RESPONSIBLE CARE®
SECURITY CODE
Daniel Roczniak
Senior Director, Responsible CareAmerican Chemistry Council
June 2010
Security CodePresentation Topics
• Background– Why a Security Code?– Public concerns addressed by the code.
• Key Focus areas of the Code• Link to other Codes• Benefits of implementing the Security Code• Questions and Answers
Security Code Why a Security Code?
• Code was a result of attacks on New York and Washington on September 11, 2001.
• Industry realized that it must act collectively to enhance security of its facilities, supply chains and cyber assets.
• Be pro-active rather than wait for federal and state government to develop security plans.
• Code development took six months with adoption in June 2002.
• All ACC members and Partners required to implement the Code in their operations.
Security Code Public Concerns Addressed
• Physical security of manufacturing locations.– Potential terrorist attacks.– Other types of violence which could impact local
populations.• Security of product in the supply chain.– Diversion of products.– Sabotage of products.
• Securing cyber assets– Prevent hacking to disrupt operations.– Unauthorized purchase/diversion of product.
Security Code Key Elements
• Management Commitment (Policy)– Senior management engagement– Security policies
• Analysis of Threats and Vulnerabilities (Plan)– Use of accepted risk-based Site Vulnerability Assessment methodology.– Cooperation with supply-chain Partners.
• Implementation of Security Measures (Do)– Documents– Training/Drills– Communications and Information Exchange– Response Plans
Security Code Key Elements
• Evaluation Process (Check)– Internal Auditing– Third-party verification of site security
• Review (Act)– Management of Change– Continuous Improvement Commitment
Code has 13 specific elements which companies implement.
Security Code Links to Other Codes
• Security Code
• Distribution Code– Supply Chain Assessments– Training, Drills, Guidance– Response to threats– Audits
• CAER Code– Stakeholder Dialogue– Information Exchange– Training/Drills
• Process Safety Code– Vulnerability Assessments– Management of Change– Implementation of Security Measures
• Product Stewardship Code - Supply Chain Assessments - Communications, Info exchange
Security CodeRequirements for ACC Companies
• Companies rank their manufacturing sites in tiers 1-4• Conduct Site Vulnerability Assessments (SVAs) and
identify necessary physical enhancements.• Third-party verifies implementation of site
enhancements.• Companies report Code implementation progress to
ACC after 18 months. Implementation must be complete after 36 months.
• Annual affirmation that code is being implemented.
Security CodeBenefits
• ACC was able to establish model for site security which provided inputs for state and federal laws and regulations.
• Strengthened existing supply chain relationships creating greater efficiencies.
• ACC companies were able to take advantage of provisions in laws recognizing existing security programs.
• Public concerns were addressed through proactive implementation.
• Strengthened industry-government relationships.