Once DHS issues a Letter of Approval, a facility must ensure compliance with the measures identified in its SSP or ASP, including completing any planned security measures within the timeline identified in the approved plan. This may include, among other things, detailed recordkeeping, management of change protocols (including reporting “material modifications”), internal and external reporting, ASP/SSP audits, and routine training, drills, and exercises.