A Lesson in Compliance from the Chemical Industry
A Lesson in Compliance from the Chemical Industry
By Jon Harmon
CSO (US)
FRAMINGHAM (04/09/2009) - In many ways, the role of the CSO is directly tied to business profitability. By creating and enforcing policies that protect human, physical and intellectual assets, the CSO ensures the very integrity of the organization. This link to the bottom line, though, is about to become much stronger--and quite possibly much sooner than anticipated.
Events occurring in the U.S. chemical-manufacturing industry, specifically those relating to security guidelines being enforced by the federal government, are likely foreshadowing what's next in line for other industries.
In 2007, the Department of Homeland Security (DHS) introduced the Chemical Facility Anti-Terrorism Standards (CFATS), a rigorous program designed to protect high-risk chemical facilities from attacks. The legislation mandates that sites identified as "high-risk facilities" implement solutions, under the guidance of Risk-based Performance Standards (RBPS), to address gaps in safety and security. Under the new Congress, there will likely be additional issues addressed that may intensify the requirements, such as the need for inherently safer technologies (ISTs) and state and local interpretations related to enforcing compliance.
The penalties for non-compliance can range from hefty fines to total plant shutdowns. Under this scenario, the CSO of today's chemical plant has never had more responsibility riding on his/her shoulders.
The chemical industry is just one of the critical sectors impacted by DHS regulations. And it's very likely that CSOs across various industries - water treatment plants, port facilities, educational and banking facilities, etc.--are/will have to deal with federal compliance issues. With this in mind, it's critical for CSOs to begin evaluating their purchasing behaviors immediately and identifying technologies that create a holistic security solution under the possibility of future enforcement. (Editor's note: See also Case Study: Security Convergence.)
So how can a CSO truly prepare his organization for a "new normal" with stringent regulations?
What to Expect
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
compliance
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
