The Department of Homeland Security began work in 2007 on a program to secure the nation’s chemical plants from terrorist attack. But 4½ years and nearly a half-billion dollars later, there is little to show for it.
The Chemical Facilities Anti-Terrorism Standards (CFATS) program has yet to approve a single security plan for a high-risk facility, although more than 4,000 have been submitted, according to congressional testimony and documents.
A CFATS computer program made significant errors in grading risks at chemical plants in 2009 and 2010, but the errors were not reported up the management chain and did not come to light until last summer.
Last year, an internal management review found that the department failed to impose proper controls over hiring, spending and use of official vehicles.
Now, congressional investigators are launching a probe of the troubled $480 million program to look at the problems in CFATS management and assess a Homeland Security plan to fix the program.
But the problems in the program are raising other questions.
Business leaders are concerned about the department’s ability to regulate computer security in all 18 sectors of the nation’s key industries, such as banks and oil refiners, as proposed in the Senate cybersecurity bill.
At a recent Senate hearing about the bill, former Homeland Security Secretary Tom Ridge said businesses are worried about the department’s implementation of any cybersecurity authorities. They opposed “making a leap to an uncertain regulatory program,” he said.
Rand Beers, the official in charge of CFATS, acknowledged the problems. However, he said the department faced a huge and complex task in creating a full-scale regulatory program to consider the potential risks at tens of thousands of chemical plants of different sizes and functions nationwide.
The department has made some progress in dealing with the problems, said Mr. Beers, Homeland Security’s undersecretary for the National Protection and Programs Directorate.
“There’s a new management team in place, a comprehensive action plan and plenty of senior-level attention and involvement, so I’m confident we can overcome them,” he said in an interview.
He said the program had set up an innovative system for companies to file information electronically about their plants, their workers and the chemicals they use. The department also has hired and begun to train a national team of inspectors.
Under the program, companies have to submit data about their plants and the chemicals they use. Some have to file additional security plans if the chemicals are high-risk and the plants are near population centers.
“We have built the tools” to complete the process of approving 4,200 security plans for the highest-risk plants, Mr. Beers said.
The department has begun work on about half of the security plans from the 100 highest-risk facilities.
Mr. Beers added that CFATS already had improved the security of the nation’s chemical industry sector.
About 1,600 facilities have been removed from the at-risk list because they have stopped using chemicals that make them potential terrorist targets, he said. Another 700 plants reduced the quantity of such chemicals to lower their risk levels.
The CFATS program uses four categories to rate high-risk plants. The highest-risk plants are generally major facilities using toxic chemicals in big urban areas, where the potential casualty count from a successful terrorist attack would be highest.
But in May 2010, CFATS staffers discovered an error in the computing program used to assess the risk levels, based on the electronic submissions from plant managers. About 250 facilities had been placed in the wrong category.
At the time, a Homeland Security official made a “conscious decision” not to report the problem to upper management, according to a memo prepared by the staff of the House Energy and Commerce Committee.
Mr. Beers told the committee this month that he first learned of the mistake in June. The problem has been fixed, and the department is investigating why it was not reported, he said.
“I want it wrapped up soon,” he said.
Todd M. Keil, the assistant secretary who in June first notified Mr. Beers of the problem in categorizing the plants, abruptly resigned Feb. 3, the same day as the hearing.
A management review last fall revealed the problems with hiring and spending controls. The review included a plan for fixing the program, according to congressional testimony.
Rep. Robert B. Aderholt, Alabama Republican, has called on the Government Accountability Office, Congress’ investigative arm, to look into the program. Officials at the office said they were working with Mr. Aderholt’s staff on the exact scope and nature of their inquiries.
Mr. Aderholt, chairman of the House Appropriations subcommittee on homeland security, announced this week that he would hold a closed hearing next month to take classified testimony from Mr. Beers about the program.
• Shaun Waterman can be reached at 123@example.com.
Please read our comment policy before commenting.