US flag Official website of the Department of Homeland Security

CTPAT 2021 FAQs

CTPAT has compiled 2021 Frequently Asked Questions for Virtual Validations and more.

CTPAT Validation Process and Preparation (Virtual)

CTPAT Validation Process and Preparation (Virtual)

Q:  Can you talk about some of the struggles (not tech issues) from the 400 virtual validations and provide a few recommendations or experiences in preparing for a virtual validation?

A:  In keeping with the onsite validation process, communication and preparation are key, with both the SCSS and the business partners/providers that will be a part of the validation.  Paying close attention to the CTPAT Security Profile to be sure it is accurate and complete with all pertinent information and documentation will go a long way.  Preparing documentation, videos, pictures, etc. of key areas of the facility will also help facilitate the validation and streamline the time spent in the virtual setting (if applicable).  The virtual validation process is expected to mirror the onsite validation process as closely and to extent possible.  Testing capabilities ahead of time will serve the process well and ensuring that all key players and representatives are present for the validation.

Q:  In view of COVID upsurge, will sea carriers be validated virtually?

A:  Sea Carriers will likely be on the 2022 validation cycle.

Q:  Is the frequency for validations to foreign manufacturers will change from what we had pre-pandemic?

A:  Frequency will stay the same.

Q:  Will CTPAT continue to revalidate on a 4 year cycle?

A:  The 4-year cycle/frequency will remain the same.

Q:  Anniversary date of our company is every March, should we prepare for a virtual validation this year or we wait for 2022?

A:  Validation is based on your last validation not your yearly anniversary.

Q:  Among 1000 virtual validation cases, are they all virtual revalidations? Any new applications being validated?

A:  Yes, they are all virtual validations.  No, newly certified entities are not being virtually validated at this time.

Q:  Can we have some lessons learned sharing to illustrate the virtual validation procedure guided in the WCO AEO Implementation and Validation Guidance?http://www.wcoomd.org/-/media/wco/public/global/pdf/topics/facilitation/instruments-and-tools/tools/safe-package/aeo-implementation-guidance.pdf  -

A:  In keeping with the onsite validation process, communication and preparation are key, with both the SCSS and the business partners/providers that will be a part of the validation.  Paying close attention to the CTPAT Security Profile to be sure it is accurate and complete with all pertinent information and documentation will go a long way.  Preparing documentation, videos, pictures, etc. of key areas of the facility will also help facilitate the validation and streamline the time spent in the virtual setting (if applicable).  The virtual validation process is expected to mirror the onsite validation process as closely and to extent possible.  Testing capabilities ahead of time will serve the process well and ensuring that all key players and representatives are present for the validation.

Q:  How often are validations scheduled? Every 2 years or based on risk?

A:  CTPAT validations operate on a 4-year cycle.

Q:  Is CBP's strategy on-going to perform foreign validations on-site even if your partner company is AEO certified?  Or would this be under consideration for a virtual validation?
A:  If they are a partner with an MRA then we may not have to visit the partner.  We could accept the validation from the local Customs AEO program.

Q:  Is there any guide already developed to prepare for a virtual validation?

A:  We will be working on one

Q:  Will virtual validations be performed on companies who are not previously visited?

A:  No, limited at this time to previously validated partners.

Q:  Is there a difference between in-person paperwork vs virtual?  What are the points on being prepared ?

A: The questions should be the same. There may be a few pieces that need to be addressed in a virtual setting, but more or less the same.

Q:  Can we get a typical virtual validation agenda/process? Is there a pre-virtual validation prep guide?

A:  Typically, your SCSS will provide prior to your validation.  However, we will work on that as a takeaway.

Q:  In regard to CBP requests for virtual validations for a supplier of a CTPAT company and they refuse due to COVID or lack of personnel?  How is this handled by CBP?

A:  These are handled on a case by case basis.

Q:  Throughout 2021 and 2022, the validations are going to be performed in both formats right, on site and virtual?

A:  We are evaluating the likelihood of on-site validations later this year. and next year we also hope to do both type.

Q:  If a company has not been validated yet, will these companies be also programmed for a Virtual Validation?

A:  No, first time visits will be conducted in person

Q:  How far in advance will the company be notified of the virtual validation?

A:  Communication on both sides – the SCSS and the company POC – are integral components of the validation process.  Partners can review their scheduled validation year in the CTPAT Portal and an initial automated notification will go out to the partner once the validation has been initiated by the SCSS.  Additionally, a virtual validation notification letter is being sent by the SCSS to inform the company of the pending validation.  Close communication is key prior to, during, and after the validation process.

Q:  Virtual Validation for an importer, will it include conducting a virtual validation for a foreign site?

A:  Yes, it will

Q:  How will supplier validations be handled virtually?  Specifically, considering the time difference and the fact that validations normally take several hours.

A:  The SCSS will work with you and them to find an appropriate time.

Q:  Who will be conducting the virtual validation?  Will it be our assigned SCSS?

A:  Yes

Q:  I understand from a previous answer that if we have not had our in-person validation yet, we would not expect to have a virtual validation.  Is that correct?  We started CTPAT in 2019 and our validation was delayed due to COVID.  Is it likely that we won't have a validation until 2022?

A:  That is likely going to happen but depends on where you are located.

Q:  Are the CTPAT certified companies located in travel deferred areas able to receive the virtual validation?

A:  No, at this time high risk supply chains – including certified partners - are not eligible for the virtual validation process.

Q:  Is it possible for virtual validation to be performed in more than one session?
What characteristics must a company have to apply more than one virtual session?

A:  Yes, virtual validation can be broken up into multiple sessions to facilitate and streamline the process.  Supply chains or validations that are more complex or that involve the review of multiple facilities may require additional sessions.  The SCSS and the company POC should communicate and develop an approach for this.

Q: What up front expectations should we be receiving from our SCSS when preparing for a Virtual Validation?  I only have a date at this point but no communication what to prepare.

A:  Please engage with your assigned SCSS to discuss the finer details of the virtual validation, which will closer mirror previous validation work, and to discuss the scope, flow, and agenda for the validation.

Q: How are you putting 'eyes on' to validate the information you are provided.  Virtual tour of the site?  How does that happen?

A:  The assigned SCSS will first review the CTPAT Security Profile to assess the partner’s supply chain security program and to identify key areas for the validation.  Communication and document exchange prior to the validation is helpful and allows the opportunity to focus the validation where it needs to be.  In the virtual setting, partners have shared documentation, videos, pictures, etc. ahead of time, as well as during the virtual validation, to provide an overview of the entire operation.

Q:  Is it mandatory for virtual validation to be recorded?

A:  No, there is no requirement for the virtual validation to be recorded.

Q:  Our last virtual validation (from the Miami CTPAT team) lasted for about two hours and was fairly thorough.  We reviewed the online security profile and documents that had been loaded to the shared documents.  I was surprised to see that there was no request to show live shots through a camera or at least show video of container inspections, security process, etc.  Is that being considered, especially for Tier 3 validations?

A:  As everyone adapts to this new virtual environment, CTPAT encourages the use of technology and other such tools to enhance the validation process and to provide more insight on a particular facility’s cargo flow and security layout. 

Q: We are in Asia (Thailand, Hong Kong & China), how do we overcome the time differences (12-16 hours) when we do the virtual revalidation?  Many of our documents are in local language and does it work?

A:  CTPAT is conducting validations across the globe and will work with the company’s teams to adjust to the various time zones to accomplish the mission.  For the validation, it is most effective to have the documentation presented in English or to have a translator present to assist.  Contact your assigned SCSS to work out these details in advance of the validation.

Q: As a Tier III CTPAT member, due for validation in Sept. 2020, when can we expect our validation?

A:  Please contact your assigned SCSS for more details on the upcoming virtual validation.

Q:  We are tier III and had a physical validation overseas three years ago.  When should we expect the next validation (virtual or physical) overseas or domestically?

A:  CTPAT operates on a 4-year validation cycle, so anticipate a revalidation in that time frame.  The assigned SCSS will collaborate with the company to discuss the approach and scope of the validation process.

Q: With this Virtual Validations, will you accept new applications for CTPAT in Mexico?

A:  CTPAT is currently accepting applications to the program.  This has not changed.  However, newly Certified companies will not undergo a virtual validation at this time.

