ICAO_Journal_Vol70

< PreviousAviation Security and FacilitationICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION.....................................................................................................................................................................113Security Statistics.............................................................................................................................................................................In 2015, there were 14 acts of unlawful interference during which 403 persons were killed and 6 were injured. This compares with 21 acts of unlawful interference carried out in 2014 during which 334 persons were killed and 44 injured. Of the 14 acts of unlawful interference which took place in 2015, there were 3 each in Asia/Pacific, the Middle East and North America, 2 each in Africa and South America and one in Europe. Chart 1 shows the number of actual and attempted acts of unlawful interference carried out between 2006 and 2015. These include seizures, facility and in-flight attacks, sabotage, and other acts of unlawful interference.Chart 1- Acts of unlawful interferenceChart 2 – Persons killed or injuredICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION...................................................................................................................................................................114.............................................................................................................................................................................The Universal Security Audit Programme (USAP)In February 2002, a high-level Ministerial Conference on Aviation Security convened by ICAO endorsed a global strategy for strengthening aviation security worldwide with an ICAO Aviation Security Plan of Action as its central element. The Plan included regular, mandatory, systematic and harmonized audits to enable the evaluation of aviation security in all Member States. The Plan was adopted by the ICAO Council in June 2002, with the first aviation security audit taking place in November 2002.The first cycle of USAP audits and follow-up visits Between 2002 and 2007, 181 Member States and one Special Administrative Region benefited from the ICAO security audits under the first cycle of the USAP (nine Member States could not be audited during the first cycle due to the United Nations security phase in effect). The objective of the Programme was to promote global aviation security through the auditing of Member States, on a regular basis, to determine the status of the implementation of ICAO Standards and Recommended Practices (SARPs). The USAP first-cycle audits were designed to determine the degree of compliance of a State in implementing Annex 17 Standards, and to measure the extent to which a State's implementation of its aviation security system is sustainable through the establishment of appropriate legislation, national policies and an appropriate aviation security authority provided with inspection and enforcement capabilities. A programme of follow-up visits with respect to the first cycle of audits was initiated in 2005 and completed in 2009. One hundred and seventy-two follow-up visits were conducted in order to validate the implementation of States’ Corrective Action Plans (CAPs) to address the recommendations resulting from the audits and to provide support to States in remedying identified deficiencies. Several States did not receive follow-up visits, either due to their security level, as assigned by the United Nations Department of Safety and Security (UNDSS), to the absence of a CAP, or to the lack of progress in the implementation of the CAP. The follow-up visits revealed significant improvement in the rectification of the deficiencies that were identified during the initial audits. However, a substantial amount of work remained in order to achieve full compliance with all Annex 17 Standards. To be highlighted, in particular, is the need for States to continue their efforts in establishing comprehensive security oversight systems to ensure the effective implementation of national aviation security requirements and the SARPs contained in Annex 17. The second cycle of USAP audits The results of the audit follow-up visits demonstrated that, overall, States had made improvements in meeting their Annex 17 Standards obligations. However, varying levels of improvement were identified from region to region, and, in many cases, from State to State within a region. States having difficulties in addressing deficiencies identified during their audit were offered the opportunity to request assistance from ICAO through the Implementation Support and Development Security (ISD-SEC) Programme in coordination with the Technical Cooperation Programme.Recognizing that the USAP had proven to be instrumental in identifying aviation security concerns and in providing recommendations for their resolution, the ICAO Council moved to ensure the continuation of the USAP following the initial cycle of audits, which ended in 2007. Aviation security audits under the ongoing ICAO USAP second cycle commenced in January 2008 and were completed in June 2013. The primary objectives of the second-cycle audits were to:a) determine the State’s capability for aviation security oversight by assessing whether the critical elements of an aviation security oversight system had been implemented effectively;b) determine the State’s degree of compliance with Annex 17 Standards and the security related provisions of Annex 9;c) assess the State’s adherence to security procedures, guidance material and security related practices associated with the relevant ICAO SARPs; andd) provide recommendations to the audited State on how to improve its aviation security system and security oversight capabilities.A total of 177 audits of ICAO Member States were conducted under the second cycle of USAP audits, as well as an audit of the Macao Special Administrative Region of China and an assessment of the European Commission aviation security inspection system. It should be noted that, as was the case in the first cycle of USAP audits, it was not possible to conduct a second-cycle audit of all ICAO Member States. Some States were not audited due to their security level, as assigned by the UNDSS. In other ICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION.....................................................................................................................................................................115cases, an analysis of first-cycle audit and follow-up mission results, and/or a review of CAPs and information supplied in Pre-Audit Questionnaires (PAQs) identified certain States that would benefit from referral to the ISD-SEC Programme for the provision of appropriate assistance prior to the conduct of a USAP audit.The move to a USAP-CMA In order to prepare for the completion of the second cycle of Universal Security Audit Programme (USAP) audits in 2013, in 2012, ICAO recommended that the Programme move towards a Continuous Monitoring Approach (CMA) specific to aviation security while incorporating risk-management elements. Following approval by the ICAO Council of the plan including a transition period, full implementation of the USAP-CMA began on 1 January 2015.Current statusIn 2015, a total of 26 States were audited under the USAP-CMA during which four Significant Security Concerns (SSeCs) were identified in one State. There are now ten unresolved SSeCs in four States posted on the USAP secure website.In the first half of 2016, ICAO carried out 14 USAP-CMA audits, bringing the total number of USAP-CMA audits conducted to 10 documentation-based and 30 on-site audits. Figure 1 shows the aggregated global audit results of the USAP second cycle and the USAP-CMA at 30 June 2016 measuring the Effective Implementation (EI) of States of the eight Critical Elements (CEs) of an aviation security oversight system.The chart above shows a global average EI of 71.75 per cent over all of the CEs. These results indicate that there is still significant room for improvement and that States’ quality control obligations remain the critical element that is the least effectively implemented. One ICAO Validation Mission took place in 2016, validating actions taken by one State to resolve its Significant Security Concern (SSeC). Over the course of 2016, three new SSeCs involving one State were posted on the USAP secure website, and one SSeC in another State was removed. As at 30 June 2016, there remained twelve unresolved SSeCs in five States.In conclusion, the ICAO USAP has successfully transitioned to the Continuous Monitoring Approach. The engagement of Member States in the USAP-CMA .............................................................................................................................................................................ICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION...................................................................................................................................................................116confirms States’ commitment to implement ICAO security-related Standards and strengthen aviation security. USAP audits continue to play a central role in the identification of deficiencies, providing useful information for the targeting of assistance activities and the development of aviation security policy, thus serving as a catalyst for Member States’ continued efforts to meet their international obligations in the field of aviation security.Nevertheless, the results of both the second-cycle audits and USAP-CMA audits indicate that a number of States continue to experience difficulties in meeting aviation security obligations. Ongoing monitoring of progress made by States in this regard will continue to be provided under the USAP-CMA..............................................................................................................................................................................Additional information on the ICAO Universal Security Audit Programme is available with the online subscription version of this publication.The Universal Security Audit Programme is based on the following nine principles:Sovereignty. Every State has complete and exclusive sovereignty over the airspace above its territory. Accordingly, ICAO fully respects a sovereign State’s responsibility and authority for oversight of aviation security, including its decision-making powers with respect to implementing corrective actions related to identified deficiencies.Universality. All Member States will be subject to continuous audit and monitoring activities by ICAO, in accordance with the principles, methodology, processes and procedures established for conducting such activities, and on the basis of the Memorandum of Understanding (MoU) signed by ICAO and each Member State.Transparency of methodology. The USAP-CMA activity procedures and processes will be made available to all Member States.Timeliness. Results of USAP-CMA activities will be produced and submitted on a timely basis in accordance with a predetermined schedule for the preparation and submission of these results.All-inclusiveness. The scope of the USAP-CMA includes Annex 17 Standards and security-related Standards of Annex 9. It is expected to expand the scope of the USAP-CMA at appropriate times to include other security-related provisions contained in other Annexes to the Chicago Convention, in order to ensure their effective implementation in Member States’ civil aviation systems.Consistency and objectivity. USAP-CMA activities will be conducted in a consistent and objective manner. Standardization and uniformity in the scope, depth and quality of USAP-CMA activities will be assured through training and certification of all auditors, the use of standardized Protocol Questions and the provision of relevant guidance material. Fairness. USAP-CMA activities will be conducted in a manner such that Member States are given the opportunity to monitor, comment on and respond to the USAP CMA processes within an established time frame.Quality. The quality of USAP-CMA activities will be ensured by assigning trained and certified auditors to conduct USAP-CMA activities in accordance with widely recognized auditing concepts, as well as by implementing an internal quality control system within ASA that continually monitors and evaluates feedback received from USAP-CMA stakeholders to ensure their ongoing satisfaction. Confidentiality. Sensitive security information collected as part of the USAP-CMA will be protected from unauthorized disclosure. Accordingly, USAP-CMA audit reports will be confidential and will only be made available to the audited State and ICAO staff on a need-to-know basis. However, in the interests of promoting global aviation security, a limited level of disclosure will apply whereby charts depicting the level of implementation of the Critical Elements of an aviation security oversight system by a Member State and an indication of compliance by a Member State with Annex 17 Standards, as well as information pertaining to the existence of unresolved Significant Security Concerns (SSeCs) in a Member State, will be made available to all Member States on the USAP secure website.ICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION.....................................................................................................................................................................117.............................................................................................................................................................................Securing the Air Cargo Supply Chain - ICAO Regulatory FrameworkThe ICAO regulatory framework for the air cargo secure supply chain has been developed incrementally over a period of time and is set out in a series of Standards and Recommended Practices (SARPs) in Annex 17 Security to the Chicago Convention, supported by guidance material in the Aviation Security Manual (Document 8973 – Restricted). This regulatory framework remains under constant review and is updated periodically to provide the best responses to evolving threats. This section is based on standards and guidance materials in force in July 2016.The framework provides for the following entities in the supply chain:Aircraft operatorsIn principle, as shown in Figure 1, an aircraft operator can bear the entire responsibility of applying security controls, including screening of 100 per cent of cargo and mail before loading on to an aircraft.However, while all passengers and their baggage are screened immediately before departure, this is generally not a practical proposition for all outgoing cargo.The alternative is a secure supply chain, where security controls are applied at the point of origin or at an intermediate point before the airport. This:!respects existing obligations of businesses operating in the air cargo supply chain;!shares costs and responsibilities among all stakeholders and allows cargo to be secured upstream in the supply chain to reduce the burden of security controls imposed on aircraft operators;!facilitates the flow of cargo transported by air and reduces or limits possible delays generated by the application of security controls;!applies appropriate security controls for specific categories of cargo that cannot be screened by the usual means due to their nature, packaging, size or volume; and!preserves the primary advantages of the air transport mode: speed, safety and security.ICAO and its Member States have developed Standards to support the implementation of a secure supply chain through the regulated agent and known consignor regimes. These entities are approved by the appropriate authority and may apply security controls, including screening, upstream in the air cargo supply chain. They ensure that the cargo and mail to be carried on commercial aircraft is protected from unauthorized interference from the point where screening or other security controls are applied until departure of the aircraft.The implementation of the secure supply chain reduces the burden on aircraft operators while facilitating the processing of secure cargo when it arrives at an airport.Regulated agentsA regulated agent is a freight forwarder or any other entity (e.g. ground handler) that conducts business with an aircraft operator and provides security controls that are accepted or required for cargo or mail by the appropriate authority. Once approved as a regulated agent, an entity may conduct security controls for cargo, including the screening of goods (Figure 2). An aircraft operator may receive cargo secured by a regulated agent, which accounts for the security status of consignments.Candidates for regulated agent status must meet specific requirements determined by the appropriate authority. Figure 1 – Security controls applied by aircraft operatorsICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION...................................................................................................................................................................118.............................................................................................................................................................................The regulated agent must develop and maintain a security programme that describes all the security measures implemented on the premises and during all operations to secure cargo and maintain its integrity until delivery to the next entity. Such measures should include, inter alia: access control to secure areas; monitoring of premises; protection and surveillance of cargo against unauthorized access; screening processes; delivery and reception processes; security training for all staff who may access the premises; and monitoring of subcontractors.However, a regulated agent can only maintain the security of a consignment or screen it, and there are some types of cargo that are time-consuming to screen thoroughly. In these instances the implementation of a known consignor regime offers the possibility of conducting effective security controls at the manufacturing/assembly/packing stage.Known consignorsAn entity may act as a known consignor when it originates cargo or mail for its own account and when its procedures meet common security rules and standards sufficient to allow the carriage of cargo or mail on commercial aircraft. Once a known consignor has accounted for the security status of cargo, the consignment may be delivered to a regulated agent, other approved entity, or directly to the aircraft operator, who then takes over the responsibility for keeping it secure until it is loaded on to an aircraft.In order to be designated as a known consignor, an entity such as a manufacturer or assembler should demonstrate compliance with the known consignor security programme under which business will be conducted, as recognized and approved by the appropriate authority or other entity authorized by the State to act on its behalf. Known consignors should apply for designation, approval or listing by the appropriate authority at regular intervals not exceeding five years. Their placement in the supply chain is shown in Figure 3 below.Figure 2 – Security controls applied by regulated agentsFigure 3 – Security controls applied by known consignorsICAO WORLD CIVIL AVIATION REPORTINTERNATIONAL CIVIL AVIATION ORGANIZATION.....................................................................................................................................................................119.............................................................................................................................................................................ScreeningFor aviation security purposes, screening is the application of technical or other means which are intended to identify and/or detect weapons, explosives or other dangerous devices, articles or substances which may be used to commit an act of unlawful interference. ICAO recognizes a range of screening options, including hand search, x-ray and explosives trace detection.The entity that secures the cargo must ensure that screening is carried out using an appropriate means or methods, taking into account the nature of the consignment, as not all means or methods will be suitable for all consignments. Also, some consignments may be categorized as ‘high risk’, for instance on the basis of intelligence information, and should in these circumstances be subject to additional screening or 1other security controls.Consignment Security Declaration (CSD)All along the supply chain, including at transfer points, it is crucial to share information about the security status of cargo and mail to ensure that anything that needs to be secured or re-secured is properly identified and screened.To assure this transmission of information, an entity that renders cargo secure should issue a Consignment Security Declaration that specifies the security status of the cargo and mail and displays other important security information. This is transmitted to each party involved later in the secure supply chain in order for them to apply the appropriate security measures to the consignment and protect it from unauthorized access.The electronic version of the CSD (or eCSD) complements the increasing automation of air cargo processes and allows operators to exchange and store security information electronically.When accepting a consignment, a regulated agent or an aircraft operator will automatically refer to the CSD in order to determine the way to handle, prepare, store and, if necessary, screen the cargo. The CSD should only be issued once the appropriate security controls, have been applied. If no security status is indicated, or no consignment security declaration is issued, it should be deemed that no security controls have been previously applied. The CSD should be completed at each step along the secure supply chain, to indicate that another authorized entity acting within the secure supply chain is taking responsibility for the security status of the cargo.Only entities accredited by a State as regulated agents, known consignors or aircraft operators are entitled to issue or complete such a declaration, and their unique identification number should be recorded, to indicate their responsibility and administrative accreditation. The CSD can be transferred either as a hard copy or in an electronic format.In the express business model, the relevant cargo security information is instead usually available in in-house information technology systems. Postal consignments also usually have different documentation.Additional information on moving air cargo is available with the online subscription version of this document.Currently, the possibilities of electronically analysing shipment related data to identify shipments which may represent a higher risk are under consideration. Any consignments so identified would be subject to additional scrutiny and possibly extra security requirements. Such preloading advance cargo information (PLACI) systems have the potential to provide an additional layer of screening in the future.1Next >