Validations are a vital step in securing a company’s CTPAT status and allow program members to advance to or maintain Tier 2 – Certified Validated status within the program. CTPAT validations center on a company’s security profile, which is maintained in the CTPAT portal—a web-based database that allows CBP to verify program members’ supporting documentation. As CBP prepares to increase the number of in-person validations with the easing of pandemic-related restrictions, companies should ensure that they’re ready for external review of their compliance program.
Onsite Validation vs. Virtual Validations
All member companies are required to submit their security profile on an annual basis and undergo a validation at least once every four years (as required by the Safe Port Act). CBP conducts these assessments on-site or virtually; if all program requirements are met, companies maintain a validated status. The first step is to understand the different formats in which CTPAT validations are performed and how they might affect your preparation process.
What to Expect During Your CTPAT Validation
CTPAT virtual validations are here to stay. While new CTPAT members undergo in-person validations, CBP has confirmed that CTPAT virtual validations are here to stay for some veteran members. Be sure to check with your Supply Chain Security Specialist (SCSS) to determine if your validation will be in person or virtually this year, as each format brings its own types of challenges.
During a CTPAT validation, your SCSS will examine your company’s processes and evidence of implementation for compliance in areas such as:
- Commitment of upper management to promoting a culture of security
- Risk assessment
- Business partner screening
- IT infrastructure and protocols
- Conveyance and logistics security
- Physical security and access controls
- Employee education and training
INSIGHT | Virtual Validations Checklist
The CTPAT Web Portal
An issue that frequently affects the success of validations, regardless of their format, is outdated or conflicting information within their security profile due to changes in company policy or their supply chain that have not been effectively communicated to CBP. Companies must upload and associate updated documentation about their operations the CTPAT web portal as their processes and supplier networks evolve. The web portal also serves as a communication platform between the program and its members to inform them of their current status and whether they need to make any changes to procedures.
Preparing for CTPAT validations can be the most challenging part of the CTPAT process, but it can also be the most rewarding. You can prepare yourself and your team with routine internal reviews and training. We understand that there are nuances for each company that can complicate these processes. Our CTPAT team is here to help. If you would like extra assurance while preparing for your next validations, get in touch.
The CT Strategies team of former CBP CTPAT Supply Chain Security Specialists (SCSS) and Directors help companies successfully navigate CBP’s CTPAT program. Using insights from over 80 years of combined CBP operational and policy knowledge, we leverage our first-hand CTPAT supply chain security experience and connections to current CBP leadership, so you can save time and money and get the most out of your CTPAT membership.