[Senate Hearing 113-797]
[From the U.S. Government Publishing Office]





                                                        S. Hrg. 113-797
 
                    CHARTING A PATH FORWARD FOR THE
          CHEMICAL FACILITIES ANTI-TERRORISM STANDARDS PROGRAM

=======================================================================

                                HEARING

                               before the

                              COMMITTEE ON
               HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
                          UNITED STATES SENATE

                    ONE HUNDRED THIRTEENTH CONGRESS


                             SECOND SESSION

                               __________

                              MAY 14, 2014

                               __________

        Available via the World Wide Web: http://www.fdsys.gov/

                       Printed for the use of the
        Committee on Homeland Security and Governmental Affairs
        
        
        
        
        
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]     






                     U.S. GOVERNMENT PUBLISHING OFFICE
                  
 89-684 PDF                   WASHINGTON : 2016       
_________________________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Publishing Office,
      Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800
     Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001                 

        
        
        
        

        COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

                  THOMAS R. CARPER, Delaware Chairman
CARL LEVIN, Michigan                 TOM COBURN, Oklahoma
MARK L. PRYOR, Arkansas              JOHN McCAIN, Arizona
MARY L. LANDRIEU, Louisiana          RON JOHNSON, Wisconsin
CLAIRE McCASKILL, Missouri           ROB PORTMAN, Ohio
JON TESTER, Montana                  RAND PAUL, Kentucky
MARK BEGICH, Alaska                  MICHAEL B. ENZI, Wyoming
TAMMY BALDWIN, Wisconsin             KELLY AYOTTE, New Hampshire
HEIDI HEITKAMP, North Dakota

               John P. Kilvington, Acting Staff Director
           John G. Collins, Senior Professional Staff Member
           Jason M. Yanussi, Senior Professional Staff Member
               Keith B. Ashdown, Minority Staff Director
                  Patrick J. Bailey, Minority Counsel
          William H.W. McKenna, Minority Investigative Counsel
                     Laura W. Kilbride, Chief Clerk
                   Lauren M. Corcoran, Hearing Clerk
                   
                   
                            C O N T E N T S

                                 ------                                
Opening statements:
                                                                   Page
    Senator Carper...............................................     1
    Senator Coburn...............................................     2
    Senator Landrieu.............................................     9
    Senator Johnson..............................................    13
    Senator Levin................................................    15
Prepared statements:
    Senator Carper...............................................    43
    Senator Coburn...............................................    46

                               WITNESSES
                        Wednesday, May 14, 2014

Hon. Suzanne E. Spaulding, Under Secretary, National Protection 
  and Programs Directorate, U.S. Department of Homeland Security.     3
David M. Wulf, Director, Infrastructure Security Compliance 
  Division, Office of Infrastructure Protection, National 
  Protection and Programs Directorate, U.S. Department of 
  Homeland Security..............................................     5
Stephen L. Caldwell, Director, Homeland Security and Justice, 
  U.S. Government Accountability Office..........................     7
Dana A. Shea, Ph.D., Specialist in Science and Technology Policy, 
  Resources, Science, and Industry Division, Congressional 
  Research Service, Library of Congress..........................    28
Anna Fendley, MPH, Legislative Representative, United 
  Steelworkers...................................................    30
Timothy J. Scott, Chief Security Officer, The Dow Chemical 
  Company, on behalf of Dow and the American Chemistry Council...    31

                     Alphabetical List of Witnesses

Caldwell, Stephen L.:
    Testimony....................................................     7
    Prepared statement...........................................    55
Fendley, Anna:
    Testimony....................................................    30
    Prepared statement...........................................    87
Scott, Timothy J.:
    Testimony....................................................    31
    Prepared statement...........................................    92
Shea, Dana A.:
    Testimony....................................................    28
    Prepared statement...........................................    70
Spaulding, Hon. Suzanne E.:
    Testimony....................................................     3
    Prepared statement...........................................    47
Wulf, David M.:
    Testimony....................................................     5
    Prepared statement...........................................    47

                                APPENDIX

Statement submitted by the Society of Chemical Manufacturers and 
  Affiliates.....................................................    97
Responses for post-hearing questions for the Record from:
    Ms. Spaulding................................................   102


                      CHARTING A PATH FORWARD FOR



        THE CHEMICAL FACILITIES ANTI-TERRORISM STANDARDS PROGRAM

                              ----------                              


                        WEDNESDAY, MAY 14, 2014

                                     U.S. Senate,  
                           Committee on Homeland Security  
                                  and Governmental Affairs,
                                                    Washington, DC.
    The Committee met, pursuant to notice, 10:01 at a.m., in 
room SD-342, Dirksen Senate Office Building, Hon. Thomas R. 
Carper, Chairman of the Committee, presiding.
    Present: Senators Carper, Levin, Landrieu, Coburn, and 
Johnson.

              OPENING STATEMENT OF CHAIRMAN CARPER

    Chairman Carper. The hearing will come to order. I want to 
welcome everybody for coming today. I am going to make a very 
short statement, and then turn it over to Dr. Coburn.
    This program that was needed is a program that did not 
start well, had all kinds of problems, as you know. And I think 
the Department of Homeland Security (DHS) deserves some credit, 
a good deal of credit, for taking a program not well run and 
making it a whole lot better. There are a lot of folks that 
have been part of that, not just at DHS, but we commend you 
there.
    We also know everything we do we can do better, and we 
still need to do better here. I have some concerns, and we will 
talk about those. I know Dr. Coburn has some concerns. But I 
think we have the prospect here today for a very constructive 
hearing that, if done well and with good followup, would enable 
us to hopefully move forward with a reauthorization bill. And 
we need that because we have not had authorization for quite a 
while, and there are problems.
    When the government shuts down, we have a real problem with 
this program without the lack of an authorization bill, so 
thank you all for coming. I am looking forward to a really 
constructive hearing.
    We are going to have, unfortunately, a series of votes that 
start about 11:15, but Dr. Coburn and I have been practicing on 
how one of us stays, the other goes, and we swap back and forth 
and keep things moving. So my goal is to hopefully be finished 
with the first panel by maybe about 11:30 or so, and then we 
will bring on our second panel. Dr. Coburn.

              OPENING STATEMENT OF SENATOR COBURN

    Senator Coburn. Well, good morning and welcome to you, 
David. I did not get to say greetings. I did to Suzanne and 
Stephen.
    I want to tell you how enthused I am with the leadership at 
DHS and the changes that are occurring, and congratulate you 
both in terms of your Secretary but also in terms of the 
improvements that are being made. And I mean that very 
sincerely.
    But one of the programs that deserves a robust review is 
the Chemical Facility Anti-Terrorism Standards (CFATS). Since 
2007 we have spent $600 million on the program, and less than 2 
percent of the facilities have been inspected for compliance. 
And in my review, I have learned some things:
    One is that CFATS is not significantly reducing the risk 
that terrorists will use chemicals to conduct attacks against 
the United States.
    The second thing I have learned is that the approach to 
assessing risk in chemical facilities which guides the CFATS 
program is broken. We will go into that in the questions.
    Third, DHS is far behind in meeting its deadlines in this 
program, reviewing security plans, and inspecting facilities. 
That is not to say that David has not made a lot of progress. 
He has, and I congratulate him on it.
    My fourth criticism is there is not enough work with the 
private sector or security efforts to fix the problems in the 
programs, and my feeling is that we need to fix it before we 
make it permanent, and that is what I intend to do.
    I wanted to give you a little visual. Here are the 
requirements for a company that has to meet the Coast Guard's 
Maritime Transportation Security Act (MTSA) program. Here are 
the requirements if you have to meet the Transportation 
Security Administration (TSA) Pipeline Security Branch 
guidance. Here is what is required if you have to meet the U.S. 
Environmental Protection Agency (EPA's) Risk Management 
Program. And here is what you have to fill out if you are one 
of the 41,000 facilities regulated by CFATS. And then if you 
are one of the 4,100, besides filling that out, you have to 
fill this out. It cannot be that complicated. As a matter of 
fact, talking to industry, which I have, it is not that 
complicated.
    So one of the reasons it is hard to fix is because we have 
put all this gobbledygook that has no attendant impact on what 
we are doing. So if you take all three of these programs--
EPA's, TSA's, and the Coast Guard's--it does not even come 
close to what the requirements are for a chemical facility. And 
then if you are one at high risk that is covered by CFATS you 
have to spend 2\1/2\ times more than that.
    We have to look at this program. We have to fix it. It is 
an important thing that we need to do. We need to solve the 
problems. I look forward to your testimony, and I thank you for 
being here.
    Chairman Carper. All right. That is a good note to start 
on, isn't it? We have our work cut out for us.
    One thing, I am not going to introduce our witnesses. You 
have been with us before. We are happy that you are with us 
again, and we appreciate your preparation.
    Some of our colleagues will wander in and out during the 
course of this morning, and we will just identify people and 
recognize them as time allows.
    Please proceed. We had Department of Defense (DOD) here 
with us yesterday. Dr. Coburn and I worked them over for a 
couple of hours with our colleagues to try to figure out how 
they could do what you have done at DHS, and that is, to be not 
just auditable but also to get a clean financial audit in 
record time. And if DHS can do that with aplomb, then DOD 
should as well. In the entire testimony that they gave us, only 
one of them used an acronym, and I would just say that is a 
high standard to set for DOD to be able to do that sort of 
thing, so the Federal Bureau of Investigations (FBI), the 
Central Intelligence Agency (CIA), EPA, those are fine, but the 
other stuff? Stay away from it. Just stay away from it. Your 
job is to try to explain stuff. My job, our job, is to try to 
understand it. So just do not use acronyms. Thank you.
    Ms. Spaulding, you are recognized. Thank you for joining 
us.

TESTIMONY OF THE HON. SUZANNE E. SPAULDING,\1\ UNDER SECRETARY, 
 NATIONAL PROTECTION AND PROGRAMS DIRECTORATE, U.S. DEPARTMENT 
                      OF HOMELAND SECURITY

    Ms. Spaulding. Thank you very much, Mr. Chairman, and we 
will certainly try to meet that high bar.
---------------------------------------------------------------------------
    \1\ The prepared statement of Ms. Spaulding appears in the Appendix 
on page 47.
---------------------------------------------------------------------------
    I very much appreciate, Chairman Carper and Ranking Member 
Coburn, the opportunity to be here this morning to discuss the 
Chemical Facility Anti-Terrorism Standards program, fostering 
security at America's highest-risk chemical facilities.
    Our testimony today focuses on the progress the program has 
made, our efforts to continue strengthening the program, and 
the need for permanent authorization to fully stabilize this 
program.
    Two years ago, DHS had not approved a single security plan. 
Today that number is 764. Two years ago, DHS had not completed 
a single compliance inspection. The first compliance 
inspections began last September, and today that number is 31, 
and our inspectors have conducted over 1,000 authorization 
inspections.
    Ninety-eight percent of Tier 1 facilities have an approved 
security plan; 66 percent of Tier 2 facilities and 39 percent 
of Tier 3 facilities have an approved plan. We are sustaining 
an average rate of more than 80 approvals each month, which 
would cut in half the Government Accountability Office (GAO's) 
estimate of how long it would take to clear the backlog of plan 
approvals.
    Approximately 75 percent of these facilities' plans 
included measures recommended by DHS or the facility as 
necessary upgrades in order to satisfy the applicable Risk-
Based Performance Standards. This is significant progress. It 
is a testament to the dedicated team at the Infrastructure 
Security and Compliance Division (ISCD), the program reforms 
they have put in place, and their efforts to work every day 
with our partners in the private sector and in government to 
put this program on a stable path.
    That work continues. We continue to engage with 
stakeholders and focus on three core areas to strengthen the 
program: first, reducing the backlog; two, improving the risk 
assessment process; and, three, ensuring that all potentially 
high-risk facilities are identified. Along with long-term 
authorization, our continued focus on these areas will ensure 
our stakeholders have the stability they need to successfully 
comply with their regulatory obligations. We welcome the 
opportunity to work with you and our stakeholders on these 
important issues.
    First, the backlog. Successful efforts to streamline the 
approval process include encouraging increased use of 
Alternative Security Programs (ASP) and supporting industry 
stakeholders' development of new templates, focusing 
inspections on key Risk-Based Performance Standards at our 
lower-tier facilities, and working at the corporate level to 
identify efficiencies.
    At the same time we will maintain the quality and 
thoroughness of the security plan approval process and the 
level of security required at chemical facilities.
    Improving the risk assessment process. DHS has conducted a 
thorough review of the CFATS risk assessment process. We have 
documented the risk assessment methodology, conducted an 
internal review of the risk assessment process, and initiated 
an external peer review.
    All three of these phases are now complete. We have 
analyzed the peer review recommendations and developed an 
implementation plan to enable us to address their 
recommendations in a timely and thoughtful manner. We also 
recognize that it is essential to continue to engage with 
stakeholders as we assess changes to the risk assessment 
process. We intend to adopt appropriate changes to the tiering 
methodology in an integrated fashion, addressing as many issues 
concurrently as we possibly can, to balance improvements to the 
methodology with our stakeholders' need for stability.
    Following the tragic explosion in West, Texas, just over a 
year ago, DHS has taken a number of steps to ensure that 
facilities are aware of their reporting obligations under 
CFATS. As you know, that incident led the President to issue an 
Executive Order (EO) on chemical safety and security with DHS 
as a co-chair of the implementation group. That group will 
provide recommendations to the President to improve information 
collection, more effectively share information between 
agencies, improve operational and Federal coordination efforts, 
and improve the effectiveness of existing policies governing 
chemicals and chemical facilities.
    In addition to enhanced coordination with Federal, State, 
and local partners, these efforts will help ensure that the 
Federal Government most effectively uses its collective 
resources for managing chemical facility risk.
    Finally, the Department strongly believes that long-term 
authorization would be beneficial to your oversight activities 
by ensuring the full maturation of the program and the review 
and approval of backlogged Site Security Plans (SSPs). Efforts 
to codify and enhance this authority to seek out noncompliant 
facilities will also greatly support our ongoing actions to 
bring those facilities into compliance. And perhaps most 
importantly, long-term authorization will provide industry 
stakeholders with the stability they need to plan for and 
invest in CFATS security-related measures. An authorization 
period of 5 years or longer would also enable Congress to send 
an important message to facilities that may willfully be 
seeking to avoid compliance.
    In conclusion, Mr. Chairman, I am proud of the progress we 
have made and the efforts we are taking to secure America's 
highest-risk facilities. We are committed to working with you 
to pass legislation to authorize the program. CFATS is making 
the Nation more secure by reducing the risks associated with 
our Nation's chemical infrastructure, and we along with our 
stakeholders and partners are committed to its continued 
success.
    Thank you for the opportunity to testify today, and I look 
forward to answering your questions.
    Chairman Carper. We appreciate that opening statement, and 
we look forward to hearing now from Mr. Wulf. Please proceed.

