CTPAT Checklist

As part of Carter’s/Oshkosh’s participation in, and commitment to, the C-TPAT program, our manufacturers are required to take necessary steps to develop and implement a sound security program to protect against terrorism. To help us evaluate our supply chain security we ask that you complete this Security Profile.

Access Controls

Unauthorized access to the shipping, loading dock & cargo areas should be prohibited. Controls should include:

  • An employee identification system must be in place for positive identification and access control purposes.
  • Employees should only be given access to those secure areas needed for the performance of their duties.
  • Procedures in place to control the issuance, removal, and changing of access devices.
  • Visitors must present photo identification for documentation purposes upon arrival. All visitors should be escorted and visibly display temporary identification. Security personnel must adequately control the issuance and removal of identification badges.
  • Proper vendor ID should be presented for documentation purposes upon arrival.
  • Procedures in place to identify, challenging, and address unauthorized/unidentified persons.

Personnel Security

Application information, such as employment history and references, should be verified prior to employment.

  • Background checks and investigations should be conducted for prospective employees and periodic checks and reinvestigations should be performed.
  • Procedures in place to ensure that all information used in the clearing process is complete, accurate, and protected against the exchange, loss, or introduction of erroneous information.
  • Procedures must be in place to ensure that information received from business partners is reported accurately and timely.
  • Procedures in place to ensure cargo is properly marked, weighed, counted, and documented.
  • Procedures for detecting and reporting shortages and overages.
  • Procedures for tracking the timely movement of incoming and outgoing goods.
  • Procedures to notify customs and other law enforcement agencies in cases where anomalies or illegal activities are detected or suspected by the company.

Security Training and Threat Awareness

Security training and threat awareness programs should be in place. Programs should include:

  • A threat awareness program should be established and maintained by security personnel to recognize and foster awareness of the threat posed by terrorists at each point in the supply chain.
  • A security awareness program is provided to employees including recognizing internal conspiracies, maintaining product integrity, and determining and addressing unauthorized access. These programs encourage active employee participation in security controls.
  • Additional training should be provided to employees in the shipping and receiving areas, as well as those receiving and opening mail.

Information Technology

Systems should have security to prevent unauthorized access. Controls should include:

  • Automated systems must use individually assigned accounts that require a periodic change of password. IT security policies, procedures, and standards must be in place and provided to employees in the form of training.
  • A system must be in place to identify the abuse of IT including improper access, tampering, or altering business data. All system violators must be subject to appropriate disciplinary actions for abuse.

Physical Security

  • All buildings should be constructed of materials, which resist unlawful entry and protect against outside intrusion. Security should include:
  • Perimeter fencing should enclose the areas around cargo handling and storage facilities.
  • Segregation and marking of international, domestic, high-value, and dangerous goods cargo within the warehouse by a safe, caged, or otherwise fenced-in area.
  • Gates through which vehicles and/or personnel enter or exit must be manned and/or monitored.
  • Parking area for private vehicles should be separate from the shipping, loading dock, and cargo areas.
  • Buildings must be constructed of materials that resist unlawful entry.
  • Adequate locking devices for external and internal doors, windows, gates, and fences.
  • Adequate lighting provided inside and outside the facility including parking areas.
  • Internal/external communications systems in place to contact internal security personnel or local law enforcement police.

Container Seals

A high security seal must be affixed to all loaded containers bound for the United States. Controls should include:

  • All containers bound for Carter’s & Oshkosh in the U.S. are sealed with a high security seal that meets or exceeds the current PAS ISO 17712 standard for high security seals.
  • Written procedures exist stipulating how seals are to be controlled and affixed to loaded containers. These include procedures for recognizing and reporting compromised seals and or containers to local authorities or U.S. Customs.
  • Only designated employees have access to seals.