FAQs about Security Controls for Commercial Mailers

B.2.2. is a voluntary mail security initiative from the U.S. Postal Inspection Service, introduced in October 2003, which focuses on national and premier account mailers. The B.2.2 security initiative is designed to reduce the risk of an injurious article being sent through the U.S. Mail by a commercial mail source. The name comes from Appendix B.2.2 of the U.S. Postal Service (USPS) Emergency Preparedness Plan of March 2002, which describes the process of examining and strengthening mail security controls for the commercial mailstream.

Commercial mailers represent 85% of the nation's mail. By examining security controls at large-scale, commercial mailers, we will be better able to protect the American public, postal employees, and members of the mailing industry. The initiative also allows the U.S. Postal Inspection Service to concentrate more security resources on the relatively anonymous collection mailstream.

No. An independent security review of a mailer's production facility by the U.S. Postal Inspection Service will not affect mail acceptance. Under normal conditions, it is not feasible to segregate mail acceptance procedures and processing. Only in an emergency will alternative handling be employed, such as subjecting mail to an extra security procedure before it is entered into the mailstream.

No. Participation in this initiative is voluntary. While there may be delays affecting all mail as a result of extra security procedures, such as screening or testing, the Postal Service is committed to maintaining its delivery standards and universal service.

A Postal Inspector will schedule a visit to your plant after contacting a mailer's USPS account representative. The reviewing Inspector will complete a worksheet with standard questions about security controls in the areas of facility, personnel, cargo, operations, and mail design security. Each question will reveal areas where security can be improved, if needed.

The B.2.2 security control standards were selected for their applicability to the mail industry. Sources included: the Mail Security Task Force, which represents the USPS and mailing industry, the Postal Inspection Service, the American Society for Industrial Security, and the Bureau of Customs and Border Protection. In addition, mailers who volunteered to undergo reviews as part of our pilot program in FY 2003 provided feedback.

A mailer's building, hiring practices, internal operations, cargo and transportation procedures, and mailpiece design will be tested against several security control standards. Depending on the strength of the controls, mailers earn 0, 1, or 2 points for each question. The questions are weighted for their ability to prevent, detect, or support an investigation of a hazardous mailing. Composite, weighted scores will place the mailer into one of five categories: poor (0–19%), fair (20–39%), moderate (40–59%), strong (60–79%) or very strong (80–100%) controls. There is no "passing score." The Domestic Mail Manual will remain the guiding authority on matters of bulk mail acceptance.

Yes. After the review is complete, the Postal Inspector who performed the review will summarize observations and make recommendations, if necessary, in a letter report to the mailer. Follow-up visits are not required.

Management support, employee awareness, and the ability to clearly observe operations are some of the strongest controls needed for security, and all have little or no costs. Accurate recordkeeping is key to providing deterrence and investigative support. Electronic controls can provide a record of operations when human oversight is not possible.

No. Your B.2.2 security score is an independent assessment and should only be used to assess your own security. The results will be shared internally with USPS officials to help make mail acceptance decisions in emergency situations.

Mailer certifications will not be granted by the Postal Service or the Postal Inspection Service as a result of a B.2.2 security review. The review provides only a "snapshot" of security conditions, and some controls are evaluated based on mailer responses. While mailers may publicize the fact that they participate in the B.2.2 security initiative, it is not intended for marketing purposes. Participation means a mailer is a willing partner in making the mailstream safer and more secure. Mailers have demonstrated this by examining and strengthening their security controls and agreeing to independent reviews of their security practices.

We will contact a random sampling of mailers to provide all national and premier accounts with an equal chance of being selected for a B.2.2 security review. There are about 14,000 national and premier account mailers, but only about 200 mailers will be visited during the first year. The average mailer has a 1 in 70 chance of being visited in FY 2004.

We encourage mailers to obtain the B.2.2 security control questionnaire from the U.S. Postal Inspection Service's Internet site https://postalinspectors.uspis.gov/. Click on “Learn more about mail security” to evaluate your security practices and make improvements, if necessary. Some mailers may have in-house security or internal audit staff sufficiently trained to perform this task. If randomly selected for a B.2.2 security review, our visit will serve as an independent verification.

In the short term, Postal Inspectors want to assess the strength of the mail security controls in place for the commercial mailstream. We also want to provide USPS management with information that can support their decision-making in case of an emergency. In the long term, we want to be able to support changes, if needed, to improve security for bulk mail acceptance as published in the Domestic Mail Manual.