C-TPAT AUDIT - ENGLISH

• Document No.

• Audit Title

• Client / Site

• Conducted on

  Date

• Prepared by

• Location
  Address

• Personnel

1. RISK ASSESSMENT

• 1.1 Does the company conduct an annual Risk Assessment?

  Yes

  No

  N/A

• 1.2 Does the company have written procedures on how to identify risk and how to conduct a 5 step risk assessment?

• 1.3 If the previous answer is YES, where are procedures located?

  Security Manual

  Electronic File

  Other

• 1.4 How often is the Risk Assessment conducted?

  Select Once a Year Every 6 Months Every 3 Months Every 2 Months Once a Month Other

  • Once a Year
  • Every 6 Months
  • Every 3 Months
  • Every 2 Months
  • Once a Month
  • Other

• Specify date of last risk assessment.

  Date

• 1.6 Who conducts the Risk Assessment; if it's conducted by an external company please specify the name of the company.

• 1.7 Complete Supply Chain List: (Manufacturing Company/s, Transportation Company, Mexican Broker, US broker, Importer, etc.) Please specify which companies belong to the C-TPAT program.

• 1.8 Does the company have a flow chart?

  Off

  On

• OBSERVATIONS/RECOMMENDATIONS/COMMENTS

2. BUSINESS PARTNER REQUIEREMENTS

• 2.1 Does the company have written procedures on how to pre screen and select business partners?

  Yes

  No

  N/A

• 2.2 Have these procedures been reviewed?

  Yes

  No

  N/A

• 2.3 Does the company conduct security questionnaires to all of their business partners?

  Yes

  No

  N/A

• 2.4 Do written procedures include factors which could trigger additional scrutiny? Ex: One time business deals, cash payments, no physical address, etc.

  Yes

  No

  N/A

• 2.5 Are random business partner facility visits conducted?

  Yes

  No

  N/A

• 2.6 If so, are visits documented?

  Yes

  No

  N/A

• 2.7 Does the company have information about their business partners who are part of the C-TPAT program, such as SVI number, certification letter, Etc?

  Yes

  No

  N/A

• 2.8 (Continuing with previous question) How does the company receive such information? (security questionnaire, e-mail, contractual agreement, other)

• 2.9 Are SVI numbers monitored in the C-TPAT security portal? If the answer is NO please specify why SVI aren't being monitored by the company?

  Yes

  No

  N/A

• 2.10 If the previous answer is YES how often are SVI monitored?

  DAILY

  ONCE A WEEK

  ONCE A MONTH

  EVERY 6 MONTHS

  OTHER

• 2.11 If the previous question was answered OTHER please specify:

• 2.12 Does the company have written procedures with minimum security criteria that none CTPAT business partners should follow if not eligible to participate in the program?

  Yes

  No

  N/A

• 2.13 Type of confirmation none CTPAT business partners have with the company, to specify that they will comply with the minimum security criteria stipulated by the program.

  Select E-MAIL CONTRACTUAL AGREEMENT WRITTEN CONTRACT OTHER

  • E-MAIL
  • CONTRACTUAL AGREEMENT
  • WRITTEN CONTRACT
  • OTHER

• 2.14 If the previous question is answered OTHER, please specify:

• 2.15 Does the company have written contracts with each of their business partners?

  Yes

  No

  N/A

• 2.16 If the previous answer is YES, do these written contracts have minimum security criteria regarding CTPAT?

  Off

  On

• 2.17 The transportation used is:

  COMPANY OWNED

  SUBCONTRACTED

• 2.18 Is the transportation company part of the CTPAT program? If the answer is YES, please specify since when?

  Yes

  No

  N/A

• 2.19 Name or Names of Transportation Companies used for crossing, percentage of crossings they realize for the company and their CTPAT current status.

• 2.20 Is their a contractual agreement, or written contract between the highway carrier and the company?

  Yes

  No

  N/A

• 2.21 Must business partners specify If they belong to any other security program? (NEEC, BASC, etc.)

  Yes

  No

  N/A

• 2.22 Please provide a copy of security questionnaire.

  Media

• How often are security questionnaires updated?

  EVERY 6 MONTHS

  EVERY YEAR

  NEVER

• OBSERVATIONS/COMMENTS/ RECOMMENDATION

3A. TRANSPORTATION SECURITY.