    TESTIMONY OF DAVID M. WULF,\1\ DIRECTOR, INFRASTRUCTURE 
    SECURITY COMPLIANCE DIVISION, OFFICE OF INFRASTRUCTURE 
PROTECTION, NATIONAL PROTECTION AND PROGRAMS DIRECTORATE, U.S. 
                DEPARTMENT OF HOMELAND SECURITY

    Mr. Wulf. Thank you, Chairman Carper, Senator Coburn and 
Members of the Committee. I appreciate the opportunity to 
testify before you today to provide an update on the progress 
of the Chemical Facility Anti-Terrorism Standards program, the 
progress the CFATS program has made, and to discuss the 
prospect of long-term authorization for this important anti-
terrorism program that fosters security at America's highest-
risk chemical facilities.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Wulf appears in the Appendix on 
page 47.
---------------------------------------------------------------------------
    Earlier this week, our program reached a new milestone as I 
had the privilege of granting final approval of the 750th Site 
Security Plan that has been approved under CFATS, a security 
plan belonging to a small chemical distributor in the Midwest. 
While there certainly remains more to do, the Department, 
including our Infrastructure Security Compliance Division, is 
continuing the forward momentum the CFATS program has 
experienced over the past 2 years.
    The pace of authorizations and approvals is increasing 
consistently. Through much hard work on the part of our staff 
and industry stakeholders, we have since September, just 8 
months ago, more than tripled the number of Site Security Plans 
that have attained final approval. As I noted, that number now 
stands at more than 750 with more than 1,500 facilities having 
attained authorization of their Site Security Plans.
    The CFATS program has matured tremendously over the past 2 
years as we have addressed the challenges described in the 
internal memorandum and associated action plan that was 
developed in the fall of 2011. We have developed improved 
policies, procedures, and training to ensure that inspections 
are conducted in a consistent and thorough fashion. We have 
implemented an effective, streamlined Site Security Plan review 
process, a process that has greatly enhanced our ability to 
authorize and, as appropriate, grant final approval for Site 
Security Plans.
    We have also done much to stabilize our leadership cadre by 
hiring permanent seasoned managers, and we continue to foster 
transparency and open communication throughout the 
organization. I would like to recognize our workforce, which 
truly has a passion for the mission of chemical facility 
security, and is on the job every day working hard in concert 
with our industry stakeholders to foster security for America's 
highest-risk chemical infrastructure.
    Our pace of inspections, reviews, and approvals will 
increase further as we continue to achieve efficiencies and to 
implement game-changing initiatives to streamline our processes 
and to work with stakeholders. I expect to continue to conduct 
inspections at a rate of more than 100 per month and to 
continue authorizing and approving security plans while moving 
further into a regular cycle of compliance inspection activity.
    Among other game-changing measures, we are assigning 
corporate case managers, inspectors who are working directly 
with companies that operate multiple CFATS facilities and which 
frequently have corporate policies and practices that are 
consistent company-wide in an effort to further streamline the 
inspection and approval process for those facilities.
    I have testified before this and other Congressional 
Committees 10 times in the past 2 years, and I have not been 
hesitant to highlight the challenges that have faced our 
program. I am pleased to tell you today, however, that this 
program is in a far different and much better place than it was 
2 years ago. It is a program that truly has moved to the next 
level and that could benefit tremendously from the stability 
that would come with a long-term or permanent authorization.
    In view of the significant forward progress CFATS has made, 
it is appropriate that Congress is considering authorizing the 
program on a long-term basis. Long-term authorization will 
provide industry with the certainty it needs to plan for and 
invest in CFATS-related security measures, and it will provide 
the Department with the ability to continue to recruit and 
retain top talent and continue planning and executing 
improvements to move the program forward.
    It will also reduce the possibility of another lapse in 
authority such as occurred during October's government 
shutdown. In addition to the confusion this situation created 
among industry stakeholders, had the need arisen for the 
Department to take enforcement action to address a national 
security threat at a CFATS facility during the period of this 
lapse, the underlying statutory authority for such enforcement 
action would have been in doubt. This is not a situation anyone 
wants to see repeated.
    Our chemical security inspectors are today providing 
compliance assistance to facilities and conducting inspections 
at an unprecedented rate, and I am pleased to report that I 
have received much favorable feedback from our industry 
stakeholders about their experience with these inspections. As 
you know--and this is something for which I am profoundly 
grateful--our stakeholders are not shy when it comes to 
expressing their candid thoughts and concerns about the 
program. So I am confident that when I am hearing positive 
things from industry about their facilities' inspections-
related experiences, we are on the right track.
    You will hear from one such individual today, Tim Scott, 
representing Dow Chemical Company and the American Chemistry 
Council. A number of industry organizations have been 
instrumental in promoting the continued forward progress of 
CFATS. The American Chemistry Council has been a leader in the 
development of an Alternative Security Program template and, 
along with organizations such as the Society of Chemical 
Manufacturers and Affiliates, the National Association of 
Chemical Distributors, the American Fuel and Petrochemical 
Manufacturers, and many others, has for years played a critical 
role in educating chemical companies about CFATS and other 
regulatory and voluntary programs that foster chemical facility 
security.
    So thank you again for the opportunity to provide an update 
on the forward progress the CFATS program continues to make. It 
is an honor and a privilege to serve with the dedicated 
professionals of the Infrastructure Security Compliance 
Division and the National Protection and Programs Directorate 
(NPPD). We are committed 100 percent to the critical mission of 
securing our Nation's highest-risk chemical infrastructure. 
Along with the rest of our team, I am excited and optimistic 
about the future of the CFATS program.
    Thank you again for the opportunity to be here today. I 
look forward to any questions you may have.
    Chairman Carper. Good. Thanks. And let me just say you two 
have done a great job on those acronyms, too.
    Mr. Wulf. Well, thank you.
    Chairman Carper. All right. Mr. Caldwell, please.

    TESTIMONY OF STEPHEN L. CALDWELL,\1\ DIRECTOR, HOMELAND 
  SECURITY AND JUSTICE, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Mr. Caldwell. Chairman Carper and Ranking Member Coburn as 
well as Senator Landrieu and Senator Johnson, thank you very 
much for inviting GAO to discuss chemical security at the 
hearing today, especially about the path forward and potential 
reauthorization for the CFATS program. My written statement 
summarizes the work we did in 2012 and 2013 with some updates 
with the Department that we did in 2014, and I will summarize 
four key areas: identifying the chemical facilities, assessing 
the risks and prioritizing those facilities, reviewing Site 
Security Plans, and inspecting facilities for compliance.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Caldwell appears in the Appendix 
on page 55.
---------------------------------------------------------------------------
    Based on the updates that we have had in our work, as well 
as through the hearing today, there are indications of progress 
in all of the four areas that I mentioned.
    Regarding the identification of facilities, the April 2013 
explosion of the fertilizer factory in West, Texas, raised 
concerns about outliers, which are facilities that never 
reported to DHS but should have. On August 1, as has been 
mentioned, the President issued Executive Order, 13650, to 
address this issue, which calls for a working group to improve 
Federal, State, and local coordination for security and safety 
of chemical facilities and to, among other things, identify 
additional facilities that, once identified, if appropriate, 
would be subject to regulation such as through CFATS.
    DHS reports on that and the working group is supposed to 
report back to the White House at the end of May. And in Ms. 
Spaulding's budget testimony 2 weeks ago, she noted the request 
for additional resources that will be used for data matching 
between databases at CFATS, EPA, and the Occupational Safety 
and Health Administration (OSHA), and perhaps State and local 
databases as well. From our own data-matching efforts, we know 
that this is an intensive process from both the technology and 
from a labor standpoints.
    Regarding the assessment of risk and the prioritization of 
facilities, DHS is working to implement our prior 
recommendations on this risk management methodology. As was 
mentioned, they tasked the Homeland Security Studies and 
Analysis Institute to conduct an internal review of their 
methodology. They completed that review in October 2013, and 
the results were pretty similar to what we found in April 2013. 
So we feel that our finding has been validated, and the 
Department now has an implementation plan. We have not reviewed 
that plan yet, but we look forward to reviewing that plan.
    Regarding the review and the approval of Site Security 
Plans, our earlier report noted a cumbersome review process and 
a long backlog. As has just been reported, DHS reports 
streamlining the processes for CFATS, and the statistics this 
month indicate they have approved more than 700 security plans. 
That is about 18 to 20 percent of the 4,000 facilities covered 
by CFATS. Given that percentage, our upcoming review will 
certainly look at those approvals, and we will revisit our 
earlier estimate, which said it would be 7 to 9 years to 
resolve the backlog.
    But the outstanding issue for all of the facilities and one 
we have made almost no progress since GAO started reviewing the 
program is the personnel surety issue. All of these plans that 
have been approved at the site level have been conditionally 
approved because there is still no resolution to Performance 
Standard 12, which is on personnel surety. So until this is 
resolved, none of the Site Security Plans actually have 
achieved final approval. Our understanding is that this rule is 
under consideration at the Office of Management and Budget 
(OMB) and has been for some time. That is the one area where we 
would like to see progress, and I think the Department would 
like to see progress on that as well.
    Regarding the inspection of facilities for compliance, DHS 
now reports they have started that, which is the final part of 
this process. This month they gave us an estimate that they had 
completed 29 of these to date. At the time of our last in-depth 
audit, we had not looked at any of those because they had not 
started. As part of our upcoming review, this will be one of 
the new areas that we will look at to see how that is going.
    In closing, I would like to note that GAO still needs to 
verify a lot of this progress through in-depth audit, and we 
plan to do so. We have a mandate from the Appropriations 
Committees as well as at least one request from the House side 
from the authorizers to continue our audits.
    So with that, I will be happy to respond to any questions.
    Chairman Carper. Great. Thanks so much, Mr. Caldwell.
    As I mentioned to Dr. Coburn, I am prepared to yield my 
time to the Senator from Louisiana. Great to see you. And then 
I will just turn it over to Dr. Coburn, Senator Johnson, 
Senator Levin, and then I will ask some questions of my own. 
Nice to see you, Senator Landrieu.

