SVA & SSP or ASP

With the launch of CSAT 2.0 in October 2016, DHS combined the Security Vulnerability Assessment (SVA) and Site Security Plan (SSP) / Alternate Security Program (ASP) processes into a single submission. All tiered facilities have 120 calendar days, from receipt of a Risk Tier Notification, to submit a SVA and SSP or ASP to DHS via the CSAT. DHS has provided SVA / SSP Instructions to assist with SVA and SSP / ASP submissions.
 
SVA
 
The CSAT 2.0 SVA requires facilities to describe the security measures they have implemented and any vulnerabilities they have identified across five areas: