Embed Size (px)
Citation preview
Supply Chain Security: The New
1Confidential 1Confidential
ASIS Supply Chain &
Transportation Security
Council - SCSC
Laura HainsJJ CoughlinJohn SharpDennis Blass
Supply Chain Security: The New Normal
Overview On Secure Supply Chain Programs
2Confidential 2Confidential
Laura Hains
BasisPrograms based in some form on World Customs Organization (WCO) Framework of
Standards to Security and Facilitate global trade (SAFE) and SAFE has origins in the revised Kyoto Convention.
161of 171 WCO members have signed on to SAFE
SAFE based on six standards:
1. Partnership-self assessment-measuring their internal policies and procedures
3Confidential 3Confidential
1. Partnership-self assessment-measuring their internal policies and procedures against security standards/best practices
2. Security-define best practices for security into business practices
3. Authorization-design validation process or quality accreditation procedures that offer incentives to business
4. Technology-parties maintain cargo and container integrity by using modern technology
5. Communication-Regularly updates security standards and supply chain security best practices
6. Facilitation- Customs works with AEO’s to maximize security and facilitation of the international trade supply chain.
Authorized Economic OperatorAEO
SAFE Framework defines an AEO as:
“a party involved in the international movement of goods in
whatever function that has been approved by or on behalf of a
national Customs Administration as complying with WCO or
4Confidential 4Confidential
national Customs Administration as complying with WCO or
equivalent supply chain security standards. AEOs include inter
alia manufacturers, importers, exporters, brokers, carriers,
consolidators, intermediaries, ports, airports, terminal operators,
integrated operators, warehouses, distributors”.
(WCO SAFE Framework of Standards, June 2007)
Operational AEO ProgramsArgentina Customs System of Reliable Operators (SAOC) Export
Canada Partners in Protection (PIP), Customs Self-Assessment (CSA), Free and Secure Trade (FAST), Partners in Compliance (PIC) PIP - Import/export CSA, FAST, PIC - Import
China Classified Management of Enterprises Import/export
EU (27 countries) AEO Import/export
Japan AEO Import/export
5Confidential 5Confidential
Japan AEO Import/export
Jordan Golden List Import/export
Korea AEO Import/export
Malaysia AEO Import/export
New Zealand Secure Exports Scheme (SES) Export
Norway AEO Import/export
Singapore Secure Trade Partnership (STP) Import/export
Switzerland AEO Import/export
USA Customs-Trade Partnership against Terrorism (C-TPAT) Import
AEO Programs to be Launched
Andorra AEO Import/export
Botswana Trans Kalahari Accreditation Scheme Import/export
Chile AEO pilot Export Colombia* AEO Export
6Confidential 6Confidential
Costa Rica AEO Export
Guatemala AEO Import/export
Former Yugoslav Republic of Macedonia AEO Import/export
Israel AEO Import/export
Morocco AEO Import/export
Countries with Mutual Agreement with C-TPAT as of June 2011
New Zealand - June 2007 – New Zealand Customs Service’s Secure Export Scheme Program – SES- Export
Canada - June 2008 – Canada Border Services Agency’s Partners in Protection Program - PIP - Import
7Confidential 7Confidential
Protection Program - PIP - Import
Jordan – June 2008 – Jordan Customs Department’s Golden List Program –GLP-Import/Export
Japan - June 2009 – Japan Customs and Tariff Bureau’s Authorized Economic Operator Program – AEO-Import/Export
Korea - June 2010 – Korea Customs Service’s Authorized Economic Operator Program – AEO-Import/Export
(EU and US currently in talks for Mutual Recognition)
Customs Trade Partnership Against Terrorism (C-TPAT)
Customs-Trade Partnership Against Terrorism (C-TPAT) is a program developed by the United States Customs Service as a result of growing concerns by government and business of the growing threat of terrorist activity involving the movement of freight into the U.S.
Started November 2001
Designed to build cooperative relationships that strengthen supply chain and border security.
8Confidential 8Confidential
Designed to build cooperative relationships that strengthen supply chain and border security.
Asks business to ensure the integrity of their supply chain processes and business partners
To become a certified member, companies must demonstrated they have developed acceptable security procedures throughout the supply chain.
Eligible Business Types: US Importers, Foreign Manufacturers, Licensed US Customs Brokers, US Air Freight Consolidators, Ocean Transportation Intermediaries, Non-Vessel Operating Common Carriers, US/Canada Highway Carriers, US/Mexico Highway Carriers, Rail Carriers, Sea Carriers, Air Carriers, US Marine Port Authority/Terminal Operator
As of 2011, 10,000 companies in program
Imports.
Makes allowances for foreign based carriers and manufacturers
EU Authorized Economic Operator (AEO)
The Authorized Economic Operator (AEO) program was officially launched in Europe on January 1, 2008 to upgrade the security of the supply chain, while contributing to trade facilitation.
Currently EU AEO has 27 members to include Norway, Switzerland
9Confidential 9Confidential
Currently EU AEO has 27 members to include Norway, Switzerland
An AEO Certificate - Customs Simplifications is issued to any economic operator established in the Community who fulfils the criteria of customs compliance, appropriate record-keeping
Eligible business types: Manufacturers, Exporters, Freight Forwarders, Warehouse-keepers, Clearance agents, Carriers and Importers
Imports and Exports
EU AEO available only to companies with status as legal entity of the EU
Partners in Protection Program (PIP) Canada
Partners in Protection (PIP) is a Canadian government compliance and security certification.
It is voluntary, with no fees actively dealing with supply chain security.
Started in 1995
10Confidential 10Confidential
Started in 1995
PIP members must own or operate facilities in CA. (US based highway carriers who are members of FAST do not need facilities)
Includes: Importers, Exporters, Marine Carriers, Air Carriers, Customs Brokers, Warehouse Operators, Freight Forwarders, Shipping Agents
Imports
Service’s Secure Export Scheme (SES) Program
SES began in 2004 and designed to give exporters greater certainty at international borders by minimizing Customs delays and giving exporters priority in trade recovery.
The purpose is to protect exports from being tampered with, sabotaged,
11Confidential 11Confidential
The purpose is to protect exports from being tampered with, sabotaged, smuggled or subjected to other trans-national crimes.
Eligible Business Types: All exporters, exporting by all modes of transportation, to all destinations, applies to all products (bulk & containerized & general cargo).
New Zealand, Hong Kong agreement March 2010
Exports
Golden List Program (GLP)
Jordan Customs Department launched the GLP in August 2005
Founded on concept of true partnership between the private and public sector.
12Confidential 12Confidential
The purpose of evaluating the due diligence of the Jordanian Supply chain companies dealing with the international trade.
Depends on the principles of risk management and due diligence with customs requirements and international security standards.
Imports/Exports
Supply Chain-Information Sharing and Analysis Center
13Confidential 13Confidential
JJ Coughlin
Presentation Agenda
1. SC-ISAC 2010
14Confidential 14Confidential
2. Cargo Theft Analysis-US
3. SC-ISAC 2011 1st & 2nd Quarter Cargo
4. Theft Analysis-US
SC-ISAC Cargo Theft AnalysisFrom 2010/2011 SC-ISAC Incident Database
� Types of Incidents
� Theft by State
15Confidential 15Confidential
� Theft by State
� Locations of Thefts
� Days of Incidents
� Main Products/Industries Targeted
� Main Commodities of Thefts
2011 1st & 2nd Quarter
16Confidential 16Confidential
2010 Theft by State
17Confidential 17Confidential
2011 1st & 2nd Quarter
18Confidential 18Confidential
2009/2010 Cargo Theft Locations
19Confidential 19Confidential
2011 1st & 2nd Quarter
20Confidential 20Confidential
2010 - Days of Thefts
21Confidential 21Confidential
2011 1st & 2nd Quarter
22Confidential 22Confidential
2010 - Targeted Commodities
23Confidential 23Confidential
2011 1st & 2nd Quarter
24Confidential 24Confidential
2011 1st Quarter
25Confidential 25Confidential
2011 2nd Quarter
26Confidential 26Confidential
2010 – Items Stolen
27Confidential 27Confidential
2011 1st & 2nd Quarter
28Confidential 28Confidential
2011 1st Quarter
29Confidential 29Confidential
2011 2nd Quarter
30Confidential 30Confidential
C-TPAT:
Customs-Trade Partnership
Against Terrorism
Is it worth it and what’s the future?
31Confidential 31Confidential
Is it worth it and what’s the future?
John Sharp, CPP
C-TPAT 2011
Voluntary Supply Chain Security Initiative
Currently 10,500 members in Program
• Controlling 60% of all imported goods
• Total importers in US – 810,000
32Confidential 32Confidential
CBP Commissioner Alan Bersin wants a new direction of “Secure and Expedited Trade”
• Calling to increase membership to 40,000 companies within 5 years
• Expansion of Trusted Trader Programs
• Synchronization with other US Government Programs
C-TPAT: Cost-Benefit Studies
University of Virginia & CBP - 2010 Survey
42% benefited from participation, outweighs the cost
Tangible Benefits cited include:
• Improvement of workforce security
• Decrease in time to release cargo by CBP
33Confidential 33Confidential
• Reduced time in CBP inspection lines
• Increased predictability in the movement of goods
• Overall impact to decrease disruption of supply chains
US Customs C-TPAT Benefit Claims:
• Members are 4.1 times less likely to have cargo examined for compliance measurement reasons
• 6 times less likely to have exams for security reasons
• Ports provide expedited completion of exams for members “C-TPAT priority”
C-TPAT: Organizational Gains Beyond Regulatory ComplianceImproves communication and collaboration across organizational units
• purchasing, facility management, administration
• logistics, customs compliance and security
Improves written procedures and internal controls for:
• Hiring procedures; Training; Shipment Documentation; Information security
• Physical security; Access Control
• Business partner vetting; Internal and External Audit Function
Enhances security awareness to organizational threats:
34Confidential 34Confidential
Enhances security awareness to organizational threats:
• Internal conspiracy
• Workplace violence
• Intellectual property protection
• Country risk factors – crime, contraband and human smuggling
Operational Improvements
• Improved supply chain transparency by mapping end to end supply chains
• Knowledge of who is handing your cargo (subcontracted carriers and agents)
Financial Improvements
• Ability to join other programs such as FAST and ISA – Importer Self Assessment
• Duty payment –monthly instead of transactional
• Reduced Penalties
Case Studies – C-TPAT ROI
STRATIFIED EXAM BENEFIT:
SITUATION: Big Box Retailer imports 9 containers on one bill of lading. CBP wants to examine one of the 9 containers. Importer had ALL 9 containers removed and stored for inspection. Charged $28,000 for drayage, storage and container fees for all 9 containers.
OUTCOME: CBP will hold only the one container they want to examine and release the others. All must remain sealed at the importer’s location.
35Confidential 35Confidential
TIER 3 BENEFIT:
SITUATION: Power Tool Manufacturer has assembly and distribution in Tennessee. After Japan earthquake and tsunami, parts manufacturing were delayed, parts were sourced from China. The US assembly waited patiently for the shipment. Once parts departed, the assembly plant readied for their arrival. Upon entry to the west coast port, 3 containers were called for a non related security examination.
OUTCOME: The Tier 3 importer notified their Supply Chain Security Specialist and advised that the plant was to be shut down if the goods were held. The container examination was expedited and the 3 containers were released the same day.
Outlook from WashingtonSAFE Port Reauthorization Act of 2011(S. 832)
• Introduced in Senate on 4-14-11
• C-TPAT Unannounced Visits
• Inform Congress before entering any Mutual Recognition Agreements or Trusted Shipper Programs
• Tier 3 – Promote sharing of information
• Security Training
36Confidential 36Confidential
National Strategy on Global Supply Chain Security
• Will supersede a 2007 supply chain security strategy
• Comprehensive guide for the federal government’s response and recovery from a terrorist attack
• The previous strategy was limited to CBP’s role
• The new strategy encompasses all agencies in DHS as well as the U.S. departments of Agriculture, Justice, Commerce and Defense
Synchronizations of Trusted Shipper Programs:
• ISA-Product Safety Pilot (Voluntary Qualified Importer program)-FDA (FSMA), CBP-TSA-CCSP, CBP-CPSC, Programs/Legislations
Security Management Systems
for the Supply Chain
37Confidential 37Confidential
Dennis Blass, CPP, PSP, CFE, CISSP
ISO 28000 Required Elements
1.Know the Organization
Key Operations & Assets
4. Implement
Define responsibilities
38Confidential 38Confidential
Key Operations & Assets
2. Security Mgmt Policy
3. Plan
Security risk assessment
Legal Requirements
Objectives and targets
Define responsibilities
Training and competency
Documentation
5. Check
Monitor, measure & report
6. Continually Improve
Comparable Transportation Security
Programs
Voluntary Supply Chain Programs
Regulatory ProgramsInternational Conventions
39Confidential 39Confidential
� C-TPAT
� PIP
� AEO
� ISO 20858
�Aviation
�Marine
�Air cargo
�Surface and intermodal
�IATA�IMO
Features of Secure Supply Chain Programs
• Management systems
approach
• Risk-based
• Data collection & root cause analysis
• Supports the needs of
40Confidential 40Confidential
• Risk-based
• Defined roles &
responsibilities
• Security training &
awareness
business
• Exposes vulnerabilities, threat agents and vectors
• Enables continuous improvement
Comprehensive Physical Security
Program Theory
• Existing physical security program as a starting point.
• Conduct a GAP analysis against required program or standard.
41Confidential 41Confidential
standard.
• Incorporate a risk, threat, vulnerability assessment program.
• Build upon an existing or incorporate the principles of a management systems approach.
Challenges & Benefits
• Defining the key elements or components of a Comprehensive Physical Security Program
• Acceptance of this concept by government & oversight agencies
• Documentation and reporting requirements
42Confidential 42Confidential
• Documentation and reporting requirements
• Avoids duplication
• Cost effective
• The ability to tailor security to address specific facilities, security needs and operations
• Inter-operability
Next Step:
Incorporate Organizational Resilience
Management
•Management Commitment • Planning
43Confidential 43Confidential
•Management Commitment
•Implementation & Operation
•Management Review
• Planning
• Checking (Evaluation)
Q&A
44Confidential 44Confidential
Session
Laura Hains, CPPMaritime Security SpecialistHammerhead Security Solutions, [email protected]
JJ Coughlin
45Confidential 45Confidential
John Sharp, CPP Sharp Global Partners, Ltd70 West 40th Street, 8th FloorNew York, NY USA646-240-4100 [email protected]
Dennis Blass, CPP PSP, CFE, CISSPDirector, Safety & SecurityChildren’s of Alabama1600 7th Avenue SouthBirmingham, AL 35233E-mail: [email protected]