             OPENING STATEMENT OF SENATOR LANDRIEU

    Senator Landrieu. Thank you, Mr. Chairman. I really 
appreciate the courtesy because I have to slip out, and I thank 
the Chairman. And I know we have votes at 11:15, so let me get 
right to it.
    As the Chair of the Appropriations Committee for Homeland 
Security, I have been funding or our Committee has been funding 
this program without authorization now for several years 
because we know how important it is.
    Let me begin by saying that I am proud of the chemical 
industry in our State. It employs 26,000 people directly and 
tens of thousands of people indirectly. It is a very vital 
industry, Mr. Chairman, not just to Louisiana but to your 
State, of course, and to other places in this country.
    In addition, not only is it vital to creating high-paying 
middle-class jobs that are very skilled and highly technical, 
but we are in a boom cycle because of the finding of natural 
gas. Natural gas is used as a feedstock, so getting these 
regulations efficient and correctly, both for safety and also 
for efficient permitting of these facilities so they can 
continue to grow is absolutely essential.
    If I am correct, a few years ago we had a 9-year backlog or 
an 8-year backlog. Is that correct, Ms. Spaulding?
    Ms. Spaulding. Senator, GAO's estimate was a 7-to 9-year 
backlog. We believe we are now sustaining a rate that would cut 
that time in half to get through the backlogs.
    Senator Landrieu. But it is still too long. I mean, Mr. 
Chairman, this is still too long. And I know, Senator Coburn, 
you agree with this.
    So I am going to be focused on this line item in our 
appropriations bill and ask my Ranking Member to really focus 
on what we can do to help here. But I think the authorizers 
could give us some good direction on this, and so I am looking 
forward to hearing from the authorizers about how they would 
like to move forward. But we have an opportunity to create 
literally thousands of jobs. This permitting has to go quickly, 
of course. The facilities have to be safe.
    So I will just leave it at that and just submit a question 
to the record, Mr. Chairman, since you have been so gracious, 
that the Personnel Surety Program must be implemented in a way 
that does not hurt thousands of contractors that are working 
every day on these facilities. I was encouraged to see the 
suggestion, a new implementation procedure that took some of 
the initial comments. What is the timeline for completion and 
implementation of that rule? And what is the nature of the 
feedback that you are getting?
    Now, to respect the Committee, why don't you just submit 
that to me in writing? And then they can proceed with their 
questions.
    Senator Landrieu. Mr. Chairman, thank you very much, and I 
look forward to working with you and Senator Coburn as we move 
forward.
    Chairman Carper. You bet. A great opportunity for the 
authorizers and the appropriators to work together in yet other 
venues, so that is great. Thank you. Dr. Coburn.
    Senator Coburn. So let me summarize what I have heard, and 
you all correct me if I am wrong. You have 750 Site Security 
Plans approved?
    Mr. Wulf. That is right. It is a little more than 760.
    Senator Coburn. So that means there are still 3,200 that 
have not been approved.
    Mr. Wulf. Yes, there are approximately 3,200 that have 
received final tiers, about 4,000 in the entire universe.
    Senator Coburn. But they still have not been approved.
    Mr. Wulf. That is correct.
    Senator Coburn. All right. And you are going to do 100 
inspections a month.
    Mr. Wulf. That is correct.
    Senator Coburn. Right. So we are still 3 years from getting 
everybody inspected. And I made my point on the paperwork 
requirement. Somebody ought to review that.
    Secretary Spaulding, one of the questions I have for you--
you do not have to respond to it, but I would like an analysis 
from your office of here is what the peer review said and here 
is what we have done in response to the peer review because it 
was valuable.
    Mr. Wulf, the first problems with the risk assessment in 
DHS was found in 2011, before you got there.
    Mr. Wulf. Yes.
    Senator Coburn. The GAO identified problems with it again 
in 2013, and then the peer review found the same problem again. 
Why haven't we fixed the assessment process?
    Mr. Wulf. Well, we are in the process of implementing 
improvements to the risk-tiering methodology. Much of what the 
peer review panel found and observed we also had noted through 
our own internal documentation of the methodology and our own 
internal Department review of the methodology. So we are, 
moving forward aggressively to look at how we can more fully 
incorporate considerations of vulnerability and threat into the 
risk-tiering methodology.
    The peer review panel did validate that consequence is an 
appropriate driver of tiering. Our model right now is very 
heavily focused on consequence. The model can certainly be 
improved. We are committed to improving it. And as the Under 
Secretary noted, we are going to move forward to do that in a 
way that balances the need for improvement with the need for 
industry to have some measure of stability in our risk tiering.
    Senator Coburn. One of the things you have in risk tiering 
is the location, the State. Each State has a different one. Let 
us take Kansas City, for example. If you are in Kansas City, 
Kansas, you have a different rating than if you are in Kansas 
City, Missouri. Correct?
    Mr. Wulf. That----
    Senator Coburn. And you may be 2 miles away from each 
other.
    Mr. Wulf. Yes.
    Senator Coburn. That does not make sense. Would you agree?
    Mr. Wulf. I would agree, and we will be looking to enhance 
the granularity with which we assess threat in the tiering 
methodology, absolutely.
    Senator Coburn. One of the things that I have noted, having 
been a manufacturer at one time--and I am not going to list 
these specifically, but we have a number of explosive 
precursors that are not on your list. I have 12 sitting in 
front of me. And my question is, and I will give this to you: 
Why not?
    And so what I cannot understand is why they were not 
included in the first place. Can you give me any history on 
that?
    Mr. Wulf. Well, the CFATS regulation was directed to be put 
into place within, I think, a 6-month period by Congress when 
the initial authority was----
    Senator Coburn. Seven years ago.
    Mr. Wulf. Seven years ago, that is correct. So, I think it 
was some good work. I will not say that there is not room for 
improvement in that list, and we are anticipating in the very 
near future issuing an Advanced Notice of Proposed Rulemaking 
to open up the entirety of the CFATS regulation to comment and 
suggestions from our stakeholders and other interested parties 
for improvement. That will include the Appendix A list of 
chemicals of interest. So if there are additional chemicals 
that should be added, adjustments that should occur in the 
screening threshold quantities, et cetera, this is the 
opportunity to get that done.
    Senator Coburn. And some that should be removed.
    Mr. Wulf. Conceivably.
    Senator Coburn. Yes.
    Mr. Wulf. Conceivably. But our assessment now is, given our 
current authority, that is something that has to occur through 
the rulemaking process.
    Senator Coburn. One question for you. Are there any 
chemical plants right now that are considered higher risk than 
what they are just because they are on the wrong side of a 
State border? Is somebody falling into this tougher tier 
because they happen to be in a State with a high threat score, 
but, they are not really at a higher risk?
    Mr. Wulf. The model is largely consequence driven, so not 
driven very heavily by the threat variable, so that is another 
of the things we are looking at. So I would say that is very 
unlikely.
    Senator Coburn. I have some significant chemical 
distributors in Oklahoma, and when I talk with them about the 
paperwork load--and they are small businesses--and one of the 
things that bothers me is the regulatory cost for a smaller 
chemical distributor versus a large one. And what we are 
doing--with the amount of paperwork and the compliance costs 
for a small firm--we are going to drive the small firms out of 
business.
    Now, the larger firms here do not care about that. As a 
matter of fact, the large firms routinely use the Federal 
Government to enhance their capability toward oligopolies. 
Where is your concern with that? What do we do about that? How 
do we make it easier, even though they might have, appropriate 
chemicals that need to be safeguarded against their use for 
terrorism?
    Ms. Spaulding. Senator, we share your concern about 
ensuring that the regulatory burden does not fall to heavily on 
small and medium-sized businesses. We feel a particular 
obligation to assist those businesses, and Director Wulf will 
be able to speak in some detail to all of the things that we 
have in place, including visits by our inspectors, compliance 
assistance visits to sit down with those facilities and give 
them assistance as well as all kinds of online activities.
    But perhaps most significantly, this is one of the reasons 
we have worked so hard to make Alternative Security Programs a 
viable alternative for facilities and to work with the trade 
associations to develop templates, but, again, to sit down with 
facilities one on one to help them work their way through what 
is a more streamlined process. Director.
    Mr. Wulf. Yes, I think that is all right. Compliance 
assistance is a high priority. We will send our inspectors out 
to smaller facilities upon request to consult on security 
measures, on options. Our goal is to provide a maximum degree 
of flexibility and options for facilities to comply.
    With respect to the Site Security Plan questionnaire, we 
agree. We have assessed it. It is too cumbersome. We have 
already taken actions to streamline it. We have removed 
approximately 100 questions that we deemed to be not necessary 
or redundant in different places. We are going to continue to 
do that, continue to streamline that. And as the Under 
Secretary noted, the use of Alternative Security Program 
templates is another way in which facilities can tailor plans 
in a way that may work better for them, for a particular 
industry segment, and for that matter for companies that have 
multiple facilities doing similar things.
    Senator Coburn. Great. Have you all thought about the 
unintended consequences of what is happening right now in terms 
of storage of chemicals now, not in a facility but in a 
railroad car, just outside the facility or the fact that--
because I do not want to have to be vulnerable to this 
regulation--my shipments are now in smaller quantities but 10 
times as frequent? Have we thought about that?
    Ms. Spaulding. We have, Senator. We are aware that there 
are other regulatory regimes that are complementary to ours 
that we believe limit the prospect that risk has merely been 
shifted with regard to storage and transportation of hazardous 
materials, for example. But we are looking at and continue to 
work at developing effective and granular metrics to make sure 
that we are, in fact, enhancing security in America with regard 
to the risk from high-risk chemical facilities.
    And so we have, for example, determined, with regard to 
Tier 1 and Tier 2 facilities, that their Site Security Plans 
have been approved, at least in part, based on, about 75 
percent of them, upgrades in their security. So we know that 
they are making investments that are, in fact, enhancing their 
security.
    But we are going back and verifying with--looking at bills 
of lading, shipping records, et cetera, what has happened with 
regard to these facilities that have reduced, modified, or 
eliminated their chemical holdings that make them no longer 
highest risk.
    Senator Coburn. All right. I am out of time. Thank you.
    Chairman Carper. You bet.
    Senator Johnson, thanks for being here.
    Senator Johnson. Thanks for having me.
    Chairman Carper. Always asking good questions.
    Senator Johnson. I appreciate your welcoming me back.
    Chairman Carper. Thank you.

              OPENING STATEMENT OF SENATOR JOHNSON

    Senator Johnson. Ms. Spaulding, you made a statement about 
companies willfully avoiding compliance. I just want to kind of 
drill down on that. Why would they willfully avoid compliance?
    Ms. Spaulding. Senator, I do not know that we can say with 
any certainty that there are companies out there that are 
willfully avoiding compliance. But what I did say is that if 
there are companies that think they could perhaps wait us out 
because the program may not be reauthorized, that a long-term 
reauthorization would send a helpful message to them that this 
program is here to stay and they----
    Senator Johnson. I understand, but, again, I am just trying 
to--why would anybody willfully not comply? It is a pretty 
basic question. Why is it? Do you ask yourself that question?
    Ms. Spaulding. Senator, as I indicated, I think that the 
program that Congress has created here, the Chemical Facilities 
Anti-Terrorism Standards program, is promoting enhanced 
investments in security. Companies are making greater 
investments and more importantly, more effective investments in 
security than they would without this program. And so there may 
well be companies that choose not to make those investments and 
do not want to, therefore, come under this regulatory regime.
    Senator Johnson. Coming from business, having been 
International Organization for Standardization (ISO) certified, 
having to pay insurance, having to worry about the liability of 
something going wrong, from my standpoint I would think an 
awful lot of business people would want to comply, want to do 
it voluntarily if the government is facilitating their 
compliance versus, dictating a regulatory regime that might be 
considered onerous. So that is what I am trying to get in terms 
of what your feedback is from people that are having to comply 
with this, why would people try and avoid it?
    Ms. Spaulding. Senator, I completely agree with you that 
the overwhelming majority of chemical facilities, are willingly 
complying with this and understand the value of this across the 
board with regard to the industry and----
    Senator Johnson. Have you calculated, getting to Senator 
Coburn's point about the thick stack of papers that have to be 
apparently filled out and the questions have to be answered, 
have you just done a calculation of what it costs to comply for 
a particular company?
    Ms. Spaulding. Senator----
    Senator Johnson. And different tiers, I mean, do you have 
any idea of the cost to companies?
    Ms. Spaulding. I would defer to the Director as to whether 
we have tried to calculate the cost. We are certainly aware 
that this can be a burdensome process, which is why we have 
tried to establish as many mechanisms as we can to reduce that 
burden and continue to look for ways to streamline not only our 
processes but the ability for industry to streamline their 
compliance.
    Senator Johnson. Let us go to Director Wulf then. Do you 
have any idea what it costs to comply?
    Mr. Wulf. I think we will be in a better position to assess 
that as part of the rulemaking process as we move forward with 
our Advanced Notice of Proposed Rulemaking, a Notice of 
Proposed Rulemaking, and doing that cost-benefit analysis. I do 
not think that data existed as much when the program was 
getting started the last time rulemaking occurred. I----
    Senator Johnson. In other words, that is something you 
really have not considered yet, you have not really----
    Mr. Wulf. Well, I think we are cognizant----
    Senator Johnson [continuing]. Put a pencil to that or get 
feedback from companies? Have you ever had a company say, 
``This has already cost me $100,000'' or----
    Mr. Wulf. Yes. We hear those things from companies, and our 
inspectors work with those companies to discuss options, in 
many cases much lower cost options than ones they had been 
considering, but options that will work to meet our non-
prescriptive Risk-Based Performance Standards. So that is one 
of the great things about the CFATS program and why I think it 
is really uniquely well tailored to this industry, which is not 
a cookie-cutter industry. It is not even one industry. It is 
just a probably, I am going to say, almost in the hundreds of 
different types of facilities that are part of the CFATS 
universe. What works for one company to meet a Risk-Based 
Performance Standard may not be appropriate for another 
company. So CFATS is about providing options and flexibility. 
It is non-prescriptive. We absolutely will work with companies 
to discuss a variety of options.
    Senator Johnson. I am new to this issue. Are there 
penalties for noncompliance?
    Mr. Wulf. Yes, there can be. There can be fines.
    Senator Johnson. And are those already being implemented?
    Mr. Wulf. We have not fined a company for----
    Senator Johnson. But you have the power to do that?
    Mr. Wulf. We do.
    Senator Johnson. Have you tried to look at any private 
sector compliance or other, for example, the insurance market 
or ISO certification, have you looked at any other types of 
private sector certification programs that you can tie into to 
make this far more cost-effective? I mean, ISO certification, 
when I am listening to the delays in getting people compliant, 
ISO certification is a very big deal for a manufacturer, but it 
does not take 3 or 4 years to get certification. It takes, if 
really done well, you can do it in a year. Have you looked at 
tying into those systems that are already in place?
    Mr. Wulf. We have had discussions with industry 
associations, which manage some, I think, very effective 
stewardship programs, things like the Responsible Care program, 
the ChemStewards program, the relatively new Responsible Ag 
program, which promote security at different types of chemical 
facilities. So we will continue to discuss the ways in which we 
can leverage those programs.
    Senator Johnson. How familiar are you with ISO 
certification?
    Mr. Wulf. I am not very familiar with it.
    Senator Johnson. That would be something I would highly 
recommend you get up to speed on, and I would talk to the 
certification companies that do ISO certification, because this 
is exactly what manufacturers go through. They do a risk 
assessment. They have to comply to make sure that, if something 
catastrophic were to happen, they know how to handle that, how 
to prevent those catastrophes from occurring. I mean, I would 
think that would be a natural coordination between ISO 
certification and then also the insurance market. If you want 
to drive compliance in business, probably the best way to do it 
is, well, if you comply, your insurance rate is going to be 
lower. It is a natural way to facilitate compliance as opposed 
to having--holding penalties over somebody's head. Does that 
make sense?
    Mr. Wulf. Yes.
    Senator Johnson. OK. From my standpoint, I would love to 
see, again, the government contact ISO certification companies. 
I think you would be able to move this process forward at a 
much more rapid pace.
    Mr. Wulf. We can certainly do that.
    Senator Johnson. And I doubt there are any of the large 
chemical manufacturers that are not ISO certified. You can just 
plug right into that process.
    Ms. Spaulding. Senator, thank you. As Director Wulf said, 
we certainly have been in discussions with industry and are 
looking at all of the ways in which we might be able to hasten 
the elimination of this backlog consistent with our national 
security imperative, and that is certainly one of the ones that 
we are looking at.
    I did want to note that, with regard to your earlier 
question about the burden of compliance, we do have--each of 
our processes, the Top-Screen, the Security Vulnerability 
Assessment, and the Site Security Plan, are considered 
information collection requests, and pursuant to OMB process, 
we did have to provide them with estimates on the burden of 
this regulatory compliance, and I believe that is information 
we can provide you.
    Senator Johnson. OK. I would appreciate that. Thanks.
    Chairman Carper. Thanks, Senator Johnson. Those were good 
points. Thank you. Senator Levin.

