An organization may select a dedicated internal team or hire an outside consulting organization to perform the tasks listed below, keeping in mind the eight areas of the C-TPAT assessment. The team should review current documented and undocumented policies, procedures, and any security programs in place. The organization may hire additional staff for the review and implementation.
- Map cargo flows and supply chains
- Conduct threat assessments
- Identify security vulnerabilities and weaknesses and rate them
- Prepare an action plan to address security weaknesses
- Document risk assessment, audit, and annual review procedures
The assessment includes interviews with those responsible for the various areas of security and a walk-though of physical distribution and corporate facilities, including those of outside organizations in the importer’s supply chain.
Once an organization has its “as-is” map and has identified the gaps to reaching C-TPAT status, it can begin implementing needed training and enhancing its processes.