printer friendly version

The value of adopting TAPA’s warehousing standard

The Transported Asset Protection Association (TAPA) identifies itself as an association of security professionals and related business partners from various manufacturing and transportation companies, who have come together for the purpose of addressing the emerging security threats that are common to the relevant industries.

As part of its efforts, the association develops standards and provides certifications that aim to produce a measurably positive impact in reducing cargo crime. One of these standards is FSR (Facility Security Requirements) which covers the area of secure warehousing and storage.

Massimo Carelle

Massimo Carelle serves on the TAPA committee of the South African workgroup, and also on the EMEA standards board as an advisor. He is also managing director of KMR Group & Associates, and provides a practical framework for the context in which the FSR standard applies.

Dealing with threats

“In a warehousing environment, you typically face both external and internal threats,” he explains. “On the external side you’re dealing with things like potential armed robberies, burglaries and strike actions. Internal threats usually operate in collusion with external threats, which is the challenge that most companies have. Then you’ve got your common pilferage, where people try to steal goods and also fake documents. There is also the threat of fake collections and deliveries – the latter is much less likely but could entail the old ‘Trojan horse’ approach whereby criminals gain access into the facility to perform an armed robbery.”

Countering these threats needs to be a unified approach of treating the people, processes and technology aspects of the equation as equally important. Carelle advises that one shouldn’t give people too many ways of operating without technology monitoring them or without them having to use technology that cannot be manipulated, and to put in place procedures around that.

Some of the technological safeguards that can be employed are, for example, if a parcel is leaving a facility, it shouldn’t be a case of a staff member just handing it over to a courier. Instead, there should be technology in place to make sure it is the correct parcel relating to a genuine order (for example by using a camera to verify the serial number of what is being scanned), and is the correct weight, before allowing it to leave the premises.

If an anomaly does arise during these checks, integration between the likes of the access control, warehouse management system (WMS) and camera systems would allow an alarm to be set off, an alert sent to someone via email, and/or a lockdown of the exit to prevent a person or vehicle from leaving the premises. Time and attendance systems further allow a warehouse to determine if someone is in an area where they aren’t supposed to be, or aren’t allowed to be. Where a client’s budget allows, advanced video analytics can be used to further enhance this functionality.

The benefits of standards

So how do the TAPA FSR standards help facilities accomplish these objectives? ‘Tremendously,’ says Carelle. “One of the difficult parts of putting a security system and related procedures in place is trying to get people’s buy-in, whether it’s staff or management. When you get a TAPA programme going it’s easier to explain simply that if you want to get certified, a specific set of requirements must be fulfilled. This is particularly helpful when non-security people question why something is being done a certain way, by giving you the ability to just say ‘it’s in the standard’.”

Carelle recommends the Class A standard as the one to aim for, particularly for high-risk facilities. He also points out that ‘high-risk’ and ‘high-value’ are not necessarily the same thing. For example, a cargo of bananas wouldn’t be considered high-value, and wouldn’t be high-risk in an affluent area, but if it’s being transported through an area where there are lots of starving people, it becomes high-risk. Cellphones and other electronics, on the other hand, are both high-value and high-risk, as they are both lucrative and in high demand on the black market.

TAPA SA is actively looking to recruit new members, and is being made particularly attractive to South African companies by charging half the rate seen elsewhere in the world – 1000 Euros per year as opposed to the 2000 Euros charged in other countries. The association also provides an incident information service (IIS) which helps members to stay abreast of where there are incidents and what to look out for.

“TAPA is growing its South African membership year by year, but there is a South African mentality that people don’t want to talk to each other. We have been holding annual conferences to provide our members with useful information, and we also recommend that logistics companies send their employees for training, which is free of charge for members. By working together in this logistics industry we might actually achieve more,” Carelle concludes.

Digging into the details

Paul Linders

Paul Linders, global head of security at CEVA Logistics and a member of the TAPA board of directors, explains some of the nuts and bolts of what the FSR standard is about: “TAPA’s mission is to help protect members’ assets by minimising cargo losses from the supply chain. One way TAPA tries to achieves this is by the development and application of global security standards. The FSR is just one of them.

“This standard is divided into three classification levels, based on the level of protection needed for that facility. Certification is possible against all three levels. Specifically, the purpose as defined in the FSR document is as follows: The FSR (Facility Security Requirements) is an official TAPA global document for secure warehousing and storage and can be used in business/security agreements between buyers and logistics service providers (LSPs) and/or other applicants seeking certification.

“In the development of this standard, TAPA recognises the multiple differences in how storage services are provided globally, regionally, and even within companies, and that the FSR may apply to all or part of the services provided by an LSP/applicant. Depending on the complexity and size of the supply chain, compliance with TAPA standards may be achieved through a single LSP/applicant or multiple LSPs/applicants and qualified subcontractors.”

TAPA’s aim is to find synergy between all requirements so that one works best with the others; so that one requirement strengthens the next one. FSR focuses on physical security requirements, electronic security requirements and security procedures, which create the best level of security when all working together.

In general, Linders explains, the requirements and recommendations addressed in the FSR standard are all important, and together they provide the best level of security within facilities. Depending on the facility or the country, certain requirements might be more important as criminals might operate with a particular modus operandi that is less prevalent elsewhere. “The risk and threats will dictate which requirements are the most important for you, but only when they are all implemented can the highest level of security be reached,” he says.

Companies that are considering adopting these standards need not worry that they would have to overhaul all their existing systems, necessarily. “Understand that those facilities that need the FSR already have serious issues or expect serious issues in terms of criminal attacks,” Linders points out. “So in most cases they have some security already embedded, but on a different level, or have placed security measures ad-hoc after incidents and therefore together they don’t work correctly.

“The FSR is built on a common sense approach that considers what is important for the logistics service provider, what their problems are, their threats and risks, and how they can be mitigated. We don’t dictate that you need cameras from brand XYZ and therefore you should remove all your existing cameras; we tell you what the performance of a camera should be. If that means the existing cameras can stay, then so be it.

“Most issues we see in becoming compliant are related to procedures: placing cameras is one thing but instructing your employees how to use the security is another. Here we often see problems for facilities in making this happen. Therefore some training is necessary, to ensure all procedures from the TAPA FSR are understood and followed up in the facility in question.”

In summary, achieving compliance with the TAPA FSR standard should not be seen as simply obtaining a certificate with a stamp of approval, but rather an exercise in ensuring that a facility complies with a set of best practices. “That is how the FSR was built up: using best practices from the industry.”

“In the past, to understand the level of security implemented, audits were the only means of doing so, but unfortunately each customer would have their own security requirements and perform the audits against their own checklists. This not only meant that your facility would be visited multiple times per year by auditors from these customers, it also created problems in that, what one customer judged as okay, was rejected by another.

“TAPA challenged all manufacturers to use the FSR in their contracts, in order to both implement the correct level of security within that facility and also reduce the audit programme for that site to only once every three years (the length of time the TAPA certification is valid). The TAPA certificate serves as proof that a site has the correct level of security, and is respected by all manufacturers who understand that TAPA represents the best practices in security for logistics. TAPA itself dictates that the certified facility must conduct a self-assessment against the FSR level of their certificate, and provide this input to the audit body involved,” says Linders.

For more information contact:

• Massimo Carelle, TAPA South Africa, [email protected]

• Paul Linders, TAPA, [email protected]

Share this article:

Further reading: