| OTHER SUPPLY CHAIN SECURITY PROGRAMS | 其它供应链安全计划 |
| 1 | Has your firm obtained certification in a supply chain security program being administrated by your Government's Customs Administration? If yes, indicate the name of the program & your firm's status of participation. | 贵公司是否曾获得由贵国海关机构所颁发的供应链安全计划认证?若答案为是,请说明该计划的名称以及贵公司参与的状态。 |
| CONTAINER SECURITY | 货柜安全 |
| 2 * | Are high-security seals (meet or exceed current PAS ISO 17712 standards) affixed to all loaded containers bound for the USA? | 高安全封条(符合或是超过目前PAS ISO 17712标准)是否附在所有装载前往美国的货柜? |
| 3* | Is there a written procedure in place which stipulates how seals are to be controlled and properly affixed to loaded containers? | 是否有明文规定的适当程序以规范封条如何被控制并且适切的固定在装载之货柜上? |
| 4* | Is there a written procedure in place which stipulates how to recognize & report compromised seals and/or containers to US Customs or the appropriate authority? | 是否有明文规定的适当程序以规范如何分辨损坏的封条及货柜并且通报美国海关及有关当局? |
| 5* | Is there a written procedure in place to verify the physical integrity of containers prior to loading? (This inspection process should include: front wall, left wall, right wall, floor, ceiling/roof, inside/ outside doors, outside/ undercarriage & the locking mechanisms of the doors.) | 是否有明文规定的适当程序以在装载前分辨货柜实体的完整性?(该检视应该包含:前方、左方、右方、地板、天花板/屋顶、内外门、外车厢以及车厢底以及门锁的上所机制) |
| 6* | Are containers (both empty & loaded) stored in a secure area to prevent unauthorized access and/or manipulation? | 是否所有的货柜(空货柜和装载的货柜)都储存在安全的区域以避免未经授权的进入或是操作? |
| 7* | Is there a written procedure in place for reporting & neutralizing unauthorized entry into containers or container storage areas? | 是否有明文规定的适当程序以通报或是注销未经授权进入货柜以及储存货柜的区域? |
| SHIPPING PROCEDURES | 货运程序 |
| 9 | Are procedures in place for the verification of cargo being loaded in accordance with the shipping documents? | 是否有明文规定的适当程序以确认货柜与货运文件的一致? |
| 9 | Is all product properly marked, weighed, counted & documented. | 所有的货品是否都适当的标记、秤重、计算并且纪录? |
| 10 | Are trucking records including: Container Number, Truck license plate & Driver Information maintained ? | 是否所有的卡车纪录包括货柜号码、卡车车牌以及驾驶数据都有正确维护? |
| PHYSICAL SECURITY | 实体安全 |
| 11 | Is the facility enclosed by a perimeter fence or security wall? | 贵公司机构外围是否有围篱或是安全围墙? |
| 12* | Are gates through which vehicles and/or personnel enter or exit manned and/or monitored? | 所有车辆或人员进出的入口是否是经由人员操控或是透过监视的? |
| 13 | Are the number of gates kept to the minimum number necessary for proper access and safety? | 入口的数量是否保持在最小的数量已为了是当的进入以及安全考虑? |
| 14 | Are incoming vehicles screened for driver identity & authorization? | 是否所有进入的车辆驾驶必需要经过扫描辨别身分以及授权? |
| 15 | Are all truck drivers identified (via driver license or company ID) and recorded on a truck Arrival / Departure log? | 是否所有的卡车司机都经过身分认证(透过驾照或是公司ID)并且详细纪录卡车抵达/离开的纪录? |
| 16 | Are private vehicles prohibited from parking near or adjacent to cargo handling and storage areas? | 私人的车辆是否被禁主停放在靠近货物处理以及储存的区域? |
| 17* | Are all perimeter windows, doors, roof hatches, etc. secured with adequate locking devices? | 所有的周遭窗户、门、屋顶等等是否都有适当的上锁装置? |
| 18* | Does management or security personnel control the issuance of all keys and locks? | 是否有管理人员或是安全人员控制所有锁匙以及锁的分发? |
| 19 | Are locks changed when keys are lost? | 当锁匙遗失的时候是否锁会更换? |
| 20* | Is there a written procedure in place for the issuance, removal and changing of access devices (keys, locks, etc.)? | 是否有适当的程序以处理移除以及更换进入装置(锁匙、锁等)? |
| 21* | Are all areas of the facility exterior (including all entrances & exits, truck bay doors, parking areas & fence lines) well-lighted from dusk to dawn? | 是否机构所有的区域外围(包括所有入口及出口、卡车停放门口、停车区域以及围篱边)从黄昏到清晨都有足够的照明? |
