(1) Submission of a Top-Screen;
(2) Notification of a Risk Tier Determination;
(3) Submission of a Security Vulnerability Assessment (SVA) and Site Security Plan (SSP) or Alternate Security Program
(4) Ongoing Compliance.
Through each phase of the CFATS regulatory scheme, we have worked with some of the nation’s largest companies since 2007 to develop CFATS compliance strategies that leverage practical solutions, reduce the ongoing compliance burden, and create sustainable CFATS programs.
CFATS Regulatory Overview