Loading...
compliance

C-TPAT Minimum Security Criteria Self-Assessment

Use this C-TPAT Minimum Security Criteria self-assessment to check perimeter security, access control, personnel screening, and cargo controls in one audit-ready walk-through. It helps you spot deficiencies, assign corrective actions, and document evidence before a customs review.

Fill it now — Free Get Started
Customize with AI → Live preview →

Trusted by frontline teams 15 years of frontline software AI customization in seconds

Built for: Logistics And Warehousing · Manufacturing · Import/export And Freight Forwarding · Retail Distribution · Third Party Logistics

Overview

This C-TPAT Minimum Security Criteria Self-Assessment template is built for facilities that need to verify supply chain security controls before an internal audit, customer review, or C-TPAT validation. It walks the reviewer through governance, perimeter protection, access control, visitor and contractor handling, personnel screening and training, cargo security, and corrective actions in a sequence that matches how a site is actually inspected.

Use it when you need a repeatable internal review of a warehouse, yard, dock, cross-dock, or other cargo-handling location. It is especially useful after a site change, a security incident, a staffing change, or when you want to confirm that procedures are not just written but working in practice. The template is also helpful for multi-site programs that need consistent evidence and comparable findings across locations.

Do not use it as a substitute for the current C-TPAT guidance or for a full enterprise risk assessment. It is a self-assessment tool, not a legal opinion or certification. If your operation has no cargo access, no visitor traffic, or no perimeter controls to review, some sections may need to be adapted rather than used as-is. The strongest results come when the reviewer records observable evidence, notes the exact deficiency, and assigns a corrective action owner and due date for every non-conformance.

Standards & compliance context

  • This template aligns with the C-TPAT Minimum Security Criteria by organizing the controls that customs and supply chain security reviewers typically expect to see documented and operating.
  • The physical security and access control sections support broader expectations found in supply chain security programs and internal control frameworks used by importers, carriers, and warehouse operators.
  • Personnel screening and training fields help demonstrate that security responsibilities are assigned, communicated, and retained in a way that supports audit readiness.
  • Cargo and transport checks can be adapted to match company procedures for seal control, trailer integrity, and shipment reconciliation, which are common expectations in customs security programs.
  • If your operation also falls under other standards or customer requirements, such as ISO 9001, ANSI/ASSP Z10, or site-specific security policies, this template can be expanded to capture those controls without changing the core structure.

General regulatory context for orientation only — verify current requirements with counsel or the relevant agency before relying on this template for compliance.

What's inside this template

Assessment Scope and Program Governance

This section defines what is being reviewed, who owns the program, and whether the assessment covers every relevant site and function.

  • Written C-TPAT security procedures are current, approved, and available to staff (critical · weight 4.0)

    Verify that documented security procedures exist, are controlled, and reflect current operations.

  • Security responsibilities are assigned to a named owner or team (weight 2.0)

    Confirm accountability for C-TPAT implementation, review, and corrective actions.

  • Last internal security review date (weight 2.0)

    Record the most recent self-assessment or internal review date.

  • Assessment scope includes all relevant sites and functions (critical · weight 2.0)

    Confirm the assessment covers facilities, yards, docks, offices, and outsourced processes within scope.

Facility Perimeter and Physical Security

This section checks whether the site boundary, doors, windows, lighting, cameras, and alarms actually protect cargo and access points.

  • Perimeter fencing, walls, or equivalent barriers are intact and free of unauthorized openings (critical · weight 5.0)

    Check for gaps, damage, climb points, or bypass routes around the facility perimeter.

  • Exterior doors, gates, and windows are secured with functioning locks or equivalent controls (critical · weight 5.0)

    Verify that access points close and lock properly and show no signs of tampering.

  • Lighting provides adequate visibility for entrances, docks, yards, and perimeter areas (weight 5.0)

    Assess whether lighting supports detection of unauthorized activity during normal operating and after-hours conditions.

  • Cameras cover critical access points and high-risk cargo areas (weight 5.0)

    Verify CCTV or equivalent monitoring coverage for entrances, exits, loading areas, and storage zones.

  • Security alarms or intrusion detection are functional where installed (weight 5.0)

    Confirm alarm systems are tested, monitored, and documented as operational.

Access Control and Visitor Management

This section matters because weak badge, visitor, contractor, or driver controls are a common path for unauthorized access.

  • Employee access is restricted to authorized areas based on job role (critical · weight 5.0)

    Verify role-based access controls are used for offices, production areas, warehouses, and secure storage locations.

  • Badges, keys, cards, or credentials are issued, tracked, and revoked when no longer needed (critical · weight 5.0)

    Check that access media are controlled and that lost, stolen, or terminated-user credentials are promptly disabled.

  • Visitor sign-in, identification, and escort procedures are followed (critical · weight 5.0)

    Confirm visitors present identification, are logged, and are escorted in restricted areas as required.

  • Contractors and drivers are controlled while on site (weight 5.0)

    Verify temporary personnel and drivers are identified, limited to authorized areas, and supervised where required.