Q: Being a cross border carrier with facilities in USA and Mexico, could our in person validation potentially be this year since it can take place on the US side?  This would be our first validation.

A:  CTPAT is hoping to resume travel as soon as possible, but at this time validations are only being conducted virtually for previously Validated members.

Q: Did I hear you correctly that you are only doing virtual validations for US based companies? Was difficult to ascertain with the background noise.

A:  No, virtual validations are not limited to U.S. based companies.

Q: Hello, I know that virtual validation for the moment is only to validated members, but do you have a plan to validate the members that have no visited if the status of pandemic does not allow site visits for the next year?

A:  CTPAT is continually assessing the current situation as it relates to the pandemic and hopes to resume travel as soon as it is safe to do so.  In the meantime, the virtual validation platform remains active.

Q: Will all new CTPAT Highway Carrier applicants will only be issued FAST benefits until they have been validated in person?  Virtual validation will not be acceptable?

A:  Yes, at this time, newly Certified members will not be virtually validated.  Highway Carriers require the completion of a successful validation in order to receive full benefits.

Q:  Reynosa, Tamaulipas Mexico is considered as a "high risk location."  Are we going to have the virtual validation also next year?

A:  At this time, virtual validations are not performed for areas of heightened security concern and supply chains that are deemed as high risk.  In lieu of this, CTPAT encourages companies located in these areas to consider joining the local Authorized Economic Operator (AEO) program to further strengthen its supply chain security posture.

Q:  With these changes (virtual validation), when will you begin to accept border companies and ineligible areas?

A:  At this time, virtual validations are not performed for areas of heightened security concern and supply chains that are deemed as high risk.  In lieu of this, CTPAT encourages companies located in these areas to consider joining the local Authorized Economic Operator (AEO) program to further strengthen its supply chain security posture.

Q:  Are virtual validations made with the previous agents that we conducted our previous audit/validation with?  Are we still able to reach out to someone for hands on guidance and clarification prior to?

A:  Yes, the assigned SCSS for the company will conduct the virtual validation and remains the most valuable resource for CTPAT members.

Q:  Can the virtual validation be resumed if it wasn't completed in one session?

A:  Yes, virtual validations can be divided into multiple sessions to accommodate scheduling issues and unforeseen circumstances. 

Q:  We have completed a virtual validation and it went fairly well.  We received a couple of recommendations and required actions.  We have been able to comply with every item, except one and the SCSS is not providing flexibility.  This item will cost us a fortune and is not practical for our business practices to implement.  Is there anything we can do or anyone else we can speak with to discuss.  We are a carrier and must have this certification to keep our business partners.

A:  Depending on the nature of the finding, especially if it is a requirement, lack of implementation within the supply chain operation may pose a significant security risk to both the company and to CBP.  However, CTPAT encourages collaboration with the assigned SCSS to find innovative ways to address such challenges.  If warranted, a Supervisory SCSS is available to assist in these matters.

Q:  If an organization has participated in a live validation (e.g., 2018) and is due to have a virtual validation, is not the basic foundational question that should be asked "Have any facets of your business changed that would impact your Security Profile?"  If an organization can state categorically no, does this not streamline the validation process to minimize time, commitment from internal resources, etc.?

A:  CTPAT issued newly strengthened Minimum Security Criteria (MSC) for implementation in 2019 and for validation in 2020.  As a result, new areas were introduced and many existing areas were strengthened, requiring a reassessment of each member’s supply chain security framework.

Q:  What is the vision of CTPAT validations going forward?  For example, will virtual validations replace face-to-face on-site Customs validations or perform relevant verification activities in a hybrid approach?

A:  Virtual validations will continue to be available to CTPAT and its low risk members going forward and will be determined on a case-by-case basis in order to accomplish the program’s annual goals.

Q:  Does CBP plan to post a virtual validation agenda template or preparation roadmap?

A:  The virtual validation process will follow closely the onsite validation process that has been in place since the program’s inception.  A CTPAT team is currently assembled to review preparation techniques and tips.  However, by paying close attention to the details of the CTPAT Security Profile, in combination with a close review of the Minimum Security Criteria (MSC), partners will be well-positioned for a successful revalidation process, similar to the previous validations that have been performed.  CTPAT strives to ensure there is scalability in the MSC and for each partner’s particular supply chain security framework. 