• 3.1 Does the company have written procedures about transportation integrity and security before loading? (Tractor-Trailer-Bobtail-Van-etc.)

  Yes

  No

  N/A

• 3.2 Does the company use an inspection sheet for vehicle inspections?

  Yes

  No

  N/A

• 3.3 What type of inspection sheet does the company use?

  Select 17 Point Inspection 12 Point Inspection 10 Point Inspection 7 Point Inspection None of the Above Other

  • 17 Point Inspection
  • 12 Point Inspection
  • 10 Point Inspection
  • 7 Point Inspection
  • None of the Above
  • Other

• 3.4 If the answer to the previous question was "OTHER", please specify what type of inspection sheet is used.

• 3.5 Who does the vehicle inspections?

  Select Security Guards Company Employee Drivers Other

  • Security Guards
  • Company Employee
  • Drivers
  • Other

• 3.6 If the previous question was answered "OTHER" please specify who does the vehicle inspections?

• 3.7 Please specify what type of vehicles the company uses to transport merchandise to the United States.

• 3.8 When are inspections to vehicles done?

  Select When vehicles Arrive Before Loading After Loading When Leaving the Yard No Inspections are done

  • When vehicles Arrive
  • Before Loading
  • After Loading
  • When Leaving the Yard
  • No Inspections are done

• 3.9 Are random inspection held to ensure that vehicles are inspected correctly?

  Yes

  No

  N/A

• 3.10 Referring to the previous question, random inspections are documented.

  Off

  On

• 3.11 Does the company have CCTV cameras near or at the loading docks?

  Yes

  No

  N/A

• 3.12 Are drivers instructed to go directly to the US border without any stops after the vehicle has been loaded?

  Yes

  No

  N/A

• If the previous question is NO, please specify what stops the vehicles are instructed to do.

• 3.14 Does the company have written procedures to report to CBP US Customs in case of any anomaly, problem, suspicous activity, package or person?

  Yes

  No

  N/A

• 3.15 Written procedures are in place.

  Off

  On

• 3.16 Referring to the previous question where are written procedures found?

  Select Security Manual Electronically None of the Above

  • Security Manual
  • Electronically
  • None of the Above

• 3.17 Does the company use C-TPAT (ISO PAS 17712:2010)?

  Yes

  No

  N/A

• 3.18 What type of seals are used? Please pick more than one.

  Select Bolt Seals Cable Seals Padlock Seals Plastic Seals None of the Above

  • Bolt Seals
  • Cable Seals
  • Padlock Seals
  • Plastic Seals
  • None of the Above

• 3.19 If more than one seal is used, please specify when each seal is used and why.

• 3.20 Who is your seal provider?

• 3.21 Does the company have the seal's authenticity certificate?

  Yes

  No

  N/A

• 3.22 Does the company have any type of vehicle tracking device or procedures?

  Yes

  No

  N/A

• 3.23 If the previous answer is YES, please specify what type of tracking device or procedure does the company follow?

• 3.24 If the company uses a tracking log, please specify what type of information is filled in. (Date, Driver's Name, Vehicle Plates, Time of arrival at International Border, etc.)

• 3.25 The company has escorts following the vehicles bound to the United States.

  Off

  On

• 3.26 Does the company have a physical inventory for their C-TPAT seals.

  Yes

  No

  N/A

• 3.27 If the previous answer is YES, Is inventory is updated periodically?

  Off

  On

• 3.28 What type of communication do the drivers have with them? (Please choose more than one, if necessary).

  Select Frequency Radio Nextel Radio Cel Phone Drivers have no communication

  • Frequency Radio
  • Nextel Radio
  • Cel Phone
  • Drivers have no communication

• 3.29 Does the company have predetermined routes that vehicles must follow when in route to the International Border?

  Yes

  No

  N/A

• 3.40 Are drivers instructed to inform the company if any changes in their route to the International Border have been made?

  Yes

  No

  N/A

• 3.41 Are random inspection held to ensure that previous procedures are being followed correctly?

  Off

  On

• 3.42 Does the company have written procedures on seal integrity and VVTT?

  Yes

  No

  N/A

• 3.43 Please specify where seals are stored?

• 3.43.1 Is there a locking mechanism to where seals are stored?

