In April 2024 the United States Department of Transportation finalized new requirements for the safe transportation of hazardous materials (Hazmat HM-232). HM-232 requires shippers and transporters of hazardous materials to create a formal, written security plan to prevent equipment or cargo from being used as weapons in terrorist attacks. According to the law, the plan must also be updated at least annually and all employees must be aware of the plan.
What is required in a Hazmat security plan?
According to guidance from the TSA in the Enhanced Security Brochure, the following elements are required in the Hazmat Security Plan.
Risk Assessment – An assessment of transportation security risks for shipments of hazmat listed in §172.800,
Security Responsibility – Appointment of a senior official responsible for the plan. This includes specific security duties for each position/department responsible for implementing the plan
Specific Security Topics – The law suggests that the plan must address – at a minimum – these core elements of security: Personnel Security, Access Controls and En-Route Security. Note: These controls are typically part of written Information Security Policies.
Plan Implementation – Implementation and tracking of the specific plan elements
Training – A plan for training hazmat employees in accordance with specific requirements §172.704(a)(4) and (5)
Formal Review and Update – The law requires that the plan must be “formally written” and updated on a regular basis or at least annually. It also requires that management keep copies of the plan and make them available to all employees.
In addition to these core elements, Persons responsible for developing/implementing a security plan must maintain copies, including electronic, that are accessible at/through their place of business, or make available, upon request, to authorized officials of DOT or the Department of Homeland Security.
How do we develop a written security plan for Hazmat 232?
We suggest that you start with a “Security Plan Template” that has an outline of all the key elements. Compliance automation software (like ComplianceShield) can help save thousands of dollars by providing templates for security policies, training, and program tracking.
Suggested HAZMAT Security Measures
In addition to the main plan elements above, the TSA recommends that an effective plan consider the following areas.
Personnel Security – Be aware of the possibility that someone you hire may pose a potential security risk. There are a variety of screening options available, including security policies for ongoing training and awareness.
Unauthorized Access – Be aware of who has access to critical systems and facilities. This includes both physical and “logical” access to systems that manage or control routing and materials.
En Route Security – Shippers and carriers should work together to assure the security of hazmat shipments “en route” from origin to destination. This includes a variety of physical protection measures to stop interception or re-routing of materials.
Simplify HAZMAT Security Plan Implementation
ComplianceShield is a software tool that helps any organization streamline the development and management of a security plan. It contains a library of Sample Security Policies that can be used to develop and document the plan. It also contains a library of “pre-written” security job descriptions as required in the plan. ComplianceShield also enables management to distribute the plan and formal training to all employees through a secure User Portal. Need more information? Contact us for a free demo and trial of ComplianceShield.