Q:  When I've had reps in previously, we went to different locations of our facility.  How is this handled in a virtual validation?  Are we required to have a laptop instead of a desktop system?

A:  The virtual validation allows for the online collaboration of multiple facilities and personnel.  Whichever form of technology the company wishes to use to attend the validation, should be able to be accommodated.

Q:  Does CBP plan to post a virtual validation agenda template or preparation roadmap?  I think that would be very helpful toward preparation.

A:  CTPAT is currently working on developing materials to assist with validation preparation.

Q: We are a new member as of January 2020 and have yet to be validated.  Should we expect a virtual validation or will we be in queue until you resume on site validations?

A:  At this time, CTPAT certified members, including newly Certified members, will not be visited virtually.  CTPAT hopes to resume onsite validations as soon as feasible.

Q:  If we have a re-validation date of 2023, could we still have a virtual validation during this year or in 2022?  Or it will be until the date mention in the CTPAT Portal?

A:  Expect the validation to occur in 2023 unless otherwise notified by the assigned SCSS.

Q:  Are tentative validation years going to be potentially postponed at all due to the virtual validations?  Or is the tentative year still reliable?

A:  Virtual validations provide CTPAT with a mechanism for the continuity of its operations despite the pandemic.  All efforts will be made to keep CTPAT members in their current validation schedules.  For specifics for your organization, please reach out to the assigned SCSS.

University of Houston Study

Q:  Any update to the University of Houston in-depth assessment of the CTPAT Program?
A: we are working that with three CTPAT teams and we should have something that we can post in a few weeks as for status.

Q:  Virtual Assessments aside, how do I (or CBP) measure whether I am actually benefitting in my C-TPAT participation with regards to 'reduced inspections and expedited releases' as the program boasts?  I cannot find any specific metrics anywhere on this.  Answering this first will help me determine if the effort is worth continuing participation in the program and going through this new virtual validation process.

A:  CTPAT remains a voluntary program and there are many reasons, as well as benefits, for participation.  Participation in the program ultimately remains a business decision.  The recent University of Houston study that was disseminated in 2021 explores the CTPAT program, its strengths, weakness, areas for improvement, and overall assessments provided by input from within the program, the CBP ports of entry, and its 11,000 plus members in 12 industry sectors

CTPAT Validation Requirements

Q:  I am from Monterrey, Mexico, and I want to know why you request the procedures in English.  I mean, I understand that Q&A must be populated in English but the procedures should be too?

A:  For our CTPAT partners we do require documents in English as not all SCSS speak or read Spanish.  If the company we are to visit in a foreign location is not in CTPAT then we don’t need it in English but someone must translate for us.

Q:  Can you speak to the differences between interpretation and application of the MSC between SCSS and Field Offices?

A:  The virtual validation process will follow closely the onsite validation process that has been in place since the program’s inception.  A CTPAT team is currently assembled to review preparation techniques and tips.  However, by paying close attention to the details of the CTPAT Security Profile, in combination with a close review of the Minimum Security Criteria (MSC), partners will be well-positioned for a successful revalidation process, similar to the previous validations that have been performed.  CTPAT strives to ensure there is scalability in the MSC and for each partner’s particular supply chain security framework.

Q:  Should we send our response to the virtual validation report and cover letter from Mr. Garza to the physical address on his letter or is uploading it to the document section of the CTPAT Portal enough?

A:  Uploading is all you need to do – and communicate with your SCSS.

Q:  My company received CTPAT validation (in person) in 2019.  Validation is due in 2023, correct?  Will it likely be virtual since the initial one was in person?

A:  Yes, CTPAT operates on a 4-year cycle.  A determination will be made by CTPAT at that time on the type of validation the company is eligible for and it will be communicated ahead of time.

Q:  The CTPAT program is principally for cross the border Mexico to USA, so if we have a CTPAT yard in California, will be validate the same requirements that a Mexican yard?

A:  Highway carriers that perform active international crossings, whether located in the U.S., Mexico, or Canada, will expected to meet and maintain the CTPAT program’s Minimum Security Criteria for Highway Carriers.