               OPENING STATEMENT OF SENATOR LEVIN

    Senator Levin. Thank you very much, Mr. Chairman. It is a 
very important hearing. We thank you and Dr. Coburn for having 
this hearing. It is a big industry in my State, the third 
largest, as a matter of fact, manufacturing industry in my 
State. I think there are 28,000 employees. And so to make sure 
that this program is fairly and effectively working is really 
important to us.
    I have a couple quick questions. One has to do with the 
fines that Senator Johnson asked about. As I understand, there 
are no fines for not filing. Is that correct? If you do not 
file, if an industry does not file, there is no fine.
    Mr. Wulf. I think there is a school of thought to suggest 
that until a facility becomes regulated, goes through the 
process of filing its Top-Screen, being determined to be high-
risk and having a Site Security Plan approved, the enforcement 
mechanisms may not apply. I think our view is that we can issue 
a notice requesting or essentially ordering a facility to 
comply, to file, and then move forward in the enforcement 
process.
    Senator Levin. Is that the way you are operating.
    Mr. Wulf. Yes.
    Senator Levin. Are you fining people who do not file when 
you find out about their existence?
    Mr. Wulf. We have issued I think 66 administrative orders--
--
    Senator Levin. No, that is not my question. Do you fine 
people for not filing? I know you have issued orders. After you 
find out about them----
    Mr. Wulf. We believe we could fine them, yes.
    Senator Levin. But you have not fined any----
    Ms. Spaulding. We have not.
    Mr. Wulf. Everyone has come----
    Senator Levin. But you think you have the power.
    Mr. Wulf. We do.
    Senator Levin. Do you have any idea as to what number of 
people have not filed who should file?
    Mr. Wulf. Well, I think that is a difficult----
    Senator Levin. You have no idea.
    Mr. Wulf [continuing]. Number to know. I think we know that 
we have engaged in extensive outreach, 11,000 or more separate 
outreach engagements, and that has generated upwards of 48,000 
Top-Screen filings. We believe we have a good handle on the 
known universe of high-risk chemical facilities, and we are 
working with our partner agencies to cross-walk data sets and 
to ensure that we are doing all that we can to identify 
potentially noncompliant facilities and bring them into the 
program. We are also working with State agencies, with State 
homeland security advisers to reach down----
    Senator Levin. OK. I was asking about penalties for non-
filing. At any rate, I want to ask also about your budget. Your 
budget has been cut, I see. Is there any effect on this program 
by the cuts in funding for the program? Has that had an effect? 
And does that help create the backlog?
    Ms. Spaulding. Senator, we do not believe so. We have had 
to make some difficult choices with regard to our budget----
    Senator Levin. But that is not one of the causes----
    Ms. Spaulding [continuing]. But the approval process has 
picked up speed over time.
    Senator Levin. All right. So there is no relationship 
between budget and the backlog or the speed of administration 
of the program?
    Ms. Spaulding. Senator, at this point we believe we have 
the resources we need to sustain this pace and reduce this 
backlog.
    Senator Levin. All right. If you had more resources, could 
you speed up the pace?
    Ms. Spaulding. Again, at this point we believe that we--we 
have streamlined the process----
    Senator Levin. I understand. My question is: Could you pick 
up the pace if you had more resources? It is pretty 
straightforward.
    Ms. Spaulding. Yes, frankly, Senator----
    Senator Levin. I am not asking if you are asking for them--
--
    Ms. Spaulding [continuing]. If there were more----
    Senator Levin. I am just asking you a straightforward 
question. If you had more resources, could you pick up the 
pace? It is a very direct question.
    Ms. Spaulding. If there were more people reviewing the Site 
Security Plans and if there were potentially more inspectors, 
although I am not sure the approval--that there is any backlog 
in inspections, but certainly with regard to reviewal of Site 
Security Plans and working with industry on the Alternative 
Security Plans, it is entirely possible, Senator.
    Senator Levin. There is a question of background checks for 
employees and unescorted visitors that I want to ask you about 
that provide identifying information to the DHS for use in 
screening employees against the terrorist screening database. 
The DHS is still in the process of finalizing how exactly 
facilities ensure that individuals with known terrorist 
affiliations do not gain access to high-risk facilities. A 
major chemical company, Dow Chemical in my State, told me that 
they are concerned that DHS does not tell them if someone in 
their facility is on the terrorist screening database. And 
labor groups are concerned that there is no transparency in the 
process, and for workers who might be inaccurately classified, 
that there is no appeal process.
    Well, let me put it, Director Wulf, to you: When will the 
process for which personnel surety or screening is going to be 
finalized by the DHS?
    Mr. Wulf. We hope it will be finalized soon. We----
    Senator Levin. Can you give me just an approximation?
    Mr. Wulf. I think you would have to ask OMB, because the 
documentation is up there for final approval right now.
    Senator Levin. Well, what are you recommending?
    Mr. Wulf. We are recommending a--well, we have proposed a 
program which would provide a number of different options for 
facilities to ensure vetting of persons who are seeking 
unescorted access to high-risk chemical facilities and the 
chemical holdings thereon. So the ability to directly vet those 
individuals by directly submitting information to the 
Department for vetting, the opportunity to leverage other 
vetting that has taken place, such as through the 
Transportation Workers Identification (TWIC) program, or the 
Hazardous Materials Endorsement program, as well as the 
opportunity to conduct vetting electronically and the 
opportunity to propose an additional option or options that we 
may not have considered.
    So we have tried to design a program that affords maximum 
flexibility. That is what we propose, and that is what is 
sitting at----
    Senator Levin. And that is what you proposed to OMB?
    Mr. Wulf. That is right.
    Senator Levin. And if they approve that program, how long 
after they approve it would it be in place?
    Mr. Wulf. I think it would be within months. But we would 
proceed in a measured fashion. We would work first with a 
handful of facilities to ensure that we were getting everything 
right, that facilities were able to work well with the online 
system that we have developed to facilitate this vetting. But 
we do believe that this is an important hole in the program 
that needs to be filled soon, ensuring that folks who are 
seeking unescorted access to our higher-risk chemical 
infrastructure are, in fact, vetted against the terrorist 
screening database.
    Senator Levin. Has OMB told you when they are going to give 
you an answer?
    Mr. Wulf. They have not.
    Senator Levin. Thank you.
    Thank you, Mr. Chairman.
    Senator Coburn. Could I? You tell me if I am wrong on this. 
All of the DHS proposals for personnel surety require 
submitting information to CFATS, even if they have already been 
vetted by other DHS agencies?
    Ms. Spaulding. Not exactly, Senator. There is an option 
there for facilities to use--to better leverage existing 
credentials from DHS that----
    Senator Coburn. When did that go out to industry? Because 
that is not what I am hearing from industry.
    Ms. Spaulding. We have spent months talking with industry 
to make sure that we understand their concerns and to talk with 
them about the ways in which we are thinking about this program 
and have shared--again, it is difficult to get out to all of 
the 4,000-plus facilities that are regulated, but we have in 
our notice or request that is with OMB included a proposal that 
would allow an electronically verified TWIC card to be used for 
meeting the personnel surety standard. And that does not 
require that they submit any information to the Department 
beyond what is already done in the TWIC program.
    Senator Coburn. What about a Hazardous Materials 
Endorsement (HME)?
    Mr. Wulf. I do not believe there is currently a way to 
electronically verify a hazardous material----
    Senator Coburn. But if somebody has that card, why do they 
have to get verified again by DHS? That is the question I am 
asking. It is make-work. If they have already cleared one 
agency in DHS, why do they have to clear another one? If they 
are good enough for part of it, why can't they be good enough 
for this?
    Ms. Spaulding. Senator, our concern is to make sure that 
the credentials that are being used to access the most 
sensitive parts of chemical facilities, where the chemicals of 
interest, highest-risk chemicals are located, that those 
credentials are still valid and are still held by the person 
who should be----
    Senator Coburn. I understand that, but if they have been 
cleared by one agency in the Department of Homeland Security 
and termed a ``chemical handler,'' why isn't that good enough? 
Why can't they just submit this employee has this card, you 
have already approved them for handling the highest-risk 
chemicals, now you are going to make them go and get another 
certification from the same department of government to say, 
oh, yes, by the way, you are OK? Why can't a business just say 
these people right here already have a TWIC card, already have 
a Hazardous Materials Endorsement, why aren't they cleared 
automatically?
    Mr. Wulf. We would just be asking those facilities that are 
looking to leverage that existing vetting to provide us 
information like that in a number----
    Senator Coburn. Well, why should they have to--why can't 
they just keep it on file there and avow that we have these 
people covered? Why would we make them do it again? I mean, 
their TWIC card is not forever.
    Ms. Spaulding. Senator, under the Maritime Transportation 
Safety Act, which the Coast Guard administers at maritime 
chemical facilities, that regime always envisioned the use of 
an electronic reader as an essential and important----
    Senator Coburn. You are missing my point. I am not talking 
about electronic. I am talking about if a company says these 
people are certified and we can prove it in our files, when you 
come in to inspect that, rather than make them go through the 
process of sending a whole lot more information to you, which 
you really do not need, and their assumption is there is a 
penalty if I am lying about somebody's access, there is nothing 
to be gained by having them have another surety requirement 
when they have already passed two surety requirements from the 
same department. That is my point.
    Ms. Spaulding. Senator, those regimes are--those 
credentials are for different purposes, and what the Personnel 
Surety Program is about is access to the most highest-risk 
chemicals within a facility, unescorted access to those 
chemicals. And the HME card is for a different regulatory 
purpose.
    Senator Coburn. But you would agree, if somebody has an HME 
card, they have access to them anyway. So what is the 
difference? I mean, you have already done a security check on 
them.
    I am finished. Sorry.
    Ms. Spaulding. Senator, I take your point, and I understand 
the point you are making. Again, our interest is in making sure 
that, with regard to people who have unescorted access to these 
chemicals, that this card, the credential that they have, is 
still valid and they are the appropriate card holder. We will 
continue to work with industry and with the Committee to find 
ways to accomplish that security objective that is least 
burdensome to industry that we can possibly----
    Senator Coburn. But what I hear you saying, they are still 
going to have to submit to the CFATS that we have an HME card 
or we have a TWIC card, and then they are going to have to 
apply.
    Ms. Spaulding. Senator, there is a fourth option under our 
request with OMB, and that is for chemical facilities to 
present us with their alternative to meet the security 
standard, and that reflects our ongoing commitment. We do not 
necessarily have all the answers. There may be alternatives 
there that we have not yet thought of that industry will come 
forward with, and we are open to that possibility.
    Senator Coburn. If a truck driver with a TWIC card is 
carrying a load of isopropyl percarbonate, which is a catalyst 
which can explode if you lose the refrigeration on it, they 
have access to a bomb. And if we are going to recheck that 
truck driver when they are unloading into a special area in a 
special plant, again, against a code that is redundant and not 
efficient and cost prohibitive. That is the kind of point I am 
trying to make.
    I will make one other point. I think it was during the 
Clinton Administration under OSHA that they decided that they 
were going to take a period of time where they were going to 
not be a penalizing organization; they were going to be a 
fixing organization. And the response of the industry was 
miraculous. OSHA came in, said, ``You have these problems. We 
want you to fix these problems. We are not going to penalize 
you. Fix them. We will come back in 6 months and look at it.'' 
And that approach did more for employee safety than all of the 
other OSHA regulations we have ever done. And I hear from Mr. 
Wulf that that is the kind of approach you are trying to take. 
And what I would say is that is the approach that is going to 
work best with industry: a cooperative, compliant partnership 
that solves these problems.
    Chairman Carper. This past Sunday was Mother's Day, and I 
am sitting here not channeling my mother but my father, and my 
father was always saying to my sister and me, when we would do 
some bone-headed stunt, he would say, ``Just use some common 
sense.'' This may be one of those situations where a little 
common sense would go a long way. And I think Dr. Coburn raises 
some important points. I think you know that. Let us just 
figure out how we can address that, those concerns.
    The other thing I would say is you all are interested in if 
not a permanent reauthorization, at least a multiyear 
reauthorization. I think I heard 5 years from you, Ms. 
Spaulding, and the House, our counterparts in the House, 
reported out a reauthorization of, I think, 3 years. I think we 
started off, maybe when this program was created, with a 3-year 
authorization, I believe. And since then we have been pretty 
much without authorization, as I understand. And somewhere 
between no authorization and permanent, there is a number there 
that probably works. And to the extent that you can continue to 
take seriously the concerns Dr. Coburn is raising and others 
are raising, to the extent that you can take seriously those 
concerns and address them in a way using some common sense, we 
are going to get closer--we are not going to go to permanent, 
but we will get closer on that end of the scale than to zero. 
So that would be my knowledge that I would share with you on 
this.
    Mr. Caldwell, I do not think you have been talking nearly 
enough today, and we are going to give you an opportunity to 
rectify that. And put yourself in our shoes. I am reminded a 
little bit, Tom and Ron, I am reminded a little bit of what DHS 
did in moving from the high-risk list, unable to even be 
auditable much less get audited, to move not with lightning 
speed but to move pretty fast from a point of being auditable 
to getting--passing a clean audit. It was pretty impressive. We 
urged our DOD friends yesterday to take a chapter out of that 
book.
    I think that this program in terms of going where it needs 
to go, you are sort of at the same point where--it is not the 
right analogy, but I will say you are auditable, close to 
auditable. But what we need to do is just not to say, OK, well, 
things are going fine and we will rest on our laurels. I mean, 
this is time to put our foot on the pedal to the metal and just 
push it on through. And to the extent that we can do that--and 
we would play a role in that obviously--we will all be better 
off.
    All right, Mr. Caldwell. We are not going to talk about it 
right now, about all the good things that are being done. There 
are a number of those, and we applaud that. But I want you to 
help us focus on that which still needs to be done by the 
Department, by Mr. Wulf and the folks who work in this program 
under the direction of Ms. Spaulding. Focus on the stuff that 
still needs to be addressed and that you guys have pointed out, 
and just let us talk about that. You have heard from Dr. Coburn 
and others some of our concerns on what needs to be done. Just 
speak to those, please.
    What I want to get here, I want to get some consensus, sort 
of a to-do list coming out of here, what we think you need to 
be doing and what you all think we need to be doing, and let us 
just move forward.
    Go ahead, please.
    Mr. Caldwell. Well, in terms of your analogy to the high-
risk list, there are a couple of areas where we pointed out 
serious problems with the programs. We had help from the 
Department doing that, when their internal memo was leaked a 
couple years ago, that these were indeed serious problems.
    We have found--and we think that our involvement helped 
this--that the Department has put together some very specific 
action plans. For example, they had a 94-item action plan to 
address the serious management problems they had. Now they have 
an annual operations plan to actually operationalize that plan 
so that they are tracking some of these things that they are 
doing. At least for some of those management problems, we are 
beyond the most serious problems to focus on actually running 
the program, so I think that is positive.
    In terms of running the program, the biggest issue that we 
have at this point as an open issue is the vulnerability 
assessments. We have open recommendations on that. And going 
back to the questions you had asked about the risk management 
that Senator Coburn had talked about. In terms of the 
consequence, even their own rules said that certain types of 
consequences are going to be included, and they did not include 
those. For example, economic consequences, according to their 
own rule, were going to be looked at, but they did not look at 
them.
    And in terms of vulnerability, they said they were going to 
look at vulnerability, but late in the process when they 
actually inspect the facility plans. To us, vulnerability is 
one of the things you consider up front. I do think it makes 
perfect sense to look at consequences first. But the reason 
that we got for them not including vulnerability is it was 
self-reported information, at the beginning of the process.
    Well, everything about the program is self-reported. So 
that just did not make sense to us. That is the biggest issue. 
DHS did have an internal review by the Institute for Homeland 
Security Analysis.
    The issue that we have not even looked at is the personnel 
surety one, which I have already talked about.
    Chairman Carper. On the point he just made, very briefly, 
