A report issued on May 14, 2020, by the U.S. Government Accountability Office (GAO) found that the Chemical Facility Anti-Terrorism Standards (CFATS) program CFATS has guidance designed to help the estimated 3,300 CFATS-covered facilities comply with cybersecurity and other standards. Still, the guidance has not been updated in more than ten years, in contrast with internal control standards, which recommend periodic review. CFATS officials stated that the program does not have a process to routinely review its cybersecurity guidance to ensure that it is up to date with current threats and technological advances. Without such a process, facilities could be more vulnerable to cyber-related threats. In the report, the GAO made six recommendations, including that DHS review and update guidance and improve training.