  Off

  On

• 3.44 Please specify all documents (referring to shipments) that have the seal number. (P.O, E-Manifest, Inspection Checklist, etc.)

• 3.45 Where is seal verified? (Please select more than one if applicable)

  Select After Loading Before Leaving the Premises When arriving at International Border Never

  • After Loading
  • Before Leaving the Premises
  • When arriving at International Border
  • Never

• 3.46 Does the company use secondary seals?

  Yes

  No

  N/A

• 3.47 If the previous question is YES, does the company have written procedures which stipulate secondary seal usage, inspection, etc.?

  Yes

  No

  N/A

• 3.48 Since when is the company Certified with the C-TPAT program? If not yet certified, since when did the company begin with procedures to obtain such certification?

  Date

• OBSERVATIONS/RECOMENDATIONS

3B. DOCUMENT SECURITY

• 3B.1 Does the company have written procedures about documentation security?

  Yes

  No

  N/A

• 3B.2 Is sensible or important information kept in a secure area?

  Yes

  No

  N/A

• 3B.3 Please specify where the company information is stored?

• 3B.4 Has the company personnel been trained to identify suspicious activity, packages and or personnel?

  Yes

  No

  N/A

• 4B.5 Are there written procedures that specifiy to inform US Customs about any suspicious activity, package or person?

  Yes

  No

  N/A

• 4B.6 Are there written procedures to ensure that documentation is being filled out correctly in time and form?

  Yes

  No

  N/A

• 4B.7 Does the importer receive any information before the shipment leaves the premises?

  Yes

  No

  N/A

• 4B.8 Who is in charge of loading the conveyances bound to the US? (Please select more than one if applicable)

  Select Company Employees Security Guards Traffic Department Warehouse Personnel No one.

  • Company Employees
  • Security Guards
  • Traffic Department
  • Warehouse Personnel
  • No one.

• 4B.9 Please specify what type of documents is the company responsible of? (Purchase Order, E-Manifest, etc.)

• Especifique los procedimientos de conteo de mercancia y pesado de mercancia, previo a la carga.

4. PHYSICAL ACCESS CONTROLS

• 4.1 Does the company have security guards, or a security department?

  Yes

  No

  N/A

• 4.2 If the previous answer is YES, specify if they are company owned or subcontracted by an external company.

• 4.2.1 If subcontracted: specify what company provides this service.

• 4.3 Do security guards have uniforms?

  Yes

  No

  N/A

• 4.4 Do security guards (or the security department) have any form of comunication?

  Yes

  No

  N/A

• 4.5 Specify what hours and how many shifts do security guards have. (ONLY SECURITY GUARDS IF APPLICABLE)

• 4.6 Does the company have a security shack?

  Yes

  No

  N/A

• 4.6.1 If the previous answer is YES, please specify how many and where they are located.

• 4.7 Do security guards fill out an exit and entry log?

  Yes

  No

  N/A

• 4.8 Are security guards enabled to perform random inspections on vehicles that enter the premises such as visitors, employees, suppliers, contractors, etc.?

  Yes

  No

  N/A

• 4.9 Are security guards enabled to preform random inspections on transportation vehicles? (Bound to the US)

  Yes

  No

  N/A

• 4.10 Are security guards authorized to view and verify security cameras (CCTV)?

  Yes

  No

  N/A

• 4.11 Are security guards authorized to supervise truck and trailer inspections?

  Yes

  No

  N/A

• 4.12 Please specify how many employees (TOTAL) does the company have and how many shifts.

• 4.13 Does the company have any type of ID system? (ID Badges)

  Yes

  No

  N/A

• 4.14 Do all employees have company ID Badges?

  Yes

  No

  N/A

• 4.15 Please specify what type of information do EMPLOYEE ID BADGES have: (Name, Employee Number, Department, Photo, etc.)

• 4.16 All employees have uniforms?

  Off

  On

• 4.17 Are there any restrictions to employees inside the company premises?

  Yes

  No

  N/A

• 4.18 Please specify what type of access controls does the company have (ID Badges, Biometric, Electronic Key Cards, Keys, etc.)

• 4.19 Are there written procedures referring to the correct use, distribution and disposal of company property? (ID Badges, Keys, Computers, Phones, Etc.)

  Yes

  No

  N/A

• 4.20 Referring to the previous question, is there a written CHECKLIST used?