15 seconds, just respond please, Ms. Spaulding.
    Ms. Spaulding. So we did get recommendations from the 
external peer review on ways in which we might be able to 
better incorporate vulnerability in our risk-tiering 
methodology, and we are working through those recommendations 
now.
    Chairman Carper. Good. Thank you.
    Mr. Caldwell, please proceed.
    Mr. Caldwell. We are talking about them tweaking their 
methodology to have something consistent with the National 
Infrastructure Protection Plan (NIPP) and some of the standard 
risk management methodologies the Department uses. We think 
those are good criteria.
    We do not want them throwing new facilities on the list or 
off the list. At this point it would be reasonable as they go 
forward to amend as they go. Or else you are never going to get 
to a stable list of facilities that have requirements to be 
met.
    From our standpoint, obviously, the service we at GAO 
provide is going in and actually verifying the information. So 
we are about to start on our next phase of that audit work. We 
have, as I said, mandates from the appropriators as well as 
from the House side on the authorizers. We can work with this 
Committee if you want to be part of that audit. So that is it 
there.
    In terms of the bigger issue before you, which is 
authorization, I think that there are certain advantages of 
that. It provides some stability in terms of the CFATS 
workforce. Industry wants it as well. They want the stability, 
too. They want to know that CFATS is going to drop off. As 
Senator Johnson said will there actually be incentives for 
industry, not joining to joining or not reporting or reporting.
    The House bill also codifies some of the current practices 
based on regulation. But there is less authority if the 
regulations are not in the law. The House bill which we have 
been working with them on does emphasize certain corrective 
actions that need to be taken. So, I think we are on a path 
forward. There is impatience, and that is understandable. But, 
DHS appears to have a commitment to change, we are seeing that.
    Chairman Carper. I feel like Dr. Coburn wants to jump in 
here.
    Senator Coburn. Well, I would just make two points.
    One, if we were starting over, what I think this Committee 
would recommend is much what the TSA did with the Pipeline 
Security Branch. It was a total collaborative process from the 
beginning where you had industry input working with committed 
government individuals to create a pipeline program against 
terrorism. It created a small amount of paperwork with massive 
compliance on part of the industry because they were part of 
it.
    The second example I would give is the President's 
Executive Order on cybersecurity. It was a total collaborative 
process where the Administration listened to the players and we 
are getting a good result. And we did not do that in this.
    The final point I would make is if you have an explosives 
permit from the Bureau of Alcohol, Tobacco and Firearms (ATF), 
under your proposed guidelines, you still have to get another 
clearance from Homeland Security. That makes no sense 
whatsoever. And so you have to fix that.
    So I do not know what you have at OMB, but I know what is 
rumored to be there, and what is rumored to be there is not 
going to be acceptable. So you have to figure out a way to 
utilize the resources of the rest of the government when we 
give clearances to somebody, especially an explosive permit. To 
say they have to go to another agency to get another permit 
again is absolutely--well, I will not use the word that I am 
thinking.
    Chairman Carper. Now we are just going to wonder what word 
he was thinking. Let me reclaim my time----
    Mr. Caldwell. I think it was an acronym, sir.
    Chairman Carper. It was an acronym? OK, probably.
    I want to turn to a concern relating to the ease of 
compliance for a large company, think DuPont, think Dow, as 
opposed to a small company that deals with some of these 
dangerous chemicals and has maybe a half dozen employees, and 
they are just trying to figure out how to keep afloat and meet 
payroll and sell their products and so forth.
    There are some concerns I have heard that some of our 
larger chemical companies may actually be advantaged by this 
program because it is easier for them to comply, and their 
small competitors, very small competitors, find it very 
difficult to comply. And I just want you to respond to that 
concern, Ms. Spaulding, if you would, please, and sort of the 
point here is similar to what Dr. Coburn raised earlier, ease 
of compliance, particularly for smaller companies, keeping an 
eye on risk.
    Ms. Spaulding. Senator, it is a legitimate concern, and it 
is one that we share, and which is why we have worked hard to 
have in place as many mechanisms as we can to assist small and 
medium-sized businesses to comply with this important 
regulatory program. And that includes, onsite compliance 
assistance visits by our inspectors who are all across the 
country, who will come in and sit down with that facility, and 
provide whatever assistance they need in meeting their 
requirements.
    We have, the ability to call someone, a help desk. We have 
online resources. And, again, one of the things that we 
recognized sometime ago was perhaps most helpful was this 
option for an alternative security program, which can be a much 
more streamlined way of meeting the regulatory requirements 
with regard to submitting a security plan for your facility. 
And we have worked very hard with--industry has come to the 
table in full collaboration on this to help their industry 
partners by developing templates that will significantly ease 
the burden for companies to comply.
    Director Wulf, if you want to add anything to that?
    Mr. Wulf. I think that is all covered very well. With 
respect to compliance assistance, as we work with these smaller 
companies to discuss options for meeting the Risk-Based 
Performance Standards and getting those Site Security Plans or 
Alternative Security Programs into shape, such that we are at a 
point where we can authorize the plan and go ahead and inspect 
it, I think it is important to recognize that although we have 
only gotten to--we have inspected, done formal inspections of a 
little more than 1,000 facilities, our inspectors have been out 
at other facilities that have not yet gotten to the point of 
inspections. So we are working particularly with smaller 
companies on a regular basis, and security is being enhanced at 
those facilities, even prior to the formal inspection and 
approval.
    Chairman Carper. All right. Thank you. We are going to 
start a vote, a series of several votes, in just a couple of 
minutes, and I think Dr. Coburn, when we start that, will go 
over and vote early and come back so I can vote on the first 
and second votes, and then we will switch places again, and 
when I come back, I will ask questions.
    I want us to drill down on the backlog. It used to be 7 to 
9 years. It is now maybe half that. That is progress, but can 
we do better? You bet we can. And I want to just talk about 
specifically what you all need to do better, what we need to do 
to enable you to do better, and maybe what industry needs to 
do.
    Tom, would you like to ask anything else before you head 
out?
    Senator Coburn. No. I just would remind Under Secretary 
Spaulding we really want that analysis of what the peer review 
said versus what your response was.
    Ms. Spaulding. Absolutely, Senator. We will get that to 
you. We very much valued the peer review's recommendations, and 
as we have indicated, we have an implementation plan, and we 
would be happy to get that information over to you. Thank you, 
Senator.
    Chairman Carper. All right. Thank you. Senator Johnson.
    Senator Johnson. I will just reinforce the point that you 
have literally thousands of private sector inspectors out there 
that can help you out. Whether it is people rating for 
insurance, whether it is ISO certification, those surveillance 
auditors, use them. No sense creating an extra burden for 
businesses. You have one inspection here, you have another 
inspection here. Rather than actually producing products, 
rather than concentrating in innovation, we are just worrying 
about audits and inspections. It gets pretty burdensome.
    So utilize what is already out there. Try and kill two or 
three or four birds with one stone. I would really encourage 
that. I think you would be far further ahead if you tied into 
ISO certification problems, if you tied into the insurance 
rating systems. It would work.
    Ms. Spaulding. Thank you, Senator.
    Chairman Carper. When our witnesses were before us 
yesterday from the Department of Defense, the Comptroller and 
others, we were acknowledging that they are making some 
progress toward moving toward being auditable. At least within 
the Marine Corps they are making some progress, the Navy, 
Department of Navy, the others beginning to but not nearly 
enough. And I said to our witnesses--Bob Hale, the Comptroller 
who is leaving, a good man. But I said to him and to them, ``We 
acknowledge that it is not all on you. Part of this is on us.'' 
And he said, ``Well, we tried to make progress toward becoming 
auditable and to get a clean audit. But,'' he said, ``it has 
been challenging in the fiscal environment we have operated in 
recent years--shutdowns, fiscal cliffs, continuing resolutions, 
lack of certainty, lack of predictability.'' And he is 
absolutely right.
    Part of this--what is it?--``We have looked at the enemy, 
and it is us.'' There is some of that going on here with 
respect to their becoming auditable at DOD and our doing an 
even better job on this particular program.
    Before we break and bring on the second panel, let me just 
ask this: What can we do--and I think part of it would be a 
reauthorization, but just what can we do with some specificity, 
feel free to mention that, but then drill down a little bit 
beyond the 3, 5, or whatever period of time would be most 
helpful. And, Mr. Caldwell, I am going to ask you to go last on 
this, but, Suzanne, if you would just start off, and then David 
and then Steve, but, please, our responsibilities.
    Ms. Spaulding. Mr. Chairman, thank you very much. Thank you 
for the question, and thank you for your interest and hard work 
and efforts to make sure that this program is on track and is 
where it needs to be. I indicated earlier how much we valued 
the peer review, outside input and recommendations. We very 
much value GAO's second set of eyes, third, fourth set of eyes 
on our program, and we very much value the oversight of this 
Committee in helping us make sure that we are meeting the 
national security imperative in a way that makes sense for 
industry and keeps America safe. And so that continued 
oversight----
    Chairman Carper. I am going to interrupt you.
    Ms. Spaulding [continuing]. Will be helpful.
    Chairman Carper. Give me some specifics. I want some 
specifics. This is your chance to ask us, this is your--to say, 
``Here is your to-do list.'' Give us your order. Or we will 
take the order, so, please, take advantage of it right now.
    Ms. Spaulding. Thank you. I would, say again that the long-
term authorization, permanent authorization for this program is 
probably the single most important thing that Congress could do 
to help advance this program.
    Chairman Carper. All right.
    Ms. Spaulding. For all of the reasons that we have talked 
about, and you mentioned in yesterday's hearing the references 
to----
    Chairman Carper. I have that. Let us go--OK.
    Ms. Spaulding [continuing]. The economic challenges.
    Chairman Carper. You can move on from that. I have that. 
Thank you.
    Ms. Spaulding. Right. And with regard to further 
legislative proposals, we are looking at that, at ways in which 
the current statutory regime, might be strengthened to give us 
authority. We are looking at, for example, is the compliance 
regime and our ability to bring enforcement actions, does that 
need to be strengthened? Does that need to be streamlined? And 
that is something we are looking at, and we will come back to 
the Committee, when we have finished looking at that.
    Again, I think Congress, in creating this Risk-Based 
Performance Standard Program, which does not require facilities 
to build a 15-foot fence but gives them the leeway to develop 
the measures based on an outcome, is the right approach. And so 
I would encourage that authorization to continue that approach, 
which is, again, an outcome-based approach.
    We are looking at, in the context of rulemaking, whether we 
want to open this up and make some changes to our rule. But, 
again, I think authorizing the program more or less as it 
currently stands is really, what we are looking for from 
Congress.
    Chairman Carper. All right.
    Ms. Spaulding. Director Wulf may have some----
    Chairman Carper. Before you say anything, David, when Jane 
Holl Lute was the Deputy, she used to come before us and 
testify, Deputy Secretary at DHS, we would ask her, ``How did 
DHS get off the high-risk list at GAO for any number of sins?'' 
And she said one of the things that she did, she would go meet 
with Gene Dodaro, the Comptroller General, literally in his 
office, and say, ``We want to get off your high-risk list. What 
do we need to do to do that?'' And they were just like chapter 
and verse: This is what you need to do, this is what you need 
to do. And I think her leadership and Rafael Borras, his 
leadership in the Department, were enormously helpful in that, 
I am sure the Secretary's admonitions as well.
    Mr. Wulf, far be it from me to tell you what to do, but if 
the Deputy Secretary of the Department can go call on the 
Comptroller General and his staff again and again and again to, 
clear out the underbrush and get off the high-risk list in a 
variety of ways, you may want to consider some visits over here 
to the Hill. And my wing man here, Dr. Coburn, he has some real 
reservations--you have heard them today--real reservations on 
what--not to take away from the work that has been done, but 
actual things that need to be done. And to the extent that you 
can almost one on one with some of your team work with him and 
his team, that would be enormously helpful to you and I think 
to us, so I would urge you to do that.
    Mr. Wulf. Yes, we absolutely will do that.
    Chairman Carper. All right. Thank you.
    Mr. Caldwell, any closing statements here to help us along.
    Mr. Caldwell. Yes, a couple of things. Some are asking the 
really big question about CFATS, like: Is this the right 
approach, or should we start over again? If we start over 
again, it is going to be years before we have anything in 
place. At GAO, the most important criteria is the laws that 
Congress passed, and CFATS was passed, and there has been 
appropriations for it, so we see that as a sign of 
congressional support. There are advantages of authorizing the 
program in terms of the stability, both to the people running 
the program as well as to industry.
    In terms of authorizing legislation, the House has already 
taken that up, and there are ways to nudge the Department to do 
things where there is congressional interest in particular 
improvements. One thing that comes to mind is discussion about 
the small business community and how to help them. The House 
bill does have a section to help small business. So that is an 
example where Congress can make sure things happen by putting 
them in legislation.
    On the personnel surety side, I am not really sure what is 
going to happen. I do not know how to get that rule out of OMB. 
I am not sure the Department knows or Congress knows at this 
point how to move OMB.
    Chairman Carper. All right. At least we can have a 
conversation with OMB, and we are going to have that this week, 
and this hearing has spurred us to do that. Sometimes that can 
be helpful.
    Mr. Caldwell. So that would be good.
    Chairman Carper. All right. I have these guiding principles 
that I try to follow. They are kind of like my moral compass. 
And we have actually touched on a number of them here today.
    One, if it is not perfect, make it better.
    Another one is just use some common sense. I think we see 
some opportunities to do more of that here.
    I have a friend who, if you say to him, ``How are you 
doing?'' he says, ``Compared to what?'' And if you compare this 
program to where it was a half dozen years ago, you have come a 
long way. But we are not in the end zone; we are not in the red 
zone. And we need to get there.
    I used the analogy yesterday, I will use it again today: In 
naval aviation, when--I was an old Navy P-3 aircraft mission 
commander for a number of years. In our airplane, the P-3 
aircraft--the plane that has been used over the Indian Ocean to 
do a lot of these searches. But in aircraft, you are coming 
down the runway to begin your takeoff roll, and you reach a 
spot in your takeoff roll called ``the refusal speed.'' And 
refusal speed is the point where the pilot in command either 
pulls back on the throttle and you stay on the ground, or you 
push ahead and fly. I think we are really sort of--I thought we 
were--yesterday I said, ``I think we are at refusal speed at 
DOD in the work they are moving toward, getting a clean 
audit.'' I think this program is at refusal speed, too. And 
just like DHS decided to push ahead and to fly to the goal of 
getting a clean audit, I think that is pretty much where we 
are. And just like DOD needs to go to school on DHS and how 
they got a clean audit, there are, I think, some opportunities 
here for us to learn as well. And a big part of it was Jane 
Holl Lute and probably Rafael Borras coming over personally and 
meeting with GAO folks and saying, ``OK, what do we need to do? 
What are we doing? And what more can we do? And what help do we 
need?'' So keep that in mind.
    With that, we are going to call our second panel of 
witnesses forward, and, Ms. Spaulding, I think we get to meet 
with you on a different subject later today.
    Ms. Spaulding. I am looking forward to it, Senator. Thank 
you.
    Chairman Carper. We look forward to it as well. Thank you 
so much.
    Ms. Spaulding. Thank you very much.
    Chairman Carper. Thanks, Mr. Wulf.
    Mr. Wulf. Thank you.
    Chairman Carper. Thank you, Mr. Caldwell. And, Mr. 
Caldwell, everybody at GAO who worked day and night very hard 
and who provide great service and assistance to us in our jobs, 
we want to again thank you. And we need your help. Just like 
you have been helpful to our friends over in the House as they 
fashioned their bill, we would like to have some of the same.
    Mr. Caldwell. And such meetings have already started, so 
thank you.
    Chairman Carper. Thanks so much.
    [Pause.]
    All right. Good morning. I am not going to introduce or 
provide a formal introduction for our witnesses. We are happy 
you are here. It is nice to see you all, and we welcome your 
testimony.
    We are going to go ahead and start, and Dr. Coburn may well 
come back and spell me so I can run and vote the first and 
second votes, but the idea is to keep moving and to give you 
full opportunity to hear--it will give us a full opportunity to 
hear your testimonies and then for us to be able to have a good 
conversation. So welcome. Dr. Shea, why don't you go first?