Q: How does DHS select which domestic and international site will be assessed?  Is this based on numbers or it is randomly selected?

 A:  This decision will be a result of the collaboration between the company and its assigned SCSS, the information provided in the CTPAT Portal account, and will consider such factors as volume, risk, potential security concerns, and previous site visits, in determining the best approach.  Please contact your assigned SCSS for more information.

Q:  When undergoing a revalidation, there are times when there is a domestic and international validation.  Will both of these undergo a Virtual Validation (VV), In Person, or Hybrid of in-person and VV?

A:  For specifics affecting your particular company, please reach out to your assigned SCSS.  At this time, if the company is eligible for the virtual validation process, these visits will be held virtually.

Q:  For CTPAT validations, do the validators make use of a standard “Implementation and Validation Guidance” or “Risk Matrix?”  If so, how rigid would the validator keep within the confines of these guidelines given the complexity of different supply chains?  Also, do the guidelines use a scoring system, or is the emphasis on the validator to make a call in the instances of identifying a level of risk?  

A:  The virtual validation process will follow closely the onsite validation process that has been in place since the program’s inception.  A CTPAT team is currently assembled to review preparation techniques and tips.  However, by paying close attention to the details of the CTPAT Security Profile, in combination with a close review of the Minimum Security Criteria (MSC), partners will be well-positioned for a successful revalidation process, similar to the previous validations that have been performed.  CTPAT strives to ensure there is scalability in the MSC and for each partner’s particular supply chain security framework.  This link - provides guidance on the validation process as well as the development of a risk assessment that can be applied and customized to the company’s particular supply chain.
Q: We have corporate human resources and they are not located on site.  We do not have one human resources person assigned to us.  What do we do in this case?

A:  This scenario is best to be discussed with the assigned SCSS.  However, in this case, be prepared to discuss the details of the human resources policies and procedures that do affect the particular facility in question.  The company may also elect to have a representative present from corporate to cover additional details. 

Q: Are port terminals (CTPAT validated) required to validate the ocean empty container before it is returned back to port terminal, to ensure it is really empty?

A:  To the extent possible, CTPAT members are expected to ensure that instruments of international traffic (IIT) are verified for integrity and are free from compromise.

Q: How much of a backlog in validations are you dealing with?  If a revalidation is due this year, will it still take place this year or is it going to get pushed to 2022?

A:  CTPAT continues to use the tools available to complete its validation requirements and to do so in a way that maintains the program’s integrity.  For specifics on a company’s validation time frame, contact the assigned SCSS.

Q:  Our profile shows next validation is 2018.  We have never been contacted.  What would the reason be for the delay?

A:  Please reach out to your assigned SCSS for more details on the company’s validation cycle.

Q:  I have status "Validated" on my security model.  This was from May of 2021.  However, I have next tentative validation is "2021.”  Does that mean I will have another validation this year? I am in Canada.

A:  The status “Validated” reflects your current standing in the program.  Being that CTPAT runs on a 4-year cycle, if the company’s last validation took place in 2017, then the company would be revalidated in 2021.

Q:  Is it possible to have a time window of sorts to when we can expect to be validated?

A:  Please reach out to your assigned SCSS to find out more about the company’s validation timeline.

Q:  Being an importer during COVID, are we still expected to do verification visits to our suppliers concerning their own site security?  We do Supplier Supply Chain Security Questionnaires yearly, but we are currently not visiting any foreign sites due to the COVID pandemic and, as far as I know, most of the warehouses do not have the ability to be able to do a virtual walkthrough.

A:  To the extent possible and based on risk (risk assessment), CTPAT encourages companies to leverage the technologies available to it and to its business partners, to ensure that supply chain security efforts and the CTPAT MSC remain in place.

Q: How is CBP selecting the foreign supplier for importers?

A:  The assigned SCSS will review the information submitted in the CTPAT Security Profile to begin the assessment, which includes a review of the risk assessment, import volume, sourcing, and other such factors to determine the initial scope of the validation.  The next step is to discuss the location and scope of the validation process with the CTPAT member and to coordinate the validation.