  Yes

  No

  N/A

• 4.21 Are all visitors given a Visitors Badge?

  Yes

  No

  N/A

• 4.22 Does the company have different ID Badges for contractors and or suppliers?

  Off

  On

• 4.23 Do visitor's badges differ from contractor's and/or supplier's ID Badges?

  Yes

  No

  N/A

• 4.24 Are all external visitors ID'd?

  Yes

  No

  N/A

• 4.25 Does the company use a visitors log?

  Yes

  No

  N/A

• 4.26 Referring to the previous question, please specify what type of information is logged into the visitors log?

• 4.27 Are all visitors escorted during their visit into the company premises?

  Yes

  No

  N/A

• 4.28 Does the company have Interns or Part Time employees?

  Off

  On

• 4.29 Referring to the previous question (IF APPLICABLE), do their ID Badge's differ from Full Time Employee badges?

  Yes

  No

  N/A

• 4.30 Does the company have written procedures on the correct removal of un-identified personnel inside the company premises?

  Yes

  No

  N/A

• OBSERVATIONS/RECOMENDATIONS

5. PERSONNEL SECURITY

• 5.1 Who is in charge of recruiting? (Specify if physical person or department)

• 5.2 Does the company have written procedures referring personnel recruiting?

  Yes

  No

  N/A

• 5.3 Specify what type of documents are inside each employee file? (Application, Resume, Drug Screening Test, Photo ID, VISA or Passport, etc.)

• 5.4 References are asked for and checked.

  Off

  On

• 5.6 On who does the company conduct a back ground check? (Please select more than one if Applicable)

  Select All Employees New Recruits Critical Area Employees Security Guards Drivers None

  • All Employees
  • New Recruits
  • Critical Area Employees
  • Security Guards
  • Drivers
  • None

• 5.7 Does the company have written procedures referring to employee termination?

  Yes

  No

  N/A

• 5.8 If the previous answer is YES, where are these procedures?

  Security Manual

  Electronically

  None of the Above

• 5.9 What type of system does the company use to recruit new personnel, or how does the company inform future prospects about job openings? (Please select more then one if Applicable)

  Select Newspaper Online Web Pages Job Fairs Universities in the area Internal Employee References None of the Above

  • Newspaper
  • Online Web Pages
  • Job Fairs
  • Universities in the area
  • Internal Employee References
  • None of the Above

• 5.10 Drug Screening test are held inside the company?

  Off

  On

• OBSERVATIONS/RECOMENDATIONS

7. PHYSICAL SECURITY

• 7.1 Describe what type of surroundings does the company have? (Commercial, Residential, Rural, etc.)

• 7.2 Please specify measurements of the premises (Building and Building Including Grounds).

• 7.3 Does the company have a physical barrier?

  Yes

  No

  N/A

• 7.4 Are there written procedures referring to the integrity of the physical barriers?

  Yes

  No

  N/A

• 7.5 Please specify of what material is the perimeter barrier made of and how high it is?

• 7.6 Is the physical barrier inspected daily?

  Yes

  No

  N/A

• 7.7 Is there a specific parking area for employees, visitors, suppliers, contractors, etc.?

  Yes

  No

  N/A

• 7.8 Is the parking area far away from the containers and/or loading docks?

  Yes

  No

  N/A

• 7.9 Please specify of what material is the building made of?

• 7.10 Is the building inspected daily?

  Yes

  No

  N/A

• 7.11 If the answer is NO how often is the building inspected?

  Dialy

  Weekly

  Monthly

  Never

• 7.12 How inspects the building?

  Company Employee

  Security Guards

  No one

• 7.13 Are inspections documented?

  Off

  On

• 7.14 How many loading docks does the company have? And how many are used?

• 7.15 Are there locking mechanisms throughout the premises?

  Yes

  No

  N/A

• 7.16 Referring to the previous question please specify where locking mechanisms are (doors, windows, gates, docks, etc.)

• 7.17 How monitors these locking mechanisms? Select more than one if applicable.

  Select Company Employee Security Guards No one

  • Company Employee
  • Security Guards
  • No one

• 7.18 If applicable, are trucks and containers kept locked while stored inside the facilities?

  Off

  On

• 7.19 Does the company have adequate internal lighting?

  Yes

  No

  N/A

• 7.20 Does the company have adequate external lighting?

  Yes

  No

  N/A

• 7.21 How are external lights power on?

  Automatically

  With a Sensor

  Manual

  We don't have external lights

• 7.22 Does the company have an alternative generator?

  Off

  On

• 7.23 Is there and alarm system in place?

  Off

  On

• 7.24 If the previous answer is Yes, who is your alarm provider and what type of alarm system does the company have?

• 7.25 Does the company have an adequate CCTV system?

  Yes

  No

  N/A

• 7.26 From 1 To 10, 10 being the most efficient and 1 being the least efficient, how efficient are the cameras located?

• 7.26 If the previous answer is YES, how many cameras does the company have? Internal and External?

• 7.27 Who monitors the CCTV security system?

• 7.28 How long does the company store CCTV footage? Where is this information stored? (DVR's videocassette, etc.)

• OBSERVATIONS/RECOMENDATIONS

8. SECURITY TRAINING AND THREAT AWARENESS PROGRAMS.

• 8.1 Does the company have a training program?

  Yes

  No

  N/A

• 8.2 Please specify what type of information (regarding security) is given in such training sessions.

• 8.3 Are all employees given specific training?

  Yes

  No

  N/A

• 8.4 Does the company have an introductory training o new recruits?

  Off

  On

• 8.5 Does the company offer C-TPAT security training to employees?

  Yes

  No

  N/A

• 8.6 How often are employees trained?

  Select Weekly Monthly Quarterly Every 6 Months Once a Year Never

  • Weekly
  • Monthly
  • Quarterly
  • Every 6 Months
  • Once a Year
  • Never

• 8.7 Training is documented.

  Off

  On

• 8.8 Are employees aware of procedures they must follow to report, identify and document any type of anomaly, suspicious person, package or activity?

  Yes

  No

  N/A

• 8.9 Is there a suggestion box in place?

  Off

  On

• 8.10 Does the company offer incentives to employees who report suspicious activity, packages or personnel?

  Yes

  No

  N/A

• 8.11 If the previous answer is YES, please specify what type of incentives does the company offer?

• OBSERVATIONS/RECOMENDATIONS.

9. IT SECURITY

• 9.1 Does the company have written procedures about the correct use of IT?

  Yes

  No

  N/A

• 9.2 Does the company have an IT department?

  Yes

  No

  N/A

• 9.3 If the previous answer is NO, who is in charge of the company's IT?

• 9.4 Do all computers have usernames and passwords?

  Yes

  No

  N/A

• 9.5 Do employees assign their own passwords? If NO, who assigns the passwords for each username?

• 9.6 How often are passwords changed?

  Select Daily Weekly Monthly Every 60 Days Every 90 Days Every 180 Days Once a Year Never

  • Daily
  • Weekly
  • Monthly
  • Every 60 Days
  • Every 90 Days
  • Every 180 Days
  • Once a Year
  • Never

• 9.7 Does the company have FIREWALL?

  Yes

  No

  N/A

• 9.8 Does the company have ANTIVIRUS?

  Yes

  No

  N/A

• 9.9 Are employees trained with IT policies?

  Yes

  No

  N/A

• 9.10 Is the Internet restricted?

  Yes

  No

  N/A

• 9.11 Does the company perform BACKUPS?

  Yes

  No

  N/A

• 9.12 How often are BACKUPS done? (Please select more than one if applicable)

  Select Dialy Weekly Monthly Every 6 Months Yearly Never

  • Dialy
  • Weekly
  • Monthly
  • Every 6 Months
  • Yearly
  • Never

• 9.13 Where is the BACK UP information stored?

  OFF SITE

  ON SITE

• 9.14. Are there written procedures for system violators?

  Yes

  No

  N/A

• OBSERVATIONS/RECOMENDATIONS

10. TRANSPONDERS (IF APPLICABLE)

• 10.1 Who is in charge of ordering the company's Transponders?

• 10.2 How many Transponders does the company have?

• OBSERVATIONS/RECOMENDATIONS

11. EFFECTIVITY TESTS

• 11.1 Does the company do perform tests?

  Yes

  No

  N/A

• 11.2 Please describe the effectivity test, when it was held, who it was held to, if or not it was successful, etc.

• Photo Log

  Media