TESTIMONY OF DANA A. SHEA,\1\ PH.D., SPECIALIST IN SCIENCE AND 
 TECHNOLOGY POLICY, RESOURCES, SCIENCE, AND INDUSTRY DIVISION, 
      CONGRESSIONAL RESEARCH SERVICE, LIBRARY OF CONGRESS

    Mr. Shea. Thank you for the opportunity to testify before 
the Committee today about Federal efforts to secure chemical 
facilities within the United States from terrorist attack. In 
addition to my remarks today, the Congressional Research 
Service (CRS) has several reports on this topic, and in 
accordance with our enabling statutes, CRS takes no position on 
any related legislation.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Shea appears in the Appendix on 
page 70.
---------------------------------------------------------------------------
    My testimony has three parts. First, I will reference the 
CFATS program's progress and challenges; second, I will 
identify several policy issues regarding authorization----
    Chairman Carper. Let me just say, were you here when I made 
my earlier admonition to our first panel about acronyms?
    Mr. Shea. I was.
    Chairman Carper. I thought didn't they do a great job? I 
would just ask that you follow their example.
    Mr. Shea. Third, I will briefly analyze H.R. 4007, the 
Chemical Facility Anti-Terrorism Standards Program 
Authorization and Accountability Act of 2014.
    The 109th Congress authorized DHS to regulate chemical 
facilities for security purposes. Subsequent Congresses have 
extended this authority, which now expires on October 4, 2014. 
Advocacy groups, stakeholders, and policymakers have called for 
its reauthorization, though they disagree about the preferred 
approach.
    Since 2007, the CFATS program has received more than 46,000 
Top-Screen submissions from over 36,000 chemical facilities. 
DHS currently regulates approximately 4,100 facilities as high 
risk.
    DHS has had challenges in implementing the CFATS 
regulations. These include a persistent backlog of high-risk 
facilities not assigned a final risk tier, an ongoing effort to 
develop and implement a personnel surety Risk-Based Performance 
Standard, and a failure to meet DHS expectations for inspecting 
regulated facilities and approving Site Security Plans.
    That said, the pace of DHS authorization, inspection, and 
approval of Site Security Plans at regulated facilities has 
increased compared to the early days of the CFATS program.
    Policymakers have considered chemical facility security in 
the 113th Congress. Some of the issues debated include: how to 
assess facility risk, whether to employ third parties as 
inspectors, and whether DHS should be allowed to mandate 
facilities use certain approaches or chemical process 
practices, also known as ``inherently safer technologies.''
    A key underpinning of the CFATS program is its assessment 
of facility security risk. The DHS is currently determining how 
to best address recommendations for improving its risk 
assessment process.
    Congressional policymakers may be interested in how changes 
in how DHS determines risk affect the regulated community and 
what plans DHS has to minimize financial impacts. The regulated 
community's investment in security measures will increase as 
program implementation continues.
    Regarding third-party inspectors, DHS has implied that its 
existing statutory authority allows their use. Policy issues 
include whether third parties should perform CFATS inspections 
and, if so, who might be appropriate, and how to harmonize 
training and inspection standards.
    If CFATS program performance challenges arise from 
insufficient inspection capacity, third-party inspectors might 
help. If the challenges arise from other factors, third-party 
inspectors might have little effect on performance.
    The Obama Administration has stated its support for 
inherently safer technologies to enhance security at high-risk 
chemical facilities. Currently, DHS cannot require a regulated 
facility to adopt specific security approaches or chemical 
process changes, including inherently safer technologies. A 
fundamental challenge is how to compare a technology with its 
potential replacement.
    Congressional policymakers might mandate the implementation 
or consideration of certain inherently safer technologies, or 
they might direct DHS to identify specific approaches. 
Alternatively, policymakers might establish an incentive-based 
structure to encourage regulated entities to adopt inherently 
safer technologies.
    To some extent, the CFATS regulation provides such an 
incentive since DHS might assign such facilities to lower-risk 
tiers.
    I will now summarize how H.R. 4007 compares with the 
existing statute. The bill incorporates much of the existing 
statute, but it also has key differences. Some examples are: 
The current statutory authority will terminate on October 4, 
2014; the authority granted under H.R. 4007 would be permanent.
    The current statute does not specify how DHS should 
consider security risk. The bill directs DHS to use specific 
criteria when assessing chemical facility risk.
    The bill would expressly allow the Secretary to use third-
party inspectors in the inspection process, and the bill would 
provide certain limitations on the Secretary with respect to 
issuing a personnel surety standard. These limitations would 
conflict with the current DHS personnel surety approach.
    Thank you for the opportunity to appear before the 
Committee, and I would be happy to answer any questions you 
might have.
    Senator Coburn. [Presiding.] Mr. Shea, thank you. Sorry for 
the back and forth. The votes will continue while we will do 
this. Ms. Fendley.

TESTIMONY OF ANNA FENDLEY,\1\ MPH, LEGISLATIVE REPRESENTATIVE, 
                      UNITED STEELWORKERS

    Ms. Fendley. Good morning. Thank you for the opportunity to 
testify today. I am here on behalf of the United Steelworkers 
(USW) International Union. Our 850,000 members include the 
majority of unionized workers in the chemical industry and 
hundreds of thousands of men and women whose workplaces use and 
store large quantities of industrial chemicals.
---------------------------------------------------------------------------
    \1\ The prepared statement of Ms. Fendley appears in the Appendix 
on page 87.
---------------------------------------------------------------------------
    Our members are well aware of the hazards and the potential 
for widespread damage to critical infrastructure and the 
communities where they work and live. Small accidental releases 
occur more often than the public realizes, and it is only a 
matter of time before the next large explosion or release.
    Events in West, Texas, and at the Chevron refinery in 
Richmond, California, have brought acute national attention to 
the danger of chemical facilities and the need to prevent 
catastrophic events caused either by accident or by the 
intentional actions of terrorists.
    The CFATS program was an interim measure when the 109th 
Congress gave DHS statutory authority to regulate chemical 
facilities for security purposes. Since that time subsequent 
Congresses have continued to extend the authority to DHS for 
the program without addressing recognized problems with its 
implementation and scope.
    A legislative path forward needs to address the inherent 
weaknesses of CFATS, five of which I will cite in detail today.
    First, CFATS coverage does not extend to chemicals shipped 
or stored outside of a facility's fence line in nearby rail 
yards or elsewhere that may have little or no security 
measures. Currently CFATS does not prevent and DHS does not 
systematically document whether chemicals and the risks 
associated with them are merely shifted from one location to 
another.
    Second, DHS is prohibited from requiring a CFATS-covered 
facility to use any particular security measure, including a 
fence in a particular area, a specific control on a unit, or 
any other measure that is well documented through past practice 
in the industry.
    Third, CFATS should develop and promote the most effective 
means of preventing a chemical incident, which is reducing the 
potential consequences by using safer chemical processes. DHS, 
the Environmental Protection Agency, and the U.S. Chemical 
Safety Board (CSB) have cited the effectiveness of assessing 
and, where feasible, implementing safer processes at high-risk 
facilities.
    According to a report from DHS, since the inception of the 
CFATS program nearly 1,900 facilities have removed or reduced 
their chemicals of interest. But many companies will never even 
look into innovating with safer processes without a legal 
requirement to do so.
    Fourth, many have expressed concerns today about 
duplication of efforts and the burden for multiple background 
checks under the Personnel Surety Program. The Transportation 
Worker Identification Credential is an option to use under 
CFATS. Many of our members have successfully obtained a TWIC 
card, but it is not without some concerns.
    Another concern about personnel surety is that CFATS does 
not prevent the collection of unnecessary personal employee 
data by employers or third parties. There is not an adequate 
appeals process for workers who are wrongly discriminated 
against during the personnel surety process. In a February 3 
Federal Register notice, DHS stated that employment decisions 
based on background checks are outside of the scope of CFATS 
and that DHS expects employers to comply with applicable 
Federal, State, and local law regarding employment and privacy.
    Workers are seeing DHS apathy about their jobs play out in 
facilities across the country. In fact, one of our local unions 
recently received a letter from their employer that said, 
``Although [our company] and its representatives are not 
required to notify its employees or union leadership of this 
requirement prior to conducting background investigations, we 
believe it is a prudent and a good business practice to do 
so.''
    Not all employers will do the right thing by telling their 
employers about new security measures without a requirement. On 
the whole this is inadequate. Workers need to be informed about 
security measures, including background checks being performed 
on them, and workers need an appeals process should they be 
unjustly disqualified from their job due to an employer-
conducted background check.
    This brings me to my fifth point. CFATS lacks the 
requirement for a meaningful role for workers in chemical 
security. It is our observation that DHS stakeholder engagement 
with industry is frequent and productive. However, DHS does not 
adequately engage workers and their representatives either at 
the Federal level or within a facility. Workers at facilities 
would be hurt first and worst in an attack. CFATS should 
require meaningful involvement of plant employees in developing 
security plans and provide whistleblower protections for those 
who engage in the process. At a very minimum this could help 
DHS identify facilities that are covered by CFATS but are not 
complying with its requirements.
    In closing, any legislation authorizing the program must be 
responsive to the identified shortcomings and challenges of 
CFATS.
    Thank you again for the opportunity to testify today.
    Senator Coburn. Mr. Scott.

