National activities
- Security Surveys

Pre-opening airport survey

Duration: 3 days
Number of experts: 1
Language : EN, FR

What does it involve?
An expert review of proposed security measures at a new airport facility, ideally well ahead of construction and based on architectural drawings, or alternatively at the construction site. The purpose of the review is to ensure the proposed security measures (passenger and baggage screening, landside security, cargo screening, access control, etc.) meet the required standard in terms of compliance. Additionally, the intention is to assist in incorporating best practice techniques (efficiency and effectiveness), either in the phase of design or in the phase of preparation for operations. Retrofitting effective security, in particular if there has been a time lag of multiple years between the design and construction of an airport facility, has been proven to be up to six times more expensive than if built-in at the design stage and updated as necessary and in line with current best practice. Guidance will therefore aim to incorporate an element of “future-proofing” subject to the constraints of the uncertainties of future requirements. 

Who should participate?
The review will be conducted for the benefit of the Civil Aviation Authority in the Partner State (PS), but should also include management from the lead construction firm or consortium, the lead architects, airport management and representatives from the Airport Operations Committee, as appropriate (depending in particular on the period when the review is conducted). 

What is expected of the Partner State?

  • The PS should ensure the visiting expert has access to the architectural drawings of the proposed facility, as well as the construction site (if work on the site has commenced).;
  • The PS should also help facilitate access to those aspects listed above;
  • Provision of required meeting rooms and where necessary, transport between locations.

How will it work?
The expert will spend 3 working days reviewing the blueprints, examining the construction site and interviewing relevant personnel from the organisations mentioned above. Thereafter the expert will provide the PS with a written report, no later than 10 working days after the visit.

What will be delivered?
The expert’s report will cover the outcome of the security review and will include any recommendations for changes or additions. This will include those relating to the need to achieve the international minimum standards of security and those incorporating best practice in delivering effective, efficient and sustainable security measures. 

What happens afterwards?
The PS may require further assistance, for example in implementing one or more of the recommendations set out in the expert’s report. Depending on the need and on the availability of assistance, the CASE II Project Team can consider adding such assistance to the Country Programme of Action pertaining to the PS. When airport operations actually commence, the CASE II Project may also offer an assessment of some of the related security operations (use of deployed screening technology, land-side security, perimeter surveillance, etc.).

Survey of airport post implementation

Duration: 3 days
Number of experts: 1
Language: EN, FR

What does it involve?
An expert review of proposed security measures at a new airport facility, following an Operational Readiness and Airport Transfer (ORAT) or a change at an airport in relation to major facilities (passenger/cargo processing, MRO facilities, utilities etc.). The purpose of the review is to ensure the new security measures (passenger and baggage screening, landside security, cargo screening, access control, etc.) meet not just the required compliance standards but incorporate best practice in terms of efficiency and effectiveness. The review also seeks to provide an outside perspective such that potential areas for improvement can be identified. Areas for improvement may include: the interface with existing legacy facilities; integration of new equipment and other operational areas; integration of new technology; and overall physical organisation. At this stage, the goal will not be to make major changes to the newly developed facilities but to share relevant experience in their deployment and ORAT programmes. The aim is also to promote the development of a long-term improvement roadmap and to share best use of new technology. Consequently, this promotes the most efficient use of the new facility while supporting the Partner State (PS) to ensure best-in-class security. 

Who should participate?
The review will be conducted for the benefit of the Civil Aviation Authority in the PS, and may include management representation from the airport operator and representatives from the Airport Operations Committee as appropriate (this will depend in particular on the period when the review is conducted).

What is expected of the Partner State?

  • The PS should ensure the visiting expert has access to relevant architectural drawings of the new facility and that high-level descriptions of security facilities pertinent to the survey are provisioned;
  • The visiting expert should be assured access to airport operator and security management representatives;
  • Provision of required meeting rooms and where necessary, transport between locations. 

How will it work?
The expert(s) will spend 3 working days on site reviewing documentation, examining the airport site conditions and interviewing relevant personnel from the organisations mentioned above. Thereafter the expert will provide the PS with a written report, no later than 10 working days after the visit. 

What will be delivered?
The expert’s report will cover the outcome of the review of security and will include any recommendations for changes or additions. Recommendations will include action required in order to secure the international minimum standard of security and guidance on how to incorporate best practice in delivering effective, efficient and sustainable security measures. Furthermore, the report will identify areas of potential improvement and where relevant, will include shared experience relating to the opening of major facilities. 

What happens afterwards?
The PS may require further assistance, for example in implementing one or more of the recommendations reflected in the expert’s report. Depending on the need and on the availability of assistance, the CASE II Project Team can consider adding such assistance to the Country Programme of Action of the PS