|View EO 12866 Meetings||Printer-Friendly Version Download RIN Data in XML|
|DHS/CISA||RIN: 1670-AA01||Publication ID: Fall 2022|
|Title: Chemical Facility Anti-Terrorism Standards (CFATS)|
The Cybersecurity and Infrastructure Security Agency (CISA) previously invited public comment on an Advance Notice of Proposed Rulemaking (ANPRM) during August 2014 for potential revisions to the Chemical Facility Anti-Terrorism Standards (CFATS) regulations. The ANPRM provided an opportunity for the public to provide recommendations for possible program changes. In June 2020, CISA published for public comment a retrospective analysis of the CFATS program. And in January 2021, CISA invited additional public comment through an ANPRM concerning the removal of certain explosive chemicals from CFATS. CISA intends to address many of the subjects raised in both ANPRMs and the retrospective analysis in this regulatory action, including potential updates to CFATS cybersecurity requirements and Appendix A to the CFATS regulations.
|Agency: Department of Homeland Security(DHS)||Priority: Other Significant|
|RIN Status: Previously published in the Unified Agenda||Agenda Stage of Rulemaking: Proposed Rule Stage|
|Major: No||Unfunded Mandates: No|
|CFR Citation: 6 CFR 27|
|Legal Authority: 6 U.S.C. 621 to 629|
Statement of Need:
The Chemical Facility Anti-Terrorism Standards (CFATS) program regulates facilities possessing large quantities of dangerous chemicals. The particular chemicals listed and threshold quantities were established in 2007, and were based on EPA’s threshold quantities for Hazardous Substances published under its Release Management Program. In the 15 years since implementation of the program, CISA has gained extensive experience in analyzing chemical holdings and determining which facilities should be classified as high-risk and subject to further regulation. Given its experience, CISA has determined that it should adjust its list of regulated chemicals, threshold quantities, and counting methods to better reflect the security issues implicated by these chemicals. Additionally, CISA believes that the CFATS security performance guidelines, first issued in 2009, should be updated to better reflect lessons learned over the past decade, including substantially updating the guidelines for cybersecurity performance metrics.
Summary of the Legal Basis:
This regulation is authorized pursuant to 6 U.S.C. 621 et seq.
CISA considered an alternative version of this NPRM where we updated only the performance guidance but not the chemical listings. Additionally, we considered an alternative version where changes to certain toxic chemical listings were omitted.
Anticipated Costs and Benefits:
CISA is developing the cost and benefits estimates for this rulemaking.
|Regulatory Flexibility Analysis Required: Yes||Government Levels Affected: Federal, Local, State|
|Small Entities Affected: Businesses||Federalism: No|
|Included in the Regulatory Plan: Yes|
|RIN Information URL: www.regulations.gov||Public Comment URL: www.regulations.gov|
|RIN Data Printed in the FR: Yes|
|Related RINs: Previously reported as 1601-AA69, Merged with 1670-AA03|
Deputy Branch Chief for Chemical Security Policy, Rulemaking, and Engagement
Department of Homeland Security
Cybersecurity and Infrastructure Security Agency
245 Murray Lane SW, Mail Stop 0610,
Arlington, VA 20528