Q: As a smaller company participating in CTPAT (48 employees), it is difficult for us to meet the same standards as larger companies.  It seems like this process was developed for larger companies; therefore, it becomes difficult to companies like mine that don't operate in the same ways as larger companies but are expected to have the same type of documentation. How can this be resolved?

A:  Paying close attention to the details of the CTPAT Security Profile, in combination with a close review of the Minimum Security Criteria (MSC), members will be well-positioned for a successful validation process.  CTPAT strives to ensure there is scalability in the MSC and for each partner’s particular supply chain security framework.  This link - provides guidance on the validation process as well as the development of a risk assessment that can be applied and customized to the company’s particular supply chain.  Close cooperation with the assigned SCSS in the review and implementation of appropriate security measures throughout the company’s respective supply chain is the most critical aspect of the CTPAT program.

Q:  I assist a transport company that has been certified since 2019 but haven't received a validation visit or virtual validation.  Does this affect their status?

A:  Given the current pandemic, CTPAT worked hard on a program resumption plan in 2020, which includes the implementation of virtual validations for its Validated members to ensure the integrity of both the program and supply chain security.  To the extent possible and practicable, CTPAT will work as diligently as possible to ensure all requirements set forth by the SAFE Port Act are met in a timely manner.

Q:  How long does CBP consider unacceptable for companies to wait for validation?

A:  CTPAT strives to ensure its members are validated according to their specific validation cycles.  Deviations from that cycle will be reviewed on a case-by-case basis with all efforts made to minimize extended periods without a CTPAT validation.

CTPAT Eligibility and Certification

Q:  How long will it take for SCSS to complete initial CTPAT application and security profile response?

A:  It varies but you should have something no later than 90 days after submission.

Q:  Based on comments on having to adapt to a new environment as in the risks of pandemic and high-risk security zones (or no travel zones for specialists), will companies and/or applicants, in particular, located or based in no travel zones be (reconsidered) for eligibility and/or a validation?

A:  We are still working on that and should begin conducting a few tests later this year.

Mutual Recognition Arrangements (MRA) and Authorized Economic Operators (AEO)

Q:  What does the new CTPAT criteria mean in terms of Mutual Recognition Arrangement with the EU and others?  Is there an impact?

A:  International collaborative efforts continue with our MRA partners to ensure compatibility with CTPAT’s Minimum Security Criteria.  Work continues with the WCO for CTPAT’s MSC becoming the international standard.

Q:  The Tax Administration Service ("SAT Mexico") recently told us that they are still analyzing if the virtual validations by CTPAT will be considered for the Mutual Recognition Agreement. What can you tell us about it? 

A:  CTPAT is not aware of that.

Q:  As for background, we were informed by our SCSS that manufacturing sites in MX that are located in an area where CBP personnel are not allowed to travel to cannot be virtually validated. In the future, how is CBP going to handle validations for those sites?

A:  At this time, virtual validations are not performed for areas of heightened security concern and supply chains that are deemed as high risk.  In lieu of this, CTPAT encourages companies located in these areas to consider joining the local Authorized Economic Operator (AEO) program to further strengthen its supply chain security posture.

Q:  Would you consider placing a list of MRA's into the CTPAT web resources library?

A: CTPAT’s current list of MRAs can be found here - CBP MRAs.

Q:  We are located in Canada and are CTPAT/PIP certified, we use the CTPAT Portal for our security criteria.  We received notice that CBSA will be coming for an in-person validation this November.  Does CBSA and CBP harmonize their validations or will we still be getting a virtual validation from CBP?

A:  Please speak with your assigned SCSS for more details on this process for the company.  Generally, CTPAT and PIP will coordinate the cadence of validation visits in order to eliminate redundancy.

Q:  The Tax Administration Service ("SAT Mexico") recently told us that they are still analyzing if the virtual validations by CTPAT will be considered for the Mutual Recognition Arrangement.  What can you tell us about it?

A:  CTPAT has not had a formal discussion about this with its Mexico MRA partner.  CTPAT continues to perform virtual validations and to accept them as per the CTPAT Partner Agreement.

Q:  Will C-TPAT continue to accept PIP revalidations so as to not duplicate validation efforts?

A:  Yes, CTPAT works closely with its PIP counterparts to ensure duplications are minimized.

