Marketplace Pricing Download
Marketplace/ United States flagUnited States/ regulatory/ C-TPAT Security Profile

C-TPAT Security Profile

Drafts a submission-ready C-TPAT Security Profile from verified company records for U.S. CBP enrollment, recertification, or validation prep. Use when preparing security profiles for importers, brokers, freight forwarders, or logistics participants. Trigger keywords: C-TPAT, CTPAT, CBP, security profile, customs compliance, validation visit, revalidation.

ID: us.regulatory.ctpat-security-profile Version: 0.1.0 License: Apache-2.0 Author: CaseMark Language: en Added: 2026-05-27
Try via MCP GitHub
⬇ Download

C-TPAT Security Profile

Produces an evidence-based C-TPAT profile draft aligned to U.S. CBP minimum security criteria, mapped directly to company operations and source documents.

Quick Start

  1. Collect governing docs (policies, SOPs, audits, training records, partner questionnaires).
  2. Confirm corporate identifiers (legal name, EIN, DUNS, C-TPAT account number, facility addresses).
  3. Gather operations data (importer role, volumes, countries/lanes, supply chain map).
  4. Gather security evidence per module (physical, personnel, cargo, conveyance, IT, business partner).
  5. Set document version baseline and submission target date.

Core Workflow

  1. Validate inputs — verify each factual claim against source documents.
  2. Identify gaps — emit a Gap Register before drafting if required facts are missing.
  3. Draft sections — populate all 13 mandatory sections (see below).
  4. Crosswalk compliance — map each company control → C-TPAT minimum → supporting evidence.
  5. Quality check — scan for accuracy, contradictions, completeness, and CBP-appropriate tone.

Intake Matrix

Domain Evidence Needed Maps To
Eligibility Import role, volume, facilities, prior tier Intro + jurisdiction
Governance Security leadership, reporting lines, budget Org framework
Risk methodology Assessment cadence, criteria, data sources Risk assessment
Physical controls Access, surveillance, lighting, alarms, patrols Physical security
Personnel Screening, onboarding, training, revocations Personnel security
Procedural Partner due diligence, custody chain, inspections Business-partner security
Conveyance Carrier vetting, 7-point inspections, seals, transit Conveyance/cargo integrity
IT MFA, segmentation, patching, incident response IT security
Compliance Self-assessments, corrective actions, validation prep Continuous improvement

Mandatory Sections

  1. Cover Page — company info, title, version, date, preparer
  2. Profile Summary — tier objective, participation status, confidence level
  3. Organizational Framework
  4. Risk Assessment
  5. Physical Security
  6. Personnel Security
  7. Procedural / Business-Partner Security
  8. Conveyance and Cargo Integrity
  9. Information Technology Security
  10. Recordkeeping and Compliance Management
  11. Self-Assessment and Corrective Action Register
  12. Validation Readiness
  13. Appendix Index and Signature Statement

Section Template

Each security module section follows this structure:

  • Current Practice — fact-based description
  • Controls in place — specific measures
  • Evidence references — document name + date
  • Gaps and residual risks
  • Planned improvements — owner assigned
  • Status: Compliant / Partially Compliant / Non-Compliant

Specialized Records

Seven-Point Inspection Log (per container/trailer): Unit ID, date/time, inspector, front wall, left side, right side, floor, ceiling/roof, doors inside/out, undercarriage, anomalies + photos + corrective actions.

Seal Control Register: Seal number, vendor/standard, issuance date, assigned shipment, installation point, receipt verification, discrepancy response, disposition.

Corrective Action Plan: Finding, control owner, corrective action, deadline, verification method, status.

Pitfalls and Checks

  • Use only verifiable facts from provided records — never invent documents, certifications, or findings.
  • Every claim requires a source pointer (policy, SOP, log, audit report, contract, training record).
  • Use exact terms from company records for titles, systems, equipment, and locations.
  • Mark uncertain regulatory specifics with [VERIFY] for human confirmation.
  • Enforce 7-point inspection checks and ISO 17712 high-security seal handling.
  • Default to U.S.-only CBP scope unless user provides multinational authority requirements [VERIFY].
  • Final output must be validator-ready: consistent cross-references, indexed exhibits, revision control.

Related Skills

United States flagUnited States · regulatory

FDA 510(k) Premarket Notification

Drafts FDA 510(k) Premarket Notification submissions demonstrating substantial equivalence under 21 CFR Part 807. Supports Traditional, Special, and …

CaseMark
United States flagUnited States · regulatory

Adverse Event Reporting Policy

Drafts an Adverse Event Reporting Policy compliant with 21 CFR 312.32 (IND safety reporting), 21 CFR 314.80 (postmarketing), and ICH E2A, with multi-…

CaseMark
United States flagUnited States · regulatory

Client Advisory Summary

Drafts U.S. regulatory client advisory summaries translating legal developments into actionable risk and compliance guidance. Use when a client needs…

CaseMark
United States flagUnited States · regulatory

AML Compliance Program

Drafts board-ready Anti-Money Laundering compliance programs for U.S. financial institutions under BSA/FinCEN requirements. Covers CIP, CDD, EDD, SAR…

CaseMark
United States flagUnited States · regulatory

Annual Report for State Charity Bureau

Generates a cross-referenced U.S. nonprofit annual filing package for state charity-bureau registration. Produces Full Compliance Package, Form-Field…

CaseMark