letters
- o International Engagement
- o Arctic Work on Prevention of Pollution of the Marine Environment
- o Liquefied Natural Gas (LNG) Facility Support
- o Reporting of Inadequate Port Reception Facilities
- o Marine Information for Safety & Law Enforcement (MISLE) Enhancements
- o Policy Advisory Council (PAC) Document Registry
- o National Maritime Security Advisory Committee (NMSAC)
- · Cyber Risk Management
- · Unmanned Aerial Systems (UAS)
- · 2018 Statistics
- · Container Updates
- · Rulemakings
- · Training
- · Area Maritime Security Committees
- · On the Horizon for 2019[2]
While all of these topics are important,
here are several that really caught my attention.
First of all, 2018 enforcement statistics:
From 2018 Year in Review
It’s no surprise that access control
generates the most citations of the top five. Next in line comes owner/operator
requirements, followed by drill and exercise requirements, then comes a tie
between restricted area and reporting (breach of security). Facility inspectors
across multiple Coast Guard Sectors have been stating that reporting is
becoming an area of concern. This is confirmed here. Four out of the top 5 citations
appeared in LCDR Jennifer Osburn’s excellent 2017, report, MTSA Effectiveness[3],
which listed these violations, 1) Access Control, 2) Restricted Areas, 3)
Drills & Exercises, 4)Owner/Operator Requirements, and 5) Audits &
VSP/ASP Amendments (stating that they were not in order and were “common” and “typical”).
Cyber
risk management:
While the draft Cyber NVIC is
going through review, units are encouraged to engage in conversations with
facility owners, operators, and security officers about facilities’
cybersecurity/cyber risk management programs and how to begin incorporating
cyber into FSAs and FSPs. The Cyber NVIC itself is an awareness tool to inform
industry of the requirement to include cyber and provides examples of how cyber
might relate to cites within 33 CFR 105 and 106. The NVIC itself is not a
template for a Facility Security Plan (FSP) update, addendum, or otherwise example,
and therefore addressing cyber risks should not pend on its publication.[4]
Unmanned
Aerial Systems (UAS)
There is an excellent discussion here of a best practice from Sector
New Orleans, focusing on focus on tracking authorized UAS flights rather than
trying to determine unauthorized flights.
In an effort to
support this established novel practice, CG-FAC is working with the Coast Guard
Operations Systems
Center (OSC) to develop a voluntary
“Notice of UAS Operations” submissions tool on Homeport. The objective is to
develop a communications network similar to New Orleans’. CG-FAC is also
working on a policy letter to provide guidance on the procedure for reporting
unauthorized UAS flights to include the FAA reporting guidelines.[5]
Rulemakings
This section contains an explanation of where we are (or are not) with
the TWIC reader final rule. Congress forbad the USCG from implementing the rule
or any similar rulemaking until an assessment of the TWIC program is reported
to Congress. The RAND Corporation is performing this assessment.
Once completed
(estimated June 2019 by HSOAC/RAND), the Coast Guard will review the
results of the
assessment and move forward with the TWIC Reader Rule implementation
process, taking into
consideration any changes resulting from the assessment, coordination with the Transportation
Security Administration (TSA) and the Screening Coordination Office
(SCO), and any
possible Congressional feedback concerning the assessment.[6]
Policy Advisory Council (PAC)
Document Registry
PACs are “decision
documents…that provide interpretation of regulations covered under the Maritime
Transportation Security Act (MTSA) of 2002. PACs are a valuable tool for
explaining maritime security regulations and aiding Coast Guard field units and
the maritime industry.”[7]
PACs were issued from 2003 to 2011. Since then, these documents may have been superseded
or policy may have changed. The Coast
Guard reviewed all the PACS in 2017.
All active PACs were compiled into a single Adobe document that is
indexed and keyword searchable. PACs deemed “no longer required” were rescinded
and those incorporated into other policy documents were noted in the registry.
The new registry was published on Feb 6, 2018, replacing the individual PAC
files previously posted on Coast Guard’s Homeport website. The registry will be
reviewed by CG-FAC-2 on an annual basis, where updates and changes will be
tracked, noted in the registry, and communicated to port stakeholders through Homeport.[8]
On the Horizon for 2019
CG-FAC is working to
address Coast Guard specific tasking within the recent FAA
Reauthorization Act,
which directs the Coast Guard, in coordination with other stakeholders, to establish a cyber
risk assessment model for the marine transportation system. This cyber risk assessment tool will
follow the National Institute of Standards and Technology’s Cybersecurity Framework, similar
to CG-FAC’s work on Cybersecurity Framework Profiles (CFP).[9]
What this section doesn’t mention:
issuance of two NVIC updates, 03-03 CH-3 and 03-07 CH-1. NVIC 03-07 CH-1 may be
waiting on the reader rule which means it is on the shelf depending on what
Congress says about the Rand report. NVIC 03-03 CH-3 has been worked on for
several years and should be ready to go?
Conclusion:
There is something for every MTSA stakeholder in this Office of Port and
Facility Compliance 2018 Year in Review. FSOs are urged to read the entire
report.
[1] U.S.
Department of Homeland Security. United States Coast Guard. Office of Port
& Facility Compliance. https://www.dco.uscg.mil/Our-Organization/Assistant-Commandant-for-Prevention-Policy-CG-5P/Inspections-Compliance-CG-5PC-/cgfac/
[2]
U.S. Department of Homeland Security. United States Coast Guard. Office of Port
and Facility Compliance.
2018 Annual Report. 2019. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Year%20in%20Review/YearInReview2018.pdf?ver=2019-04-03-153641-730
[3]Osburn,
Jennifer. Maritime Transportation Security Act of 2002 (MTSA) Effectiveness. 2017.
https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/MTSA%20Effectiveness.pdf?ver=2017-07-19-070242-347
[4] U.S.
Department of Homeland Security. United States Coast Guard. Office of Port and
Facility Compliance.
2018 Annual Report. 2019. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Year%20in%20Review/YearInReview2018.pdf?ver=2019-04-03-153641-730
[5]
Ibid.
[6]
Ibid.
[7] Ibid.
[8]
Ibid.
[9]
Ibid.
No comments:
Post a Comment