Guidance On Anti-Terrorism Security

Assessing facilities against Best Practices for Anti-Terrorism Security (BPATS) is a multi-faceted process.

Compiled by Facility Executive Staff
From the October 2018 Issue


The U.S. Department of Homeland Security (DHS) has national leadership responsibilities for managing risks involving critical infrastructure, key resources, and events. The department has identified commercial facilities as key assets in the critical infrastructure/key resource sector and as such encourages the widespread deployment of effective anti-terrorism technologies, services, and capabilities in those facilities. To help commercial building owners and managers implement anti-terrorism protection measures, the DHS Science and Technology Directorate (S&T) and the Office of SAFETY Act Implementation identified a set of best operational security practices for metropolitan commercial office buildings. These practices are referred to as Best Practices for Anti-Terrorism Security, or BPATS.

More recently, the DHS S&T, in partnership with the National Institute of Building Sciences in Washington, DC , made an online resource available to commercial building owners who are seeking protections under the Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act. The web based tool is accessed through free registration, and was designed to help guide building owners and other stakeholders through the process of seeking SAFETY Act protection. The resource also aims to help security professionals for commercial office buildings perform assessments based on BPATS. The new online portal includes significant resource, the “Field Guide: Conducting BPATS Based Assessments of Commercial Facilities” document. Interested parties can find the tool online.

There was also a need for an assessment methodology that could be used to record and compare a commercial building’s security practices to the BPATS. The new online tool and accompanying Field Guide meets that need by providing a recommended process that can be used to improve the content and persuasiveness of assessments. The stakeholders addressed are the Facility Owners/Representatives and the Assessors.

The Field Guide starts with the key concepts of a BPATS based assessment and then provides information on the three-phase assessment process: Documentation Review phase, Site Visit phase, and Report Development phase. The guide finishes with a review of Owner Operator post assessment actions. Seven practice categories are used to organize the 24 BPATS—Security Program Charter; Strategic Planning; Administrative Controls; Security Systems; Communication and Notification; Defensible Space Design; and Performance Evaluation.

There are 411 Common Security Practices within the 24 BPATS, and the determination of the extent to which the building security program incorporates each of these BPATS is a key part of the assessment.

There are insights included in the Field Guide that are aimed at the security professional who would be acting as Assessor at a building. Facility Owners/Representatives would also find these useful.

First, ensure that the tour will meet the assessment objectives and scope, as well as the BPATS requirements. For example, there are practices concerning parking. If the parking area is in the scope of the assessment, then it needs to be part of the tour. If the building uses a parking facility in a separate building across the street and it is not in the scope of the assessment, then the parking practices are non-applicable, and the parking facility does not need to be on the site tour checklist.

Second, observe the building’s security program in action. Ways to do this are to watch security staff perform their duties, request to witness common security activities (such as visitor processing), and observe a normally scheduled test of security equipment, systems, or capability.

Third, confirm that documented plans, policies, and procedures reflect actual practice. Finally, tour checklist should include looking at adjacent facilities. These nearby facilities may increase target attractiveness, or the building may be at risk from “collateral damage” from an attack on an adjacent site.

SAFETY Act Protections

An issue that arises for building owners seeking SAFETY Act protection is the need to re-submit applications due to gaps in the review for SAFETY Act eligibility. The new online format serves to eliminate such backtracking from the application process, outlining what a building needs to accomplish to become a candidate for Qualified Anti-Terrorism Technology (QATT) status.

The preferred users of this tool are trained security professionals whose credentials will be reviewed by the National Institute of Building Sciences before gaining access to the tool. They are then trained in using the checklist to evaluate various components of building security by SAFETY Act standards, including access control, |risk awareness, physical security, IT security and more.

“With the BPATS, our goal was to develop a comprehensive tool that security professionals could use to assess the anti-terrorism security of commercial office buildings,” says Bruce Davidson, Director of S&T’s Office of SAFETY Act Implementation (OSAI). “The output from their BPATS assessment should enable building leadership to take steps to enhance their building’s security and provide the foundation for a well-structured follow-on SAFETY Act application.”

OSAI and the National Institute of Building Sciences were able to validate the chosen best practices through pilot tests with six commercial buildings located in Washington DC, Los Angeles, Chicago, New York, and Denver. An understanding of how the common practices of those building owners corresponded with OSAI criteria helped refine the BPATS and the assessment process for consistency.

Businesses filing for SAFETY Act protections can receive Designation and Certification for their Qualified Anti-Terrorism Technology, which can cap their liability. The SAFETY Act was enacted in 2002 because of concerns that liability would hinder investment in the latest security technologies and programs following the attacks of September 11, 2001. OSAI engages with various public and private entities to ensure the SAFETY Act application process is consistent with their needs and promotes investment in the technologies the nation needs.

“BPATS will be an important part of the SAFETY Act application process,” says William N. Bryan, Senior Official Performing the Duties of the Under Secretary for Science and Technology. “We want commercial building owners to feel confident in the steps they need to take in getting the protections they need to secure their facilities.”

Do you have a comment? Share your thoughts in the Comments section below or send an e-mail to the Editor at