At the 2009 C-TPAT seminar in New Orleans, Customs presented attendees with the C-TPAT Best Practice update 2009 brochure. This brochure is updated information to the 2006 Best Practice Catalog. At the “Best Practice” workshop the speaker mentioned that everything in the 2006 Best Practice Catalog continues to serve as a valuable tool for the trade community but some may no longer be “best practices.” Building on this foundation, CBP will continue to provide updated best practices on a regular basis via the program’s secure web portal.

The program has been evolving and past best practices are becoming new industry standards. Remember, with time Customs keeps raising the bar and expects more of the members. Even if you cannot immediately adopt all of the best practices, the more that you can put into practice, the more secure your operations will be-and the greater your potential for eventually reaching tier 3 status. We encourage you to review the recommendations given in your validation reports and the ones mentioned below. These best practices will enhance your security policies and procedures at your facilities.

If you have any questions about the recommendations or C-TPAT program, please contact Zisser.

“C-TPAT is dedicate to meeting the needs of our members while also promoting the highest possible level of cargo security. We hope that this best practices update will be helpful to all.”

- C-TPAT Director Bradd Skinner

Overview of Supply Chain Security Best Practices

Applicable to C-TPAT members as well as all supply chain partner companies. (The information below is in the C-TPAT Best Practice Update 2009 brochure).

Security Criteria

Business Partner
Conveyance Security
Physical Access Control
Personnel Security
Procedural Security
Physical Security
Security Training / Threat Awareness
Information Technology Security

Business Partner

Perform periodic audits of business partners accompanied by a third-party security firm (these audits may be performed without advance notice). The firm should provide a written assessment of business partners’ adherence to C-TPAT minimum security criteria. If non-compliance is discovered, it could be sufficient grounds for terminating the business relationship.
Conduct periodic table-top exercises to address security breaches within the supply chain and, if one does not already exist, create a “quick response team” to investigate suspicious activities discovered during cargo transportation.

Conveyance Security

Use tamper-indicative security labels, bearing an actual photo of the seal and a serial number, attached to the hinges and between the two doors of the vehicles.
Use multiple ISO/PAS 17712 certified high security seals on all shipments bound to the U.S.
Use a dock locking arm to anchor the container chassis to the loading dock.
In addition to using a bolt seal, attach a cast iron J-bar device to the locking bar that requires a specialized tool for removal.

Physical Access Controls

Ensure that as employees enter the facility, their photos are displayed on an electronic access system monitor so that the security guard in the area can verify that individual entering match the photos displayed on the monitor.
Issue all visitors thermal-activated visitor ID badges featuring expiration marking/coloring that appears after eight hours.
Ensure that the exterior doors of building are equipped with two-person key systems that require a company manager and a security guard to unlock the facility.

Personnel Security

Use fingerprinting to document the identify of all new hires, and provide an employee list to national authorities on an annual basis for additional screening.
Conduct exit interviews as a routine part of the employee termination process, with a counselor on hand to evaluate the likelihood that a terminated employee might pose a retaliation threat.

Procedural Security

Use tamper-evident tape with serial numbers to seal cartons, and verify the serial number against the packing list when loading and at the final destination.
Schedule all deliveries at distribution centers in advance using an online automated tool, and ensure that upon arrival, drivers provide security guards with shipment-linked delivery numbers for verification.

Physical Security

Install a double-layered perimeter fence, creating a secure zone between the two fence lines. Ensure that both fences are equipped with electronic monitoring capabilities, and that the outer fence incorporates underground concrete to deter tunneling.
Maintain multiple alarm systems that include door contacts, heat and vibration sensors, and seismic movement detectors.
Position security guard view towers at each corner of the facility perimeter with sightlines that permit views of activity inside and outside the facility. Make sure the towers are manned at all times.
If the facility is located adjacent to a lake or eitheir body of water that forms part of its perimeter, install an optical fence above and below the water line to detect waterborne intruders.

Security Training / Threat Awareness

Require new employees to complete a multiple-module security training program. Web-based training should emphasize recognition of internal conspiracies, maintaining cargo security, facility access control, and mail handling procedures. Publish security updates via internet.
Conduct a semi-annual security awareness training seminar for all U.S. based suppliers, customers, and other business partners.

Information Technology Security

Install software on employees’ laptops that allows management to delete information from the hard drive from a remote location.
Require computer users to sign an agreement of liability for the use of the company’s information system, and renew these agreements each time a password change is initiated.
Equip computers with biometric retina scanners for authentication and identification purposes.

How C-TPAT Identifies Best Practices

Best practices in a general sense are innovative security measures that exceed the C-TPAT minimum security criteria and industry standards.

In order for the best practices to be effective, they should include high-level managerial support, employ a system of checks and balances, and have written and verifiable policies and procedures.

CBP C-TPAT specialists have conducted over 8,000 validations and site visits since the publication of the 2006 Supply Chain Security Best Practices Catalog. The dynamic trade environment and diverse business models of C-TPAT partners have presented the program with new best practices. Included in this pamphlet is a snapshot of new best practices recently identified by the program.

The benefit of adopting security measures

The best practices outlined in this document, if adopted, will protect the security of member companies as well as their economic health. As the global supply chain grows more secure, the United States will become more effective and efficient at preventing terrorists, terrorist weapons, narcotics, and other contraband from entering the country. This, in turn, prevents costly interruptions in the free and fair flow of trade.

CBP’s Mission

As a core trade program within CBP, mission is to:

Prevent terrorists and / or terrorist weapons from entering the United States by partnering with members of the trade community to enhance the security of their international supply chains, with priority focus on foreign manufacturers through CPB clearance process.
Facilitate the flow of legitimate cargo through the provision of partner incentives and benefits, while allowing CBP resources to concentrate on higher risk shipments.
Internalize the core principles of supply chain security through cooperation and coordination with members of the international community, while simultaneously supporting and facilitating other CBP security initiatives (e.g., Free and Secure Trade, Secure Freight Initiative, and Container Security Initiative).