490 likes | 1.7k Views
TRANSPORTED ASSETS PROTECTION ASSOCIATION (TAPA): STANDARDS, GUIDELINES, AUDITS AND HISTORY. The 5 th China Air Cargo Summit Novotel Baiyun Airport Guangzhou 26-27 March 2008. Membership Across Industries. Back. How Did TAPA Evolve?.
E N D
TRANSPORTED ASSETS PROTECTION ASSOCIATION (TAPA): STANDARDS, GUIDELINES,AUDITS AND HISTORY The 5th China Air Cargo Summit Novotel Baiyun Airport Guangzhou 26-27 March 2008
How Did TAPA Evolve? • The association was co-founded by Gary Alton (Compaq), Don Greenwood (Sun Microsystems) and Steve Lund (Intel Corporation). • In July 1997, the first meeting was held with the focus on determining losses throughout the high tech industry. The response was overwhelming and a benchmark study was conducted. • At the first meeting, 35 security professionals gathered and agreed to develop contract language, assessment detail, audit protocol, and to formally organize as an association with a set of governing by-laws.
Year FSR 2007 deployed; HFSR developed; TAPA SA formed. TAPA Roadmap 2007 • Expiration work for Airport Cargo Handling Agencies • TSR 2006 deployed 2006 • Truck Security Requirements developed • FSR 2005 deployed 2005 • Survey of members proves financial benefits of using TAPA standards by reducing losses 2003 CONTINUOUS IMPROVEMENT • Memorandum of Understanding agreed with 3 TAPA audit bodies (QMI, BVQi & SGS) 2002 • First FSR Certification audits conducted 2001 • TAPA EMEA formed • TAPA Asia formed 2000 • 1st TAPA meeting in USA attended by 37 representatives from the high tech industry 1997
“ we cannot simply rely on Security hardware without standards as people are reliably unreliable and inconsistent”
What is TAPA? • TAPA’s purpose is to address the ongoing security threats that are common to the industry. • The Transported Asset Protection Association is an association of companies: • Security/logistics professionals from high technology and high value shipment companies. • Freight services industry companies. • Useful organisations & associations that support TAPA aims.
What TAPA is Not; • Not a Forum for “blacklisting” of suppliers: • Information sharing is done on criminal activities, standards and BKM’s (Best Known Methods), not on any supplier performance issues. • Not a Forum for comparison of industry/supplier losses: • Loss information shared but individual companies not identified. • Not a Guarantor of business: • Freight Services Supplier compliance to standards can help win/retainbusiness but this is gauged independently by their customers not TAPA. • Not cost-prohibitive: • Security requirements meet multiple customer requirements.
TAPA Objective; • Develop and utilize common tools (FSR/TSR, contract language, assessment protocol) to: • Increase security awareness and communicate Best Known Methods (BKM’s) to industry and supplier base. • Industry forum to evaluate effectiveness, pursue continuous improvement and set future goals.
In Asia, TAPA membership breakdown as follows : • Total : 766 individual members • Suppliers: 70% • Buyers: 10% • Others: 20% • Japan Chapter • Annual General Meeting – Taiwan – Nov 2007
Freight Security Standards (FSR) • On-line self update being setup for Audit Companies to perform self-update of certified sites in Asia • Proposed that Audit Companies attend WWC meeting and present their audit results and highlight areas for improvement.
Before TAPA FSR was available… The TAPA evolved because:- • Buyers want to know if the supply chain is secure; • Each buyer may assess supplier security. • Different assessment formats used. • Multiple requirements & not always possible to maintain compliance. • Not a cost effective way to manage security risks.
Facility Assessment ModelBefore FSR was available Buyer 1 Buyer 2 Buyer 3 Buyer 4 Buyer 5 Buyer 6 assessment 1 assessment 2 assessment 3 assessment 4 assessment 5 assessment 6 Freight Forwarder / Carrier To many audits over the year; All different sorts of audits.
The TAPA FSR Assessment Model; • Buyers want to know if the supply chain is secure; • Buyer defines appropriate TAPA security level: A, B or C. • A or B requires TAPA audit body certification. • C requires supplier self or third party assessment. • Audits (by in depended audit body) every 2 years. • Standard assessment form used. • Standardised requirements. • Cost effective way to manage security risks.
Supplier Facility Assessment Model Buyer 1 Buyer 2 Buyer 3 Buyer 4 Buyer 5 Buyer 6 TAPA authorized auditor Only one audit form used: Results of one audit can also be used for other customers. Freight Forwarder / Carrier Some Buyers may require visits to assess vulnerabilities of their products requiring enhancements above TAPA standards but level and intensity of visits are reduced
Freight Security Training Contractual Language Standard Assessment Protocol Consequences Investigations Freight Security Requirements
Without : Standard Assessment Protocol Contractual Language The Consequences are:
TAPA TAPA National Security Program NASP National Security Program Customs-Trade Partnership Against Terrorism/C-TPAT Security Management TAPA = Technology Asset Protection Association
Deterring Freight Crime; Guards Procedures /controls Monitoring/Investigation Physical barriers Front-end Mitigation (BI, liability agreement etc.)
Documentation Freight Security Requirements: Specific required security elements, with functional descriptions, measurables. Contractual Language: Performance expectations and effects of non-compliance. FSR/TSR as addendum. Standard assessment Protocol: Standardized worksheet. Standardized scoring. Standardized reports. Processes Consequences: Corrective actions. $ reimbursement consistent with value. Termination of contract. Training: Internal and Supplier. Requirements and assessment. Investigations: Roles and responsibilities after loss. Recovery of property and apprehension of thieves. Elements of a Good Freight Security Program
FSR Assessment Areas 1. Perimeter Security 2. Access Control – Office Areas 3. Facility Dock/Warehouse 4. Security Systems 5. Security Procedures 6. Standard Truck Security 7. Pre-Alerts 8. Enhanced Security Requirements
How to Use The Assessment Form • Summary • Total possible points: A=146; B=116; C=68 • Summary ratings are based on a Percentage Range in addition to meeting all Mandatory Requirements (M): • PASS: 60%-100% AND meets all (M)* • FAIL: < 60% OR did not meet all (M) * = Including approved waivers
How to Use The Assessment Form • Scoring • 0 = Process or procedure not present or utilized- no plans to implement • 1 = Process or procedure generally present or utilized, occasional gaps or lapses and plans in place to enhance • 2 = Firmly in place and adopted as standard business practice • X = Does not apply, does not increase nor decrease security level
The Assessment Form Completed Assessment Form