| 22* | Are all areas of the facility interior (including all cargo handling & storage areas) well-lighted? | 是否机构所有的区域内部(包括所有货物处理以及储存的区域)从黄昏到清晨都有足够的照明? |
| 23 | Does the facility have a burglar/intrusion alarm system? | 机构内是否有强盗/侵入警示系统? |
| 24 | Does a central station monitor the burglar alarm system? | 是否有控制中心监控警示系统? |
| 25 | Does the facility have a CCTV (video surveillance) system? | 机构内是否有CCTV(录像监视)系统? |
| 26 | Is the CCTV system monitored in real time? If yes, who monitors the system? | 该CCTV系统是否为及时监控?若是,是谁监控该系统? |
| 27 | Is the CCTV system recording at all If yes, how long are the video images archived? | 该CCTV系统是否所有时间都在录像?若是,其录像影像多久会被归档? |
| 28 | Are all entrances & exits (including truck bay doors) monitored by the CCTV system? | 是否所有的进出(包括卡车间隔的门)都有CCTV系统监控? |
| 29 | Are all cargo handling & storage areas monitored by the CCTV system? | 使否所有货品处理以及储存区域都有CCTV系统监控? |
| 30 | Does the facility employ security guards? | 机构内是否有雇用安全警卫? |
| 31 | Are the security guards contracted through an outside security service? | 安全警卫是否由外面的安全公司所约聘? |
| 32 | Are security guards posted after operating hours? | 安全警卫是否在营运时间后仍站岗? |
| 33 | Briefly describe the various security guards posts and duties. | 简短的叙述各种安全警卫的职责? |
| ACCESS CONTROL | 进入控制 |
| 34* | Are all employees issued ID cards / badges? | 是否所有员工都拥有识别证? |
| 35* | Do employee ID cards have the employee's name & photograph? | 员工识别证上是否有员工的姓名及照片? |
| 36 | Do employee ID cards have an expiration date? If yes, how long is it valid (until it expires)? | 员工识别证是否有期限?若是,期限为多长? |
| 37 | Are all employees required to wear the ID card / badge, via clip or chain, while on company grounds? | 是否所有员工再公司内部的所有时间都被要求佩带识别证件? |
| 38 | Is the employee ID card designed to prevent unauthorized duplication? If yes, explain. | 员工的识别证是否可以避免未经授权的复制?若是,请解释? |
| 39 | Are the equipment & materials used in the manufacture of employee ID cards kept secure (under lock & key)? | 是否用来制造员工识别证所有的设备以及材料都百放在安全的地方(有锁匙跟锁)? |
| 40* | Is there a written procedure in place for the issuance and removal of employee ID cards? | 是否有适当的程序以规范员工识别证的发给及收回? |
| 41* | Are all visitors required to present photo identification upon arrival? | 使否所有访客再进入前都被要求提供有相片的证件? |
| 42 | Are all visitors issued a distinctive ID badge, different from employee ID cards/badges? If yes, is it numbered and logged or a one-time use card or sticker? | 是否所有访客都发给一个可分辨的识别证,并且可以与员工明显区别?如果是,该识别证是以号码登记或是一次性的卡片或贴纸? |
| 43 | Are all visitors required to wear/display the ID badge while on company grounds? | 在公司内部是否所有访客都被要求穿带识别证? |
| 44 | Are all visitors escorted by an employee while on company grounds? | 再公司范围内是否所有的访客都由员工伴随? |
| 45 | Is there a visitor log? If yes, does it include the date, time arrived, name of visitor, name of firm, who to meet with, ID information, visitor ID card #, and time left? | 是否有访客纪录?如果是,其中是否包括日期、抵达时间、访客名称、访客公司、会面名单、ID数据、ID号码以及离开时间? |
| 46* | Is there a written procedure in place to identify, address and remove unauthorized or unidentified persons? | 是否有适当的程序以辨别及移除未经授权或是身分不明的人员? |
| PERSONNEL SECURITY | 人员安全 |
| 47* | Is there an employment application? | 公司内是否有员工求职表? |
| 48 | How long are employment applications kept on file for those applicants NOT hired? | 没有被录取的员工求职表会被建档并保留多久? |
| 49* | Is a verification of pervious employment performed? If yes, is this verification documented & kept on file? | 是否核实员工之前的工作情形?如果是,是否有将核实建文件纪录? |
| 50 | Are pre-employment criminal background checks performed? If yes, are the results of this checks documented & kept on file? | 是否在聘任之前对员工作犯罪背景调查?如果是,该调查是否建文件纪录? |
| 51 | Are criminal background checks performed periodically for existing employees, based on cause and/or the nature of the employee's position? If yes, explain. | 是否对现有员工实施定期犯罪纪录调查?如果是,请解释 |
| 52 | Is pre-employment drug testing performed? If yes, are the results of these tests documented & kept on file? | 是否在聘任之前进行毒品反应测试?如果是,该调查是否建文件纪录? |
| 53 | Is drug testing performed periodically for existing employees, based on cause and/or the nature of the employee's position? If yes, explain. | 是否有根据员工背景定期实施的员工毒物测试,? |
| INFORMATION TECHNOLOGY SECURITY | 信息科技安全 |
| 54* | Are there written IT security policies, procedures and standards in place and provided to employees in the form of training? | 是否有明文规定的IT安全,程序,以及标准以提供员工训练? |
| 55* | Is the entire system passcode protected? | 是否整个系统都由密码保护? |
| 56* | Are passcodes unique to each user? | 密码适法对于每个使用者都是独特的? |
| 57 | Who generates the passcode? (The system, the system administrator or the user?) | 谁负责设定密码?(系统,系统管理者,还是使用者?) |
| 58* | Are passcodes changed on a regularly scheduled basis? If yes, how often? | 密码是否定期更换?如果是,周期为? |
| 59 | Does the system force the user to change the passcode? | 系统是否会强迫使用者改变登入密码? |
| 60* | Is the IT department or system administrator immediately notified when a user separates from the company, so measures can be taken to prevent the user from accessing the system? | IT部门或是系统管理者是否能在使用者离开(离职)后马上被知会,以避免使用者继续进入系统? |
| 61 | Does the system “lock-out” a user after a certain number of unsuccessful (incorrect passcode) log-on attempts? If yes, after how many attempts? | 系统是否会在几次密码输入错误的登入后锁定使用者?如果是,要几次的错误? |
| 62 | Is there a time-out feature built into the system? If yes, how many minutes is it set at? | 系统内是否有逾时锁定? |
| 63 | Do users have the ability to disable the time-out feature? | 使用者是否可以解除逾时锁定? |
| * | Is there a system in place to identify the abuse of the IT system, including improper access, tampering or the altering of data? If yes, explain. | 是否有一个系统以辨识IT系统是否被滥用,包括不适当的登入,改变数据的意图?如果是,请说明 |
| 65* | Are all system violators subject to appropriate disciplinary action for abuse? If yes, explain | 是否所有违规使用系统的人员都遭到适当的惩戒?如果是,请说明 |
| 66 | Is application access restricted to appropriate personnel? | 登入之申请是否仅限于适当的工作人员? |
| 67 | Does the system have firewalls to prevent unauthorized access to data? If yes, describe the specific hardware and/or software utilized. | 系统是否拥有防火墙以阻挡未经授权的数据读取?如果是,描述所使用的硬件以及软件. |
| 68 | Does the system utilize anti-virus software? If yes, describe the specific type & version. | 系统是否有防毒软件?如果有,请叙述种类以及版本. |
| 69 | Is there a mirror system? | 是否有镜射备份系统? |
| 70 | Is the mirror system off-site? | 该镜射备份系统是否为异地备份? |
| 71 | Is the system backed-up on a regular basis? If yes, how often? | 系统是否定期备份?如果是,周期为? |
| 72 | Is the back-up data kept off site? | 备份资料是否在异地保存? |
| EDUCATION & TRAINING | 教育与训练 |
| 73* | Is there a threat-awareness program established to recognize and foster awareness of the threat posed by terrorists at each point in the supply chain? | 公司内是否有威胁警觉的计划以辨识并且培养供应链每一个环节中对于恐怖份子威胁的警觉? |
| 74* | Are employees aware of the procedures the company has to address a situation & how to report it? | 员工是否了解向公司报告突发状况的程序? |
| 75 | Is additional training provided to employees who receive & open mail and in the shipping & receiving areas? | 是否有额外的训练以提供载运送/接收区域负责接收/开启邮件的员工? |
| 76 | Is specific training given to assist employees in maintaining cargo integrity, recognizing internal conspiracies, and protecting access controls? | 是否有特定的训练以帮助员工维护货物完整,辨认出内部的共谋并且保护进入控制? |