 TESTIMONY OF TIMOTHY J. SCOTT,\1\ CHIEF SECURITY OFFICER, THE 
    DOW CHEMICAL COMPANY, ON BEHALF OF DOW AND THE AMERICAN 
                       CHEMISTRY COUNCIL

    Mr. Scott. Chairman Carper, Ranking Member Coburn, and 
Members of the Committee, I am Tim Scott, chief security 
officer and corporation director for emergency services and 
security at Dow Chemical. I am here today representing Dow and 
the American Chemistry Council.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Scott appears in the Appendix on 
page 92.
---------------------------------------------------------------------------
    The security of our Nation's chemical industry has been in 
the media, legislative, and regulatory spotlight since 9/11. 
But industry's efforts to be a safe and secure partner in the 
communities where we operate and transport our products started 
well before then.
    When DHS was given the authority to regulate the chemical 
industry relative to security, the industry was an active and 
enthusiastic partner in the development of the Risk-Based 
Performance Standards. The Responsible Care Security Code 
matched these standards in many areas and is a mandatory 
requirement for the American Chemical Council (ACC) membership.
    The launch of DHS, CFATS, and the Responsible Care Security 
Code is a successful example of what defines a partnership: 
everyone working toward a common goal, perhaps in a different 
manner, but with one focus.
    During that time and still today, ACC is very proactive in 
supporting CFATS legislation in order to bring everyone to the 
table. The launch of DHS and CFATS was tenuous at first, but it 
is successful based on a partnership approach with open 
communication. Through the last few years, the implementation 
became difficult for many reasons. The communication and the 
partnership was strained. I am here today to say that we have 
turned the corner and we are once again on the right path. The 
partnership is working. Progress is being made, and the 
security of the chemical industry is stronger today than ever 
before.
    There have been many positive developments over the last 
several months with the most significant being the progress 
toward multiyear authorization for CFATS. A multiyear 
authorizorization puts DHS and CFATS closer in line to the 
industry's capital planning process and allows for some 
certainty for industry to take action.
    A multiyear authorization also brings stability to DHS in 
planning and implementing CFATS and also in staffing to be sure 
that the necessary expertise is in place and will remain in 
place to accomplish the mission.
    Maintaining the original premise of Risk-Based Performance 
Standards and allowing individual sites the flexibility to 
determine the local solution that will meet the standards also 
spurs progress.
    No two sites are the same, but all must meet the same goal. 
This flexibility allows each unique site to identify the 
solution that meets the performance standard in the best manner 
for that site, and improving security to meet the performance 
standard is the goal.
    We are not done. Industry, DHS, and this Committee are not 
done. We are making progress, but we need to complete the 
mission. We need to fine-tune the personnel surety process so 
that it adds value to all concerned. We need to share critical 
information. We need to ensure that risk is being determined in 
a fair and consistent manner. And we need to leverage the 
plethora of industry security programs that are already in 
place today such as the ACC Responsible Care Program.
    We have improved communications between DHS and the sites, 
but we need to do more. We need to give the regulators the 
resources needed to ensure compliance, to understand the 
regulations, understand how the industry works, understand the 
sites and their area of responsibility, and visit those sites 
on a regular basis. And industry needs to challenge our peers. 
We need to self-regulate and bring everyone included in what is 
considered the chemical sector into the process. And we need to 
include the communities around our sites and along our 
transportation routes.
    CFATS is making the chemical industry more secure. DHS is 
maturing and finding its balance and reaching its goals. 
Industry is doing its share, but we are not done. A multiyear 
reauthorization and a commitment to continue the partnership in 
a risk-based approach are essential.
    Just as important, we need to bring all the players to the 
table to work toward our common goal. We are not there yet on 
either the public or the private sector sides. We are 
encouraged by the progress being made, but we need your help in 
maintaining this forward momentum.
    Thank you.
    Senator Coburn. Thank you.
    Senator Johnson, I am going to let you go first since I am 
going to go late to the vote.
    Senator Johnson. Thanks, Senator Coburn.
    Mr. Scott, I really want to explore private sector 
cooperation in terms of achieving that goal, that shared focus 
that you were talking about. I would imagine Dow Chemical is 
ISO certified?
    Mr. Scott. Yes, sir.
    Senator Johnson. Do you believe within that framework you 
could utilize the surveillance audits of certification of ISO 
to work in coordination with what we are trying to do here with 
CFATS?
    Mr. Scott. Yes, sir, it would be a very good fit, very 
close fit, and it would be a good foundation for the whole 
process, yes.
    Senator Johnson. Can you just talk about, as a private 
sector company, the duplication of audits of certification, of, 
whether it is insurance, whether it is ISO, whether it is the 
multiple regulatory agencies you comply with and the cost of 
that duplication?
    Mr. Scott. There is a significant amount of overlap, and on 
security, on CFATS alone, we, Dow Chemical, have spent about 
$300 million on a global basis. Now, probably about half of 
that or two-thirds of that has been spent in the United States, 
but we implement everything on a global basis. So to our 
company at least, it has been significant.
    Senator Johnson. How much would you have spent without 
CFATS? Just because you recognize within the private sector 
your insurance ratings, insurance expenses, how much do you 
think you would have spent without CFATS?
    Mr. Scott. Well, it would probably be a little bit less, 
but we implement the Responsible Care Code, and it does very 
similar things. We tier our sites, and, again, we implement the 
Responsible Care Code on a global basis. So our higher-tier 
sites under Responsible Care already have a higher level of 
security in place.
    CFATS brings some more specifics focused on things like the 
vehicle barricades at gates that need to be in place, so there 
would be some difference. But CFATS does add some cost, but 
Responsible Care implementation also adds some cost, and we 
have been moving to bear that.
    Senator Johnson. Let me move on. You talked about the 
American Chemical Council. There are certain standards that you 
have to meet just to be a certified member of that, correct? 
Can you just speak to those a little bit?
    Mr. Scott. The Responsible Care standards are very strict. 
You have to implement Responsible Care across the board at your 
sites in order to be a member of ACC. It is audited. You do a 
self-assessment audit on an annual basis. You have external 
auditors on a 3-year cycle. So we look at the whole picture of 
the Responsible Care Codes, which includes things in my area, 
obviously, are security, the Responsible Care Security Code, 
but we also have codes that are specific to transportation 
security, transportation emergency response, site emergency 
response, which includes--those include the Community Awareness 
and Emergency Response program, plus the Transportation 
Community Awareness and Emergency Response (TRANSCAER) program 
for transportation emergency. So it is an all-inclusive code.
    Senator Johnson. What has happened to those standards since 
September 11, 2001?
    Mr. Scott. We have added the Security Code, it was added 
after 9/11. The rest of those codes were in place well before 
9/11. I think we have bulked up a lot of them. We have gone 
back and looked at the details and added some specifics around 
particularly transportation. There is a process safety piece to 
the Responsible Care Codes that we have now linked that with 
the Security Code, so we can do vulnerability assessments from 
both a security perspective and a process safety perspective. 
So I think we have built on what we already had in place to 
make it stronger.
    Senator Johnson. Dow Chemical is obviously one of the big 
guys. Are you concerned about your distribution system, your 
smaller customers, your smaller suppliers and their ability 
to--obviously, you have the financial wherewithal to spend 
money on this. Can you speak to the difficulty maybe smaller 
companies, smaller suppliers are having trying to comply with 
this? And do you have any solutions?
    Mr. Scott. Solutions.
    Senator Johnson. Just start background the problem.
    Mr. Scott. I will start with the problem first. Yes, 
smaller companies find it very difficult to meet some of the 
standards in place just because of the size and the cost of the 
standards that are in place. But I think as we heard with DHS, 
they are doing a very good job of going out and working with 
people that--especially the smaller companies, to find a 
reasonable approach to upgrade the level of security. So I 
think there has been a lot of progress made working with that.
    Many of the associations--ACC and the other industry 
associations--have been out working with their member companies 
to work through the whole process. I think that has been 
helpful.
    There is a cost involved, and there are a lot of companies, 
small companies out there, that do not belong to a member 
company. Dow works through its supply chain network and its 
customer network. So we work on both ends, not just at our 
sites but on the transportation routes and our customers and 
our suppliers and those who carry our products. So we work very 
closely with all those companies to make sure they are meeting 
the standards.
    Senator Johnson. Dr. Shea, Ms. Fendley talked a little bit 
about background checks. I would like you to address the 
problem that employers have when they are kind of caught 
between a rock and a hard place trying to comply with a 
regulation, from one agency and then privacy concerns and 
employment law on the other. Can you speak to--how does 
business deal with those?
    Mr. Shea. I think there have been several concerns that 
have been raised in the context of personnel surety here. One 
is regarding information and its sharing from the Federal 
Government down to companies. The other one is related to the 
employees themselves knowing the results of any sort of 
background check that is performed. And then the third one, 
which was brought up earlier in this hearing, is about whether 
or not, if you have already undergone a background check under 
one program, should you also then undergo some sort of vetting 
to either validate the credential that you have or to be 
certified under another program.
    The Department of Homeland Security has said that the 
information sharing that it would be doing would not be 
necessarily to a facility but potentially to local law 
enforcement. Similarly, the information that it would have 
about positive hits in its database may not be provided back to 
a person that is being vetted. The proper recourse from their 
perspective is either an intelligence-based one or a law 
enforcement-based one.
    Of course, as probably Mr. Scott can refer to, the 
stakeholders believe that this information is information that 
is important to them, either for business decisions or 
potentially for liability. And so the personnel surety proposal 
that DHS has put forward, stakeholders have had a series of 
concerns and wish DHS to modify it in a variety of ways.
    This proposal, as was pointed out by DHS, has gone through 
two comment periods, actually, and is now up in front of OMB 
for final determination.
    Senator Johnson. But specifically I want you to address 
employers trying to comply with CFATS. Are they vulnerable? Are 
they going to be subject to lawsuits in terms of employment 
discrimination? What kind of vulnerability exists there? And 
how can you address that? How can we prevent that?
    Mr. Shea. I think that is a very challenging problem, and 
it probably falls into the area of legal counsel and 
determinations by general counsel. That would be out of the 
scope of what I would really be able to discuss.
    Senator Johnson. Ms. Fendley, you raised the issue which 
raised the question in my mind. Can you speak to that a little 
bit?
    Ms. Fendley. Sure. I think that the most important thing 
that we are looking for is some transparency. As the letter I 
referenced that one of our local unions received from its 
company said, they feel like they have no obligation to even 
tell their employees that they are going to be undergoing 
background checks due to their CFATS Site Security Plan. And 
any employment decision that would result in a worker getting 
fired, if that worker had a local union, certainly that would 
be challenged and questioned. But many workplaces do not have 
unions, and workers could potentially be fired and not 
understand why.
    Senator Johnson. Well, even non-unionized workers have 
recourse through the courts, and that is the problem I am 
having with the regulations requiring that. Again, employers 
end up being just in an impossible situation. But I am over 
time. Thank you.
    Senator Coburn. I will submit the majority of my questions 
to the record since we have about 4 minutes left on this vote, 
Ron, if you want to take off.
    Transparency is key, I agree with you. But the fact is if 
somebody has to pass a CFATS personnel surety check and they 
cannot pass it, what is the legal basis--if there is 
transparency--for a suit against somebody for not allowing that 
person to have that employment, if they cannot meet the 
requirements that the government says?
    Ms. Fendley. I agree with you, and I think that you make a 
very accurate point. I think what we are concerned about is 
decisions that are made due to inaccurate information, whether 
we hear all the time reports about people's credit checks or 
criminal histories being inaccurate. And what is the recourse 
for someone who gets an adverse employment decision based upon 
inaccurate information? I recognize, we all recognize the hard 
place that employers are in in this case, and we really want to 
work with DHS and with industry to get to a solution that works 
for everyone.
    Senator Coburn. All right. Thank you. I will submit the 
rest of my questions for the record.
    Chairman Carper. [Presiding.] All right. Thanks, Dr. 
Coburn. Sorry to be gone for so long. The first vote, they 
stretched it out 27 minutes. It is supposed to be 15 or 20.
    Anyway, I am back so I missed the questioning that took 
place. I think what I would like to ask is--one of the things I 
like to do at these hearings is we have a diverse panel here, 
and we need help in developing consensus. I said earlier that I 
very much would like to see us authorize the CFATS program, not 
permanently, probably not for 5 years, but certainly for more 
than zero, which is where we are right now.
    Would you just talk with us about why it is important from 
your perspectives for the Congress to do something, not just 
anything but something constructive, and what might be most 
important in that something constructive for us on our to-do 
list as we approach authorization, reauthorization of this 
program? Do you want to go first, Dr. Shea?
    Mr. Shea. Certainly. So with regards to concerns about the 
program, as has been pointed out previously, the duration of, 
or actually if there would be, any reauthorization of the 
program has been brought up both by stakeholders and by the 
agency itself in terms of providing consistency and a sense 
that the program would be an enduring program.
    The current proposal in the House would be a permanent 
authorization with a 3-year authorization of appropriations. 
The President has requested in his budget a 1-year extension of 
this authority. So, there is a range of potential durations for 
any potential extension that Congress might want to put into 
place.
    The longer that that duration is, then the more constancy 
the program might have. On the other hand, the shorter that 
reauthorization period is, the greater the potential for 
Congress to come back and review how the program is going 
because of these deadlines.
    The program has been extended essentially in 1-year 
increments through the appropriations process. That has, since 
the original statute was put in place, caused Congress to come 
back and look at this basically in each Congress. I think one 
might be able to make a strong case that a medium-term or a 
short-term authorization would increase congressional oversight 
on the progress.
    I think the other issue that has come to the fore is about 
the rate of implementation. Part of this is, I believe, a 
question of what is the intent of Congress regarding how 
quickly this program should be fully in place. During the time 
that the original statutory authority was provided, there was a 
sense that this needed to be in place rather quickly with the 
6-month requirement for the interim final rule. As we heard 
earlier today, DHS is projecting at least multiple years before 
they will reach completion on the first round of these 
facilities. So direction from Congress about how long this 
process should take might assist them in their priorities.
    Chairman Carper. All right. Thank you.
    Ms. Fendley, I notice you have a Ph.D., we have Mr. Scott, 
and he has nothing after his name; and for you we have a Master 
of Public Health ``(MPH).'' And I turned to my staff, and I 
said, ``Is that `miles per hour'?'' They said, ``No. It might 
be `Master's in Public Health.' '' I do not know. What is it?
    Ms. Fendley. Yes, sir, that is what it is.
    Chairman Carper. All right. Fair enough.
    Well, speaking of miles per hour, we are trying to move 
into the fast lane as we move toward some kind of authorization 
here. At least we get off the curb and move us down the road to 
help us with that.
    Ms. Fendley. Wonderful. So I think from our perspective, 
the most important thing that Congress could do when looking 
at, authorizing the program is find a way to protect the 
workers at these sites. Ultimately this does affect conditions 
of work, and workers who report a security vulnerability do not 
have whistleblower protections. As I mentioned in my testimony, 
there are concerns within the Personnel Surety Program, and 
workers are not involved by DHS or their employers in the 
development of these plans, which we think harms security. We 
think workers really understand better than anyone else the 
vulnerabilities at a site and what can be done to prevent a 
catastrophic incident. So those would be our top-line items for 
your to-do list.
    Chairman Carper. All right. Thank you. Mr. Scott, are you 
here representing Dow?
    Mr. Scott. Dow Chemical and the American Chemistry Council.
    Chairman Carper. And how long have you been with Dow?
    Mr. Scott. Thirty-five years.
    Chairman Carper. Did you start right out of school?
    Mr. Scott. No. I started right out of the Navy.
    Chairman Carper. Oh, really? What did you do in the Navy?
    Mr. Scott. I was on the first crew of the USS Nimitz, which 
is now the old nuclear aircraft carrier.
    Chairman Carper. How about that. Good for you. I once took 
a bunch of Boy Scouts down to Norfolk Naval Station. My sons 
were both Scouts, and had about, 20 or 25 Scouts and some 
adults with them, and we visited the Theodore Roosevelt. This 
was about 6, 7, 8 years ago. And it was a Sunday morning, and 
the captain of the ship was there to greet us, took us up to 
the conning tower, and we were talking with him. He was talking 
with us about our boys and about what the Roosevelt could do, 
and he said, ``Boys, when our ship goes to sea, it is a 
thousand feet long.'' The boys went, ``Oooh.'' He said, ``When 
the Roosevelt goes to sea, we have 5,000 sailors on board.'' 
And the boys went, ``Oooh.'' And he said, ``And when the 
Roosevelt goes to sea, we have 75 aircraft on board.'' And the 
boys went, ``Oooh.''
    Then he said, ``And the USS Roosevelt''--which is a nuclear 
ship. ``The USS Roosevelt stops to refuel every 25 years.'' And 
the adults went, ``Oooh. Very impressive.''
    So talk to us, if you will, please?
    Mr. Scott. The Roosevelt is a Nimitz class carrier, that is 
right. And I apologize. A lot of people put things after my 
name, but I do not put them out there to----
    Chairman Carper. Some put things before my name. 
[Laughter.]
    Mr. Scott. There you go.
    Chairman Carper. It is probably better to have them after 
your name.
    Mr. Scott. We talked a little bit about the extension and 
the length of the extension, and that is a critical point for 
industry and for DHS, just to provide some certainty. And I 
think it is certainty for industry so they know that the 
program is going to be in place. But it is also certainty for 
DHS. And 3 years is the minimum to really match up with the 
capital planning process for industry. If you tell me today I 
have to go do something, I will get the money next year and 
probably finish the project the year after that. So, 3 years is 
the minimum as far as working with industry and making it a 
little bit easier to do the planning process. So three is good, 
four is better.
    But it is also certainty for DHS. They have had a lot of 
people moving in and out of DHS and change jobs, and I think 
part of the issue is that there is no certainty in DHS that DHS 
is going to be in existence, that CFATS is still going to go 
on. And that hurts the whole process when we have a lot of 
changeover in personnel.
    So I think that is a key benefit for them--nothing to do 
with CFATS, the process itself, but just with maintaining 
personnel and qualified personnel and keep them in place long 
enough to get the job done.
    The other thing that I would like to clarify just on the 
Personnel Surety Program, there are two pieces of this: The 
background checks is one piece, and that is the typical 
background check on the criminal history, anything that might 
keep you from being a good employee at the site. And there are 
processes in place for people to talk about that because things 
that happen when you are 18 years old and you are now 40 are 
different things. So I think that part of the process has been 
in place in most companies, as a matter of fact--for many 
years, and that process is working through.
    The issue on this one, in my opinion, is the terrorist 
database screening, so you separate those two, and industry can 
and has always typically done background checks, some specific 
to industry, some specific to a site. But, in general, they 
cover the same things. But the new edition is a terrorist 
database screening, and only the government can do that.
    So you have to submit the information to DHS or you use a 
process like the TWIC card that is already there. Everybody 
going out, especially small sites, going out and buying the 
equipment to implement the TWIC process is expensive and 
burdensome for some. We could do that at some of our smaller 
sites. We already do it at our MTSA sites. And that lets you 
see if this TWIC card still works. Then you know they have 
passed the terrorist database screening, and that is what we 
need to know for this sort of thing.
    There are also other credentials out there that if you 
validate that they are still current, they have also gone 
through a terrorist database screening, and those ought to be 
approved. But then there are some people that do not have any 
of that, and the site would have to submit that information to 
get the clearance and the terrorist database screening, which 
is essential to good security.
    The issue that I have is we never get a yes or a no from 
DHS. We do not give any--they do not issue a card. You just 
submit the information. Then you let the person go to work. And 
what I have asked for is, if somebody--just like the airlines, 
if there is somebody that is on the no-fly list, they cannot 
get on the airplane until they get the letter that says, ``No, 
this is the wrong John Doe. This one is good to go.''
    There needs to be that process in place so that we can be 
sure that everybody that is coming into our site does pass the 
terrorist database, and if there is somebody on the terrorist 
database list, there is a stop, a hold in place, until we get 
it cleared up. So that is the issue as far as the background, 
the personnel surety. It is the terrorist database screening 
and getting that information communicating between industry and 
DHS to get a hold versus just send in the information, let the 
person go to work, and we do not know if he is on it or not on 
it.
    Chairman Carper. All right. Of the audience--I do not 
normally ask questions of the audience, but I am going to ask a 
question. Anybody still here from DHS? Oh, good. I hope you 
took good notes on those comments, and that could be very 
helpful in terms of moving us along in a smart way. Thank you.
    The other thing I wanted to ask of all of you is just 
sometimes I will say, when we are looking to build consensus on 
an issue, you had an earlier panel that spoke, and I thought 
that was constructive, the interaction there with them. But 
think back on some of the conversation and reflect anything you 
want to reflect on, on what was said or maybe not said, maybe 
in their statements or in answering our questions, just some 
things that we should be mindful of that you agreed with, maybe 
did not agree with. Please. Some things you would like to 
underline, put an exclamation point at the end? Please.
    Ms. Fendley. Sure. So there are two things that came to 
mind when I was listening to the first panel. The first speaks 
to a point I have made multiple times, and that is when DHS 
talked about their stakeholder engagement, it was always 
stakeholder engagement with industry. And we would like to 
underline the point that workers, labor, is also a key 
stakeholder here, and we have not been engaged as much as we 
would like, we have not been able to do that with DHS, either 
at the Federal policy level or at the facility-by-facility 
level.
    The second thing that I would underline is, due to the 
backlog, due to the slow approval of Site Security Plans, our 
members are just now seeing and reporting in a few cases where 
the sites are beginning to implement plans. So we are hopeful 
that the flexibility within the program can continue because we 
want to make sure that these plans actually work. I do not 
think we are--as someone said, we are not--I believe it was 
you, Chairman--at the end zone yet, we are not even in the red 
zone. These plans are just beginning to be implemented, and we 
are just seeing the effects on workers at these sites.
    Chairman Carper. All right. Thank you. I am probably not 
the first to have said that. I am the first one that said it 
here today, so I will take credit.
    Others, just reflecting back on the first panel, what was 
said, maybe on what was unsaid.
    Mr. Scott. I would say there are more positives now than 
negatives, which is a great sign. I think the fact that they 
are recognizing--DHS is recognizing Alternative Security Plans 
makes it easier on everybody, especially the smaller companies.
    Chairman Carper. I thought that was a good takeaway.
    Mr. Scott. They are doing a great job there, and the 
various associations are helping the smaller companies by 
developing Alternative Security Plans that they can get out. So 
there is a good team effort there.
    I think the inspectors that are coming onsite now, it is 
more of a partnership approach, coming up with the right 
solution for each particular plant instead of coming in with a 
cookie-cutter approach, and that is significant progress. And I 
think the number of inspectors that they have out in the field 
now is increasing. So I think that is--the good news is I think 
the positives are outweighing the negatives as far as the 
implementation. I mean, everybody is still not happy that we 
are not farther along, but we are making a lot faster progress 
than we were in the past.
    Chairman Carper. Good. My staff was good enough to give me 
some questions I might want to consider asking. You just 
answered one without my asking it, so very good.
    Mr. Shea, anything you want to reflect back on the first 
panel?
    Mr. Shea. Certainly. The Department has talked about how it 
is currently undergoing a process to assess the recommendations 
for the way that it calculates risk. One of the things that has 
happened in the past when anomalies were discovered in the way 
that they calculated risk for facilities was that facilities 
changed risk tiers underneath the CFATS program. So, when DHS 
does implement whatever changes it makes to the way that it 
considers facility risk, regulated facilities might find 
themselves in a different risk tier. If you are moving from a 
lower to a higher tier, that might lead to your facility 
incurring more security costs; and, of course, if you are going 
from a higher-risk tier to a lower-risk tier, potentially lower 
security costs.
    This, of course, would have an impact on the facility 
itself. How DHS rolls that process out and how it considers the 
costs of implementation may be something to look at.
    Chairman Carper. All right. Thank you.
    One last question, if I can. I am going to ask this to Mr. 
Scott and to Dr. Shea. As I think we discussed earlier, DHS 
reports that roughly 3,000 chemical facilities around the 
country have tiered out of the program by removing or modifying 
or reducing the amount of chemicals of interest in their 
processes at their facilities. Do either of you have any more 
specific information about these facilities and how they did 
that or maybe you have some examples from Dow or some other 
place? But do you believe that we ought to be gathering some 
best practices from these facilities, maybe even ask GAO for a 
review and looking at those 3,000 a bit more closely to see 
what we can learn from them? Mr. Scott.
    Mr. Scott. Well, a lot of the changes were in inventory, 
the amount of the chemical of interest that you have onsite or 
that you use in the process. So I think that is one of the 
bigger reasons that made people move down in the tiering 
process.
    There are some that just by changing the percentage, the 
chemical makeup of a product, has taken it out of the process. 
So there are some things like that.
    I think there are some sites that we have just moved out 
of. The site for whatever reason--I mean, typically there is a 
business reason. Then you add security to it, and we have moved 
away from that site totally now. I know that has happened. And 
then there are other places where we have moved the process 
from one area, for example, in the Houston Ship Channel, which 
is a high population area, and a plant is an old type of 
manufacturing process, open-air type of manufacturing process, 
and we have moved it to our Texas operations area, which is 
south of Texas, and put the process into our new design 
process, which we use on a global basis, which is a fully 
contained--the part of the process that is critical, that has a 
chemical of interest, is fully contained in a pressurized 
container. So the safety is much higher for that particular 
site. So it is a combination of all of the above that really 
makes it work.
    Chairman Carper. Good. That is helpful.
    Mr. Shea, just briefly, and then we will wrap it up.
    Mr. Shea. I think to the extent that DHS has been following 
why these 3,000 facilities or how these 3,000 facilities have 
modified their holdings, I think that might be very 
enlightening. Whether or not they, for example, have not 
changed any of their processes and just, as has been pointed 
out, gone to a lower amount stored. This brings in this 
question of risk shifting that was addressed by the Committee 
earlier. The amount of risk that is contained in transporting 
chemicals more frequently, is that offsetting the risk that is 
reduced by having less at the facility?
    But the other issue that I would raise here is that the 
chemical industry has regularly said that these sorts of 
chemical process assessments are done as part of their business 
model. Then when they look at their process, they try to 
determine whether or not there is a different way that would be 
safer for them and cost-competitive with what they are doing. 
To the extent that that information is core to their business 
model, the sharing of that information may provide competitive 
advantage to their competitors who have not undergone as 
effective or efficient a process.
    Chairman Carper. OK. Well, our third and last vote for the 
morning is underway--actually, the morning is over--and so I am 
going to slip off and do my constitutional duty to vote.
    I had come here today hoping that we would hear from the 
first panel and the second panel and from my colleagues just a 
good exchange of ideas and information that would enable us to 
actually make some progress on cobbling together an 
authorization bill, a multiyear authorization bill that we 
could get strong support for here that Dr. Coburn and I might 
be able to support together. And this has been helpful. I thank 
you as well.
    We are fortunate in our State that we have--Dow is one of 
our corporate citizens. They acquired Rohm and Haas several 
years ago. Rohm and Haas had acquired a company called Rodel, a 
great company. And so we are blessed with Dow in our State and 
grateful not only for the employment opportunities they provide 
but really for the good that they do in our State. And I know 
that is true in other places around the country, so a special 
thanks to your compadres at Dow.
    I am going to ask our staffs, both Senator Coburn's staff, 
a key staff person on this issue, and several people on ours, 
just to stay together for a few minutes back in the anteroom 
and just reflect on what we have heard and talk about how we 
might build on this conversation going forward.
    The hearing record will remain open for 15 days--that is, 
until May 29, 5 p.m.--for the submission of statements and for 
questions for the record. And if you would hand me that gavel 
over there--would you just do a favor for me, just like bang 
it? With that, our hearing is adjourned. Thanks so much.
    [Whereupon, at 12:14 p.m., the Committee was adjourned.]

                            A P P E N D I X

                              ----------                 
                              
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]