CFATS

Risk-Based Performance Standard (RBPS)

Eighteen Risk-Based Performance Standards

 

Facilities must address all applicable RBPSs in their Site Security Plans (SSPs) or Alternate Security Programs (ASPs). These include:

  • Restrict Area Perimeter
  • Secure Site Assets
  • Screen and Control Access
  • Deter, Detect, and Delay
  • Shipping, Receipt, and Storage
  • Theft and Diversion
  • Sabotage
  • Cyber
  • Response
  • Monitoring
  • Training
  • Personnel Surety
  • Elevated Threats
  • Specific Threats, Vulnerabilities, or Risks
  • Reporting of Significant Security Incidents
  • Significant Security Incidents and Suspicious Activities
  • Officials and Organization
  • Records

DHS also included a nineteenth RBPS, permitting it to add “any additional performance standards” that may apply to a facility.