global security verification report -...

Registration Number : A11359-485263Company : Silver Star Garment LimitedDate of Verification : 20-Sep-2016 Auditor(s) Name : David Yang

Silver Star Garment Limited

Measured Performance - Improved SecurityGlobal Security Verification ReportParticipating Facilities : 16525

Low Risk Priority (86 –100)Meet Expectations

High Risk Priority(0 –75)Urgent Action Required

Medium Risk Priority(76 –85)Further Improvement Needed

Overall Rating

Send Us a secure message. Complete the GSV on-line Compliments and Complaints feedback formContact Us Go Now

http://www.importsecurity.com/OnlineForm/OnlineForm.aspx

Number of buildings 3Distribution: 0Production: 1Warehouse: 0Container yards: 0Other: 2

Export Logistics Facility responsible for the relationships with the following type of logistics :

Logistics/Transportation for shipments to US

FACILITY STRUCTURE

Consolidators: Never

Facility land size: 20000M. Sq.Total facility floor size: 20000M. Sq.Warehouse customs bonded:

NOFree trade zone: NO

Trucks owned By Company: NoPercent of goods exported to US By air: 0%By sea: 100%By rail: 0%By truck: 0%Description of "other" buildings: one dormitory building and one canteen building

Industry: ApparelKey / Main product: JeansCountry of operation: ChinaParticipation in security initiatives: NoDescription of security initiative: Nil

BUSINESS OVERVIEWPermanent: 1250Temporary: 0Overseas / Migrant: 0Total: 1250

Company name: Silver Star Garment LimitedContact name: Mr.Justin LinAddress 1: Guanlu Village,Address 2: Huahu Town, Huilai County,

City: JieyangState: Guangdong

COMPANY INFORMATIONPostal Code: 515200Country: ChinaPhone: 86-663-6628408Fax: 86-663-6514579Email: [email protected]: NilNUMBER OF EMPLOYEES

COMPANY PROFILE

Send Us a secure message. Complete the GSV on-line Compliments and Complaints feedback form 1Contact Us Go Now


Air : NeverSea : NeverRail : NeverLand Carriers: Never

Freight forwarders: AlwaysNVOCC: NeverOther 3rd party logistics providers: Never

Brief description of direct shipments to port process:

Yes, The containers go directly to the port.In-country transport services detail:

Yes, Freight forwarder: Guang Dong Shen Tong Limited and Hua Cheng Xiong Hui Transportation Company, both cooperated from 2008.

Brief Description of the Facility:

Silver Star Garment Limited is located at Guanlu Village, Huahu Town, Huilai County, Jieyang City, Guangdong Province, China. The total land area is about 20000 square meters. They started their operation at the existing location since 2008. The main products manufactured by the facility are jeans. In view of the facilities, one 3-storey building is used as production floor, warehouse, one 3-storey canteen building and one 4-storey dormitory building are used. The exported country is USA . Currently, there are 1250 employees including 250 males and 1000 females.Brief Description of Loading Process for Shipment:

All the sea carriers were delegated by clients and also the facility was not responsible for those client delegated carriers. Freight forwarders were selected by the facility. And the facility conducted full container loading.Brief Description of Sealing Process: The facility used bolt seal and provided certification to show that the seal was ISO/PAS17712 compliant.

The companies used vary routes: Yes, The companies used employ security guards: No, The companies used provide vehicle escort: No, The companies used Global Positioning Satellite (GPS):

No, The companies used truck convoys: No, Required transit time between audited facility to the port/the next supply chain:

Required transit time from facility to the port is 3 hours.CCTV details:

Yes, There are 32 CCTV cameras installed in the facility. The CCTV monitors are installed in office and security room by security guards. The record was kept for 7 days.Security guard force details: Yes, Facility has 13 security guards and manning the facility 24/7.

GENERAL OVERVIEW



Category Name Score Must Do Should Do Best Practice

Records & Documentation 98 1 0 0Personnel Security 85 5 1 9Physical Security 89 7 3 15Information Access Controls 82 5 0 7Shipment Information Controls 100 0 0 1Storage & Distribution 82 5 0 6Contractor Controls 68 1 1 4Export Logistics 67 5 0 3OVERALL 86 29 5 45

I. NUMBER OF NON-COMPLIANCES NOTED IN EACH CATEGORYThe C-TPAT Security Criteria and Security Guidelines indicate that there are must and should requirements. "Must" means that it is a requirement of the program participation. "Should" means that the procedure is considered to be an industry "best practice" however as the program matures, more "shoulds" will become "musts."

Send Us a secure message. Complete the GSV on-line Compliments and Complaints feedback form 3Contact Us Go NowHigh Risk Priority (0-75%) Low Risk Priority(86-100%)Medium Risk Priority(76-85%)


Security SectionsSection/Subsection Score

(0-100)

Records & Documentation 98

Personnel Security 85

Documented Personnel Security Policies/Procedures 100

Personnel Screening 100

Identification System 56

Education/Training/Awareness 100

Physical Security 89

Plant Security 87

Perimeter Security 100

Outside Lighting 100

Container Storage NA

Security Force 100

Access Controls 88

Visitor Controls 79

Entering/Exiting Deliveries 97

Employee/Visitor Parking 100

Production, Assembly, Packing Security 40

Information Access Controls 82

Shipment Information Controls 100

Storage & Distribution 82

Storage 33

Loading for Shipment 85

Contractor Controls 68

Export Logistics 67

OVERALL SCORE 86

II. FACILITY SCORE CARD



Criteria: Compliant/Non-CompliantThe facility does not have a risk assessment program to analyze and identify critical areas of its supply chain that is the most likely targets for infiltration. Non-CompliantThe facility does not use computer software risk-based assessment tool. Non-CompliantThe facility does not have written processes for the selection of their business partners to include a detailed risk assessment. Non-CompliantThe facility does not have a comprehensive risk assessment covering their own facility. Non-CompliantThe facility does not have a comprehensive risk assessment covering point of packing and stuffing. Non-CompliantThe facility does not have comprehensive risk assessment covering contractors. Non-CompliantThe facility does not have a comprehensive risk assessment covering export logistics and at each transportation link within the chain. Non-CompliantThe facility does not conduct a comprehensive risk assessment annually. Non-CompliantThe facility has not adopted the 5 Step Risk Assessment Process Guide in conducting security risk assessment of their supply chain(s). Non-Compliant

III. RISK ASSESSMENT



98% Section: Records & Documentation

Exceptions Noted: Global Freq. of Compliance %

The facility has no documented procedure and/or assessment reports to conduct periodic security checks to ensure that Contractor Controls procedures are being performed properly. 61 %No contractor control was covered.

85% Section: Personnel Security

SubSection: Documented Personnel Security Policies / ProceduresNo exceptions noted

SubSection: Personnel ScreeningNo exceptions noted

SubSection: Identification SystemInternational Supply Chain Security Requirements & CriteriaManagement or security personnel must adequately control the issuance and removal of employee, visitor, and vendor ID badgesAn employee identification system must be in place for positive identification and access control purposesEmployees should only be given access to those secure areas needed for the performance of their dutiesCompanies must have procedures in place to remove identification, facility and system access for terminated employees.


The security staffs is not informed of missing IDs. 61 %Security guard was not informed of such lost.

IDs are not required to access restricted areas 52 %During the facility tour, some employees in the packing, warehouse, loading area and office did not wear the special ID.

IDs do not specify access for loading/unloading/packing dock areas 50 %During the facility tour, some employees in the packing, warehouse, loading area and office did not wear the special ID.

IDs should specify access for loading/unloading/packing dock areas by color coding 40 % List of terminated employees is not given to security to deny access to facility. 73 %

No such name list was given to security guards. Guards do not check employees ID to monitor access to the restricted areas 37 %

No such monitor in the restricted area.

IV. OPPORTUNITIES FOR IMPROVEMENTSThe following sections includes all exceptions noted during the on-site audit. Each exception is color coded to indicate the severity as indicated in the C-TPAT criteria for foreign manufacturers.

Must Do Should Do Best Practices Informative



SubSection: Education / Training / AwarenessNo exceptions noted 89% Section: Physical Security

SubSection: Plant SecurityInternational Supply Chain Security Requirements & CriteriaAlarm systems and video surveillance cameras should be utilized to monitor premises and prevent unauthorized access to cargo handling/storage areas


The facility does not have Access Control Program that includes an inventory process to account for all keys/access cards. 62 %No such inventory was conducted.

The facility does not have an intrusion detection or an alarm system 36 %No such system was installed in the finished-good warehouse.

SubSection: Perimeter SecurityNo exceptions noted

SubSection: Outside LightingNo exceptions noted

SubSection: Security ForceNo exceptions noted

SubSection: Access ControlsInternational Supply Chain Security Requirements & CriteriaAccess controls must include the positive identification of all employees, visitors, and vendors at all entry points / Procedures must be in place to identify, challenge, and address unauthorized/unidentified personsAlarm systems and video surveillance cameras should be utilized to monitor premises and prevent unauthorized access to cargo handling and storage areas.


Recordings (e.g., tapes or electronic files) are not kept for a minimum of 30 days or according to client specific requirement, whichever is longer. 47 %The record only kept for 7 days.

Employees are not observed by and/or subject to security inspection when entering the building 57 %No such inspection was conducted.

SubSection: Visitor ControlsInternational Supply Chain Security Requirements & CriteriaAccess controls must include the positive identification of all employees, visitors, and vendors at all entry pointsVisitors must present photo identification for documentation purposes upon arrival.




Photo identification is not required of all visitors. 59 %During the onsite tour, no photo identification for some visitors was required.

A visitor's log which records entries and exits is not maintained 79 %No escort name logged in the records.

SubSection: Entering / Exiting DeliveriesInternational Supply Chain Security Requirements & CriteriaWritten procedures must stipulate how seals are controlled and affixed to loaded containers, including recognizing and reporting compromised seals and/or containers to local Customs authorities


There is no documented procedure to verify seal number against facility documentation when the container/trailer is turned over to the next supply chain link (including trucks and closed vans). 67 %No such verification when turned over to the next supply chain link.

SubSection: Employee / Visitor ParkingNo exceptions noted

SubSection: Production, Assembly, Packing SecurityInternational Supply Chain Security Requirements & CriteriaMeasures must be in place to ensure the integrity and security of processes relevant to the transportation, handling, and storage of cargo in the supply chainEmployees should only be given access to those secure areas needed for the performance of their duties / Procedures must be in place to identify, challenge, and address unauthorized/unidentified persons


There are no security measures in place to prevent the introduction of foreign material(s) into the assembly area 77 %No such control was noted on site.

There are no security measures in place to prevent the introduction of foreign material(s) into the packing area 77 %No such control was noted on site.

Employee access is not limited to the relevant areas of responsibility 77 %No such access limitation.

82% Section: Information Access Controls

International Supply Chain Security Requirements & CriteriaProcedures must be in place to ensure that all information used in clearing merchandise/cargo is legible, complete, accurate, and protected against the exchange, loss or introduction of erroneous information. Documentation control must include safeguarding computer access and information


The facility does not have documented procedures for identifying which employees are allowed access to electronic information systems. 84 %Send Us a secure message. Complete the GSV on-line Compliments and Complaints feedback form 8Contact Us Go NowHigh Risk Priority (0-75%) Low Risk Priority(86-100%)Medium Risk Priority(76-85%)


No relevant written procedure addressing these access rights. The facility does not have documented procedures for identifying which employees are allowed access to shipping forms 78 %

No relevant written procedure addressing these access rights. The facility does not have documented procedures for identifying which employees are allowed access to shipping data 78 %

No relevant written procedure addressing these access rights. The facility does not have documented procedures for identifying which employees are allowed access to shipping/cargo movement data 78 %

No relevant written procedure addressing these access rights. There is no system in place to suspend a login user ID after three failed access attempts 41 %

There was no such setting in the computer. 100% Section: Shipment Information Controls

No exceptions noted 82% Section: Storage & Distribution

SubSection: Storage


The facility does not have fencing or other barrier materials to enclose cargo handling and storage areas to prevent unauthorized access. 51 %No barrier material was used to enclose cargo handling or storage area.

SubSection: Loading for ShipmentInternational Supply Chain Security Requirements & CriteriaProcedures must be in place for reporting and neutralizing unauthorized entry into containers or container storage areas / Employees should only be given access to those secure areas needed for the performance of their duties / Procedures must be in place to identify, challenge, and address unauthorized/unidentified personsContainer integrity must be maintained to protect against the introduction of unauthorized material/person(s) / Procedures must be in place to identify, challenge, and address unauthorized/unidentified personsProcedures must be in place for reporting and neutralizing unauthorized entry into containers or container storage areas


The loading dock access is not restricted to authorized personnel only 63 %The loading area was not restricted to authorized personnel only.

There are no security controls in place to prevent the introduction of foreign materials at point of loading 71 %No such control was noted on site.

Cargo handling and storage areas are not secured with perimeter walls, fencing or other barrier materials to prevent unauthorized access. 50 %No such measure was provided.



The loading and departure of containers/trailers is not captured on CCTV and/or does not provide adequate views of loading activities and inside container and/or the recording is kept for 30 to 45 days (applicable to trucks and closed vans). 44 %The CCTV record only kept for 7 days.

68% Section: Contractor Controls

International Supply Chain Security Requirements & CriteriaForeign manufacturers must ensure that business partners develop security processes and procedures consistent with the C-TPAT security criteria to enhance the integrity of the shipment at point of origin, assembly or manufacturing. Periodic reviews of business partners’processes and facilities should be conducted based on risk, and should maintain the security standards required by the foreign manufacturer.


Contractors are not retained through legally binding contracts 89 %Contracts for some contractors were not provided for review.

The facility does not require its contractors to conduct self-assessment of their security policies and procedures and to share the results of those assessments with the facility 31 %The self-assessment was not required for some contractors.

67% Section: Export Logistics

International Supply Chain Security Requirements & CriteriaForeign manufacturers must have written and verifiable processes for the selection of business partners including, carriers, other manufacturers, product suppliers and vendors (parts and raw material suppliers, etc).For those business partners eligible for C-TPAT certification (carriers, importers, ports, terminals, brokers, consolidators, etc.) the foreign manufacturer must have documentation (e.g., C-TPAT certificate, SVI number, etc.) indicating whether these business partners are or are not C-TPAT certified.


When selecting carriers, the facility does not consider the carriers' financial stability 57 %No such records for one carrier.

When selecting carriers, the facility does not consider the carriers' corporate history 68 %No such records for one carrier.

The facility does not require eligible and/or ineligible carriers to demonstrate security compliance standards. 28 %No such record was provided for review.

The facility does not have written or electronic confirmation of its partners' compliance with C-TPAT or C-TPAT-equivalent security criteria (e.g., contract language, a letter of commitment signed at the management level or above, signed acknowledgement of receiving the facility's C-TPAT participation announcement). 0 %No C-TPAT or eligible record was provided for review.

Facility does not conduct periodic unannounced security check to ensure that transport company is in compliance with the contract. 28 %No such record was provided for review.



NS Section: Transparency In Supply Chain Not Scored


There is no documented system in place to ensure that management is informed of and investigates all anomalies found in shipments including human trafficking. 46 %No such procedure or record.

There is no documented cargo verification procedure in place to prevent unmanifested cargo and/or illegal aliens from being loaded. 60 %No such procedure or record.

The facility does not conduct on-site inspections of the contractors' implementation of the their security standards/procedures that includes compliance with human trafficking and slavery policies. 19 %No such procedure or record.

The facility does not require its contractors to conduct self-assessment of their security policies and procedures including status of their compliance with human trafficking and slavery policies and share the results of those assessments with the facility. 15 %No such procedure or record.

The facility does not have written or electronic confirmation of its partners' compliance with Business Transparency on Human Trafficking and Slavery Act (e.g., contract language, a letter of commitment signed at the management level or above, signed acknowledgement of receiving the facility's participation announcement).18 %

No such procedure or record. The facility does not have written security standards and documented procedures for selection of its contractors (contracts, manuals, etc.) and handling contractors failing to meet company standards regarding security and slavery and trafficking. 23 %

No such procedure or record. There is no written security awareness program covering awareness of current terrorist threat(s), human trafficking, smuggling trends, and seizures in place to ensure employees understand the threat posed by terrorist at each point of the supply chain. 24 %

No such procedure or record. NS Section: Risk Assessment Not Scored


The facility does not have a risk assessment program to analyze and identify critical areas of its supply chain that is the most likely targets for infiltration. 12 %No such program in facility

The facility does not use computer software risk-based assessment tool. 6 % The facility does not have written processes for the selection of their business partners to include a detailed risk assessment. 10 % The facility does not conduct a comprehensive risk assessment annually. 11 % The facility has not adopted the 5 Step Risk Assessment Process Guide in conducting security risk assessment of their supply chain(s). 6 % The facility does not have a comprehensive risk assessment covering their own facility. 15 %

No



The facility does not have a comprehensive risk assessment covering point of packing and stuffing. 13 %No

The facility does not have comprehensive risk assessment covering contractors. 11 %No

The facility does not have a comprehensive risk assessment covering export logistics and at each transportation link within the chain. 11 %No



Existing Best Practices:

Section: Personnel Security Criminal record checks are conducted Drug screening checks are conducted Other type of checks such as criminal record checks are conducted on all employees Periodic drug screening checks are conducted. Personnel are encouraged to report irregularities through Suggestion Box Personnel are encouraged to report irregularities through Phone Number/Hotline The facility provides training in local language or language understood by employees of different origin. The facility performs emergency response mock drills.Section: Physical Security The lighting system has an emergency power source/generator Access to the lighting switches is restricted to only authorized personnel. Lights are illuminated automatically. Gates are monitored during operating hours by guards at the gate Gates are monitored during operating hours by CCTV Gates are monitored by guards during non-operating hours Gates are monitored by cameras during non-operating hours For conveyance entries/exits, logs are maintained with name of the guard Parking lots for visitors and employees are separated Visitor and employee personal vehicle parking lots are monitored by security guards during facility operating hours. The company requires the use of visual identification for employee parking The facility has digital cameras as part of surveillance. The facility has motion activated cameras as part of surveillance. Advance notice is required for a pick-up or delivery transport company. The gate security or a designated facility manager performs truck outbound inspection and the results are recorded in an Outbound Vehicle Log. The facility have an automatic intrusion detection or alarm system installed in those areas of the perimeter of the facility that are inaccessible to security patrols. The intrusion alarm system is equipped with audible alarm that provides alert to gate security or central security command center. Guards receive specific training in General Security. Guards receive specific training in Site-Specific. Guards receive specific training in C-TPAT.

V. BEST PRACTICES AND RECOMMENDED BEST PRACTICESCBP describes Best practices as innovative security measures that exceed the C-TPAT minimum security criteria and industry standards.The following are a list of best practices this supplier has implemented.



All visitors given are safety and security pamphlet and/or visitors ID which lists general company safety and security rules that need to be followed while on the premises. Corrective actions are taken when missing visitor badges are identified. A log is maintained with Driver's license number.Section: Information Access Controls Facility implemented into its network system anintrusion warning system and/or virus protection The facility provides different level of access rights to employees according to their roles. Employees are required to sign a Non-Disclosure Agreement (NDA) to secure and protect Company's information.Section: Shipment Information Controls Information requirements for shipments are automated The facility have electronic access control system to secure sensitive trade documents.Section: Storage & Distribution The facility keeps records of seal numbers together with the name of person using the seal and date of use of seal. Container/trailer loading process is monitored by security or a supervisor. Empty containers are inspected by the gate guards upon entry to the facility. The facility obtains copy of Container Interchange report and review it to ensure that it has been inspected by the forwarder prior to delivery to the facility. Loaded containers/trailers' final inspection is conducted. The facility receives approval from the importer/buyer before cargo can be loaded into a container. The container/trailer loading process monitored by more than one personnel including security and supervisor. The seal verification and inspection process includes the following VVTT procedure: Verify seal number. Multiple seals or security devices are used on each container/trailer.Section: Contractor Controls The facility require assigning an ID badge to a contractor’s employee that enters the premises. The facility terminates service with non-compliant contractors. The facility communicates its security policies to its contractors. The facility communicates the company's security policies through: publication. The facility communicates the company's security policies through: electronic advertisement.Section: Export Logistics The facility has a procedure for in-country carriers to report security violations to facility’s management Cargo trucks are monitored and checked every hour. There is a written procedure in place to identify/inquire if trucks are late for their scheduled appointment. The facility utilizes a progress control system to monitor the status of up its cargo delivery (including contracted in-country transport).Recommended Best Practices:

