(Conduct Yearly Self Assessment)
U.S. Customs and Border Protection (CBP) states that a CTPAT participant will conduct a yearly “security self- assessment” approximately one year after becoming CTPAT certified. This process is now referred to as an “annual security profile review” (ASPR).
The Supply Chain Security Specialist (SCSS) uses the ASPR to prepare for future validations and revalidations and to confirm that the information entered into the secure web portal is current and accurate. For the CTPAT member, the ASPR is an integral tool which assists them in improving their security practices as changing risks evolve. CBP will notify the CTPAT member approximately 90 days prior to the ASPR due date. This date can be found on the portal home page.
After the CTPAT member completes the ASPR, their SCSS will review the updated information. The SCSS will either approve or reject it. The SCSS will contact the CTPAT member via the web portal if there are any questions.
If the CTPAT member does NOT complete an annual security profile review, their status may be affected in the CTPAT program.
During the ASPR, the SCSS does not visit the company’s domestic facility or domestic or foreign business supply chain providers. This is in contrast to the validation and revalidation phase where the SCSS visits the company and related business supply chain providers.
Norman Jaspan Associates, Inc. will work with the CTPAT member in conducting the ASPR by reviewing their approved security profile to determine if:
A. Any enhancements were or should be implemented based upon the SCSS recommendations during the validation /revalidation visit.
B. The security profile is factually accurate.
C. They are using the supply chain security risk assessment process.
D. They are conducting self audits and testing their security procedures.
E. It is compliant with CBP’s current requirements.
F. The company information has changed because they physically moved, created a new division, acquired a new company or ownership has changed. New management may not be aware of the CTPAT program.
If you need assistance with your security and company profile in order to respond to the annual security profile review, please contact NJA.