CTPAT Portal and Program Resources

Q:  Should we send our response to the virtual validation report and cover letter to the physical address on his letter or is uploading it to the document section of the portal enough?  

A:  Uploading is all you need to do - communicate with your SCSS.

Q:  Can I submit our security profile if we are past due now in making submission?

A: Yes, please submit it as soon as possible.

Q:  Are we restricted from using the CTPAT logo in internal marketing material and training material

A:  The CTPAT program is in the process of updating its logo for validated partners, which means the licensing agreement will also have to be updated.  Therefore, we are currently not accepting requests for its use until the licensing agreement has been revised.  When the program has the updated license agreement, and the logo is ready for dissemination, CTPAT partners will be notified.

Q:  Our law and cybersecurity groups are very concerned about placing our proprietary SOPs on the Portal.  Threat actors can compromise any environment in today’s threat landscape.  What assurances can you give on the security of the portal so that our control environment is not are risk?

A:  The CTPAT Portal remains a secure platform for data exchange.  If there are significant concerns about posting highly sensitive materials, speak to your assigned SCSS to discuss alternatives.

Q:  Are there resources being put in place to further enhance the CTPAT Portal and support its ability to organize the information/ documentation.  For example, a cleaner way to connect uploaded documentation to the criteria in the profile and archive outdated or replaced documentation

A:  Efforts continue to modernize the CTPAT Portal experience and this suggestion will be taken into consideration.  In the meantime, the company can speak to its assigned SCSS to remove outdated documents, if that’s the concern.  Otherwise, the ability to archive documents can be considered in the construction of the new CTPAT Portal.

Q:  I have an additional plant that we are opening here in Mexico – an additional building under same foreign manufacturer.  We are already certified, so how can I add this facility to our profile?  Or should I create an additional account?

A:  Please reach out to your current SCSS to discuss the details of this and a path forward.

Q:  Will we be given the ability to archive outdated documents we have in our portal?  I thought that was going to be rolled out during the portal upgrade.

A:  The company can speak to its assigned SCSS to remove outdated documents if that’s the concern.  Otherwise, the ability to archive documents can be considered in the construction of the new CTPAT Portal.

Q:  Is there a 17-point inspection sheet custom for open deck carriers?  I always see more "container" and "dry van" sheets, but it would be more suited to our company if deck freight/trailers could be considered. If there is one, could someone please point me in the right direction?

A:  This suggestion will be taken into consideration for addition to the CTPAT Resource Library located at CTPAT Resource Library and Job Aids

Q: In the case where a sub-category (such as the selection of business partners) requires a written procedure/SOP, and companies cannot produce such documents (i.e., in the case of small entities), what assurance would CTPAT accept in these instances?

A:  While CTPAT promotes scalability within its program and with respect to the CTPAT MSC, if the criteria call for documentation, the expectation is that it will need to be in place.  For more specifics, contact the assigned SCSS.

CTPAT Trade Compliance

Q:  Any news update on CTPAT Trade Compliance coming online?

A:  The CTPAT Trade Compliance Program is now active but is currently not accepting new applicants.  CTPAT Security is accepting new applicants to the CTPAT program. 

Miscellaneous

Q: When do you see CBP starting to conduct in person Interviews for drivers to obtain a FAST card.

A:  It depends what side of the border you are on - some southern borders have opened already

Q:  We are in the process of a merger with another CTPAT member, but it is not finalized due to governmental approvals. We expect it to finalize before our next validation. Would we be folded up in the acquiring company for validation or continue with our separate pre- merger validation?

A:  For more information on this, as well as options, please contact your assigned SCSS.

Q:  Homeland Security just issued a new National Terrorism Advisory System bulletin which increases the threat of targeted violence as we approach 9-11 anniversary.  Are cargo screenings being increased to ensure the supply chain isn't compromised?

A:  CBP remains vigilant at all of its ports of entry and ready to respond to threats posed to the homeland.  CBP will rely on its current layered approach to ensure that cargo is effectively screened and that the twin goals of facilitation and security are top priority, whatever the climate.

Q:  Do you see any change to the CTPAT certification due to the initiative to consider the MX drug cartels as terrorist groups by the US government ?

A:  No, not at this time.