  • Access logs are retained and reviewed for anomalies (weight 5.0)

    Check whether entry logs, badge records, or gate logs are maintained and periodically reviewed for irregular activity.

Personnel Screening and Training

This section verifies that the people with cargo or facility access are screened, trained, and removed from access when roles change.

  • Pre-employment screening is performed for applicable roles (critical · weight 6.0)

    Verify background screening or equivalent vetting is completed where permitted by law and company policy.

  • Security awareness training is completed for employees with cargo or facility access (weight 5.0)

    Confirm training covers recognizing suspicious activity, reporting concerns, and protecting access credentials.

  • Training records are current and retained (weight 4.0)

    Review whether completion records are available for relevant personnel and within required intervals.

  • Termination or transfer procedures revoke access promptly (critical · weight 5.0)

    Check whether badges, keys, system access, and site privileges are removed when employment status changes.

Cargo, Inventory, and Transport Security

This section focuses on the controls that protect shipments, seals, and inventory from tampering, loss, or unauthorized release.

  • Cargo is stored in secure areas with controlled access (critical · weight 5.0)

    Verify that high-value or sensitive cargo is protected from unauthorized access during storage and staging.

  • Inbound and outbound shipments are reconciled against documentation (weight 4.0)

    Check that counts, seals, and shipment documents are reviewed for discrepancies.

  • Trailer, container, or seal integrity checks are performed when applicable (critical · weight 6.0)

    Confirm that seals and transport equipment are inspected for signs of tampering before loading and after receipt.

Findings and Corrective Actions

This section turns observations into accountable remediation by documenting deficiencies, owners, and target completion dates.

  • List all deficiencies or non-conformances identified (weight 2.0)

    Capture each issue observed during the self-assessment, including location and affected control.

  • Corrective actions and target completion dates are assigned (weight 2.0)

    Record the action owner, due date, and remediation plan for each finding.

  • Inspector signature (weight 1.0)

    Signature of the person completing the self-assessment.

How to use this template

  1. 1. Confirm the site scope, reviewer name, review date, and applicable locations or functions before starting the assessment.
  2. 2. Walk the facility in the same order as the template sections and record what you observe, what documents you verify, and where each control is missing or weak.
  3. 3. Check access logs, training records, screening records, and cargo documentation against the actual people, shipments, and areas in scope.
  4. 4. Document each deficiency with a clear description, evidence, risk impact, owner, and target completion date, and attach photos or files where available.
  5. 5. Review the findings with site leadership, assign corrective actions, and close out each item only after the control is corrected and verified.
  6. 6. Save the completed assessment as part of your security record set so it can support internal audits, customer reviews, and C-TPAT validation preparation.

Best practices

  • Inspect the site during normal operations and, when possible, during a busy shift so you can see how access control and cargo handling work under real conditions.
  • Photograph every deficiency at the time of inspection so the evidence matches the condition you observed.
  • Verify that badge, key, and card revocation is tied to termination and transfer events, not just annual cleanup.
  • Check docks, yards, and secondary entrances separately because those areas often have weaker controls than the main lobby or front gate.
  • Review visitor and driver controls for off-hours and weekend operations, not only during staffed business hours.
  • Record the exact location of each issue, such as a specific gate, door, trailer row, or camera blind spot, so corrective action can be targeted.
  • Treat missing training records, expired access lists, and unsecured cargo areas as non-conformances even if the physical site looks orderly.
  • Close the loop on corrective actions by rechecking the fix and documenting verification, not just the planned remedy.

What this template typically catches

Issues teams running this template most often surface in practice:

Perimeter gates or side doors left unsecured during shift changes or break periods.
Visitor badges issued without identity verification, escort tracking, or timely return at exit.
Access cards or keys still active after termination, transfer, or contractor offboarding.
Camera coverage missing at dock doors, yard entrances, or trailer staging areas.
Training records out of date for employees who handle cargo, seals, or restricted access areas.
Inbound or outbound shipments not reconciled to paperwork before release or receipt.
Trailer or container seals not checked consistently, or seal numbers not recorded accurately.
Corrective actions assigned without an owner, due date, or follow-up verification.

Common use cases

Warehouse Security Manager
Use this template to run a monthly or quarterly walk-through of dock doors, yard access, badge controls, and cargo storage areas. It helps the manager document deficiencies before they become repeat audit findings.
Import Compliance Lead
Use this assessment to prepare for C-TPAT validation, customer security questionnaires, or internal governance reviews. It gives the compliance lead a structured way to collect evidence from operations, HR, and site security.
Third-Party Logistics Site Supervisor
Use this template to standardize security checks across multiple customer accounts and shared warehouse spaces. It is especially useful when contractors, drivers, and temporary staff move through the site every day.
Manufacturing Plant Security Coordinator
Use this self-assessment when raw materials, finished goods, or export shipments move through a plant with mixed employee and visitor traffic. It helps separate production controls from cargo security controls.

Frequently asked questions

What does this C-TPAT self-assessment template cover?

It covers the core security areas typically reviewed in a C-TPAT program: governance, perimeter and physical security, access control, visitor management, personnel screening and training, cargo security, and corrective actions. The structure is designed for a site walk-through plus document review, so you can capture both observable deficiencies and program gaps. It is meant to help you verify that controls are in place, working, and documented.

Who should complete this assessment?

A security manager, compliance lead, operations manager, or trained internal auditor usually runs it, with input from warehouse, transportation, HR, and site leadership. The best results come when the person completing it understands the facility layout and the actual flow of people, cargo, and vehicles. For multi-site programs, a central compliance owner can standardize the review while local site leaders provide evidence and corrective action ownership.

How often should this self-assessment be performed?

Most companies run it on a scheduled cadence such as quarterly, semiannually, or annually, then repeat it after major changes like a new site, a security incident, a warehouse expansion, or a change in business partners. The right frequency depends on your risk profile and internal program requirements. If you are preparing for a C-TPAT validation or internal audit, run it early enough to close findings before the review.

Does this template replace the official C-TPAT requirements?

No. It is a self-assessment tool that helps you organize evidence and identify gaps against the Minimum Security Criteria, but it does not replace the official program guidance or your company’s written procedures. Use it to verify implementation and to document corrective actions. You should still review the current C-TPAT guidance and align the checklist to your specific supply chain profile.

What are the most common mistakes people make when using this template?

A common mistake is treating it like a yes/no checklist without recording evidence, which makes it hard to prove what was actually observed. Another is limiting the review to the main warehouse while ignoring yards, docks, contractor access, and off-shift conditions. Teams also sometimes forget to assign a clear owner and due date for each deficiency, which leaves findings open too long.

Can I customize this for multiple sites or business units?

Yes. You can add site-specific sections for yards, cross-docks, bonded areas, high-value storage, or third-party logistics operations, and you can duplicate the template for each facility. Many teams also add role-based fields for site owner, reviewer, evidence links, and local corrective action approver. That makes it easier to compare results across locations while keeping the core criteria consistent.

How does this template support evidence collection and integrations?

The template works well with photo attachments, document links, and corrective action tracking so you can keep inspection evidence in one place. You can also connect it to ticketing or workflow tools for remediation, or to a document control system for procedures and training records. If your team uses spreadsheets or a GRC platform, this structure maps cleanly to those workflows.

How is this better than an ad-hoc security walk-through?

An ad-hoc walk-through often misses repeatable checks, leaves out document review, and produces inconsistent notes from one reviewer to the next. This template gives you a standard sequence, defined sections, and a place to record deficiencies, which makes trends easier to spot over time. It also helps you show that your internal review process is controlled and repeatable.

Related templates

Inspections

ADR Dangerous Goods Transport Document Check

Use this ADR Dangerous Goods Transport Document Check to verify shipment identification, transpor...
Inspections

ADR Driver Certificate and Training Verification

ADR Driver Certificate and Training Verification checks that the assigned driver’s ADR certificat...
Inspections

Annual Emergency Generator Load Bank Test

Annual emergency generator load bank test template for recording NFPA 110 readiness, load bank se...
Inspections

Spray Gun Cleaning Station Compliance Audit

Use this spray gun cleaning station compliance audit to verify the station stays closed during us...
Inspections

Duty Drawback Eligibility and Recordkeeping Review

Review import, export, destruction, and inventory records to determine whether shipments support ...
Forms

Employee Onboarding Form

Employee Onboarding Form for collecting new hire details, tax references, direct deposit, emergen...
Sop

Fire Evacuation Procedure

A fire evacuation procedure that tells each role exactly what to do from alarm to accountability....
Hr Policy

Anti-Harassment & Anti-Discrimination Policy

Anti-Harassment & Anti-Discrimination Policy template for defining prohibited conduct, reporting ...

Go deeper on the topic

Related concepts
  • Predictive Scheduling Law
    Predictive scheduling laws — also called fair workweek laws or secure scheduling — require employers in covered industries to publish employee schedules...
  • Overtime Calculation
    Overtime calculation is the process of applying federal, state, local, and contractual rules to hours worked to determine the correct pay — including...
  • Near-Miss Reporting
    A near-miss is an event that could have caused injury or damage but didn't — a slip that didn't fall, a load that shifted but didn't drop, a machine that...
  • Lockout/Tagout
    Lockout/tagout (LOTO) is the procedure for controlling hazardous energy — electrical, hydraulic, pneumatic, mechanical, thermal, chemical — before...
Related guides

Ready to use this template?

Get started with MangoApps and use C-TPAT Minimum Security Criteria Self-Assessment with your team — pricing built for small business.

Get Started Customize with AI
Ask AI Product Advisor

Hi! I'm the MangoApps Product Advisor. I can help you with:

  • Understanding our 40+ workplace apps
  • Finding the right solution for your needs
  • Answering questions about pricing and features
  • Pointing you to free tools you can try right now

What would you like to know?

AI-generated responses may not be 100% accurate