Section: Personnel Security IDs should specify access for loading/unloading/packing dock areas by Numeric coding IDs should specify access for loading/unloading/packing dock areas by Map coding IDs should specify access for loading/unloading/packing dock areas by electronic coding



The facility should have a process in place to publicize the security procedures throughout the facility (i.e. posters, bulletin boards, etc) The facility should provide online training portal. The facility should provide Certificate of Completion and/or similar recognition to all employees who attended the training. A security awareness assessment should be given annually to a random sample of employees to gauge their understanding of the company's general security policy. Photos of authorized employees to access the restricted areas should be posted in the work area to detect any unauthorized entry/access. Personnel should be encouraged to report irregularities through Email HotlineSection: Physical Security The facility should have a back-up power source for the alarm system The alarm system or intrusion detection system should be tested regularly. Violations to the alarm system should be reported Gates should be monitored during operating hours by patrolling guards Gates should be monitored during operating hours by motion detectors Gates should be monitored during non-operating hours by patrolling guards Gates should be monitored during non-operating hours by motion detectors Vendors should be required advance information before visiting the facility premises The facility should maintain an up-to-date list of names and addresses of all contractor (e.g., canteen staff), vendor, repair personnel. Visitors should be subject to metal detector and/or scanner screening. Visitors should be subject to X-ray of their personal belongings. Vehicles should be prohibited/prevented from parking near perimeter fencing. The facility should require the use of visual identification for visitor parking. The emergency contact numbers should be posted in the security posts and command center. Pilfer or tamper proof packaging and tapes should be utilized to secure the goods.Section: Information Access Controls The facility should conduct review of access rights to safeguard electronic business data. Access to the data should be protected from being copied, altered, tampered or deleted. Each office workstation should contain a photo of the employee who is assigned to that work area to detect any unauthorized computer terminal usage. The facility should limit use of VPN to access company's network directory. Security warning message should be displayed when guest are given access to company's internet access. USB ports and external drives should be disabled/sealed to prohibit copying of company information. Visitors should be required to declare all electronic equipment entered in the facility.Section: Shipment Information Controls Facility should conduct review of shipment information and documentation controls to verify accuracy and security at least every six monthsSection: Storage & Distribution Facility should have a procedure that seals are affixed to the right door of the container/trailer on the hasp that has the welded rivet.



Facility should have a procedure that after the seal is affixed to the container, there is an authorized employee who should make sure that the seal is secure by pulling down on it. The seal verification and inspection process includes the following VVTT procedure: View seal and container locking hardware. The seal verification and inspection process should include the following VVTT procedure: Tug on seal to make sure it's on right. The seal verification and inspection process should include the following VVTT procedure: Twist and turn seal to make sure it doesn't unscrew. There are signs posted at each of the loading doors with pictures and examples of the correct seal verification and inspection process.Section: Contractor Controls The facility should implement a corrective action process for non-compliance found during on-site inspections of the contractors. The facility should require its contractors to participate in security awareness training. The facility should provide periodic security awareness training to all of the contractors. The facility should communicate the company's security policies through internet websites (homepage contains information and/or link of C-TPAT and other security standards).Section: Export Logistics The carrier should have intermediate staging/rest period/layover of cargo conveyances prior to reaching the consolidation center/port/border The facility’s written agreement with their transport company should indicate preferred transit route(s) used by the driver, the allowable transit time limit, designated rest/meal stop locations and a process for a driver to report a container or trailer security issue. The facility should conduct a security review of their transport company to ensure compliance with the contract.



Last Assessment (Not Applicable) First Assessment (30-Mar-2010)Current Assessment (20-Sep-2016)

Advancers DeclinerConstant

Why Performance Trend Analysis Matter?Investors in the international supply chain look closely at trends to make a judgment about the current and future direction of a businesspartners performance. It is often easier to determine how best to support the development and implementation of measures for enhancing business performance, by looking at a chart of performance trends over a period of time, in relation to the performance traits of similar such enterprises operating within like industries. Mutual understanding of cause and effect is an important first step toward achieving a shared objective of continuously enhancing performance and building stronger business partner relationships.

Section Name Current Last First Change(Current-Last) Change(Current-First)Records & Documentation 98 Not Applicable 68 Not Applicable 44 %Personnel Security 85 Not Applicable 89 Not Applicable -4 %Physical Security 89 Not Applicable 87 Not Applicable 2 %Information Access Controls 82 Not Applicable 72 Not Applicable 13 %Shipment Information Controls 100 Not Applicable 100 Not Applicable 0 %Storage & Distribution 82 Not Applicable 72 Not Applicable 13 %Contractor Controls 68 Not Applicable 62 Not Applicable 9 %Export Logistics 67 Not Applicable 70 Not Applicable -4 %Overall Score 86 Not Applicable 81 Not Applicable 6 %

VI. PERFORMANCE TREND ANALYSIS



Criteria Facility Challenges: Facility performance ranks in the bottom percentile of the population Global Freq. of Compliance%Must Do Contractors are not retained through legally binding contracts 89%Must Do The facility does not have documented procedures for identifying which employees are allowed access to electronic information systems. 84%

Must Do A visitor's log which records entries and exits is not maintained 79%Must Do There are no security measures in place to prevent the introduction of foreign material(s) into the packing area 77%

Must Do There are no security measures in place to prevent the introduction of foreign material(s) into the assembly area 77%

Must Do List of terminated employees is not given to security to deny access to facility. 73%Must Do There are no security controls in place to prevent the introduction of foreign materials at point of loading 71%Must Do When selecting carriers, the facility does not consider the carriers' corporate history 68%Must Do The loading dock access is not restricted to authorized personnel only 63%Must Do The facility does not have Access Control Program that includes an inventory process to account for all keys/access cards. 62%

Criteria Facility Strengths: Facility performance ranks in the top percentile of the population and/or has implemented a best practice process

Global Freq. of Compliance%Must Do There is a system in place to review periodically and maintain daily security logs for invalid password attempts and file access 34%

Must Do Reference checks are conducted 41%Should Do Guards or security personnel with no other assignments monitor CCTVs. 44%Must Do Security guidelines for hiring are evaluated periodically to ensure their effectiveness 47%Should Do Employment history checks are conducted 49%Must Do The facility does not have adjoining/overhanging structures or foliage which would potentially facilitate illicit entry over the fenced areas into the facility 49%

Should Do Periodic and follow-up background checks are conducted on employees based on circumstances and/or sensitivity/scope of employee responsibility. 50%

Must Do Each month facility management reviews and approves a list of employees with special access to controlled or sensitive areas 55%

Should Do The facility has a process in place requiring all personnel to participate in the security awareness program 56%Must Do The facility has documented security improvement action plan summarizing identified vulnerabilities and their relevant corrective actions 56%

VII. KEY STRENGTHS AND CHALLENGES



VIII. COMPARISON BENCHMARK



1.Facility Photo

2.Facility Entrance

3.Perimeter Fencing

FACILITY PHOTOS FOR SILVER STAR GARMENT LIMITED



4.Facility Building

5.Employee Parking

6.Visitor Parking



7.Outside Lighting

8.Security Room- Communication Equipment

9.CCTV system and monitor



10.Packing Area

11.Finished Goods Warehouse

12.Loading Area



13.Facility Name

14.Employee ID Badge

15.Container Manifest and Inspection Record



16.Visitor's ID Badge

17.Shipping Logs

18.Shipping Documents



19.Non-Compliance Issues



DISCLAIMER

This report is for the exclusive use of the client of Intertek named in this report (“Client”)and is provided pursuant to an agreement for sevices between Intertek and Client (“Client Agreement”).No other person may rely on the terms of this report. This report provides a summary of the findings and other applicable information found/gathered during the audit conducted at the specified facilities on the specified date only. Therefore, this report does not cover, and Intertek accepts no responsibility for, other locations that may be used in the supply chain of the relevant product or service. Further, as the audit process used by Intertek is a sampling exercise only,Intertek accepts no responsibility for any non-compliant issues that may be revealed relating to the operations of the identified facility at any other date.Intertek's responsibility and liability are also limited in accordance to the terms and conditions of the Client Agreement.Intertek assumes no liability to any party, for any loss, expense or damage occasioned by the use of this information other than to the Client and in accordance with the Client Agreement and these disclaimers. In case there is any conflict between the disclaimers stated herein and the applicable terms and conditions of Intertek incorporated into the Client Agreement, then these disclaimers shall prevail.

