|
SEC 1.6.1 The Operator shall have a system for the management and control of documentation and/or data used directly in the conduct or support of operations under the Security Program, to include:
-
A means of identifying the version of operational security documents;
-
A controlled distribution process that ensures the availability of current security documents in areas of the operation where security measures are implemented;
-
Procedures for the identification, dissemination and disposal of security sensitive information;
-
Review and revision as necessary to maintain the currency of information contained in documents;
-
A method for issuing temporary or emergency revisions;
-
Retention of documents that permits reference and accessibility;
-
Identification and control of obsolete and/or reproduced documents;
-
Retention and dissemination of documentation received from external sources . (GM) <
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
Refer to Guidance associated with ORG 2.1.1 located in ISM Section 1.
|
|
SEC 1.6.2 If the Operator utilizes an electronic system for the management and control of any documentation used directly in the conduct of operations under the Security Program, the Operator shall ensure the system provides for a scheduled generation of back-up files for such documents. (GM) <
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
Refer to Guidance associated with ORG 2.1.2 located in ISM Section 1.
|
|
SEC 1.6.3 The Operator shall have processes to ensure documentation used in the implementation of the Security Program: -
Is readily identifiable and accessible to applicable operational personnel;
-
Contains legible and accurate information;
-
Is presented in a format appropriate for use by operational personnel.
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
|
SEC 1.6.4 If the Operator has external service providers conduct outsourced operational security functions, the Operator shall have a process to ensure such external service providers receive information regarding security directives and instructions in a timely manner that meets requirements of the Security Program.
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
|
SEC 1.7.1 The Operator shall have a Security Manual or equivalent document that provides guidance for the implementation of the Security Program(s) to ensure applicable personnel have the direction necessary to implement security measures . (GM)
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
An operator may have more than one security manual (e.g. where flights are conducted into a particular state that mandates a unique security program that is applicable only to operations in that state). All documents comprising an operator’s security manual (or equivalent document) are considered controlled documents..
The content of the security manual (or equivalent document) typically addresses the following subject areas, as applicable to the operator’s type(s) of operations conducted and specific security requirements:
-
Definitions of technical terms associated with the Security Program;
-
Authority and applicability of the Security Program;
-
Recruitment and training of operational security personnel;
-
Security threat assessment;
-
Movement of aircraft and evacuation of passengers following bomb alerts;
-
Security crisis management plans at airports served;
-
Scrutiny of electronic items in the aircraft cabin and in checked baggage (based on threat level);
-
Segregation of departing passengers in airport facilities;
-
Public awareness of security;
-
Detection equipment and technology;
-
Passenger risk assessment and enhanced screening;
-
Security of checked baggage;
-
Screening of checked baggage;
-
Security of cargo, express parcels and mail;
-
One-stop security;
-
Measures for addressing unruly passengers.
|
|
SEC 1.8.1 The Operator shall have a system for the management and control of operational security records to ensure the content and retention of such records is in accordance with requirements of the aviation security authority of the State. (GM) <
|
Documented and Implemented (Conformity)
Documented not Implemented (Finding)
Implemented not Documented (Finding)
Not Documented not Implemented (Finding)
N/A
|
Auditor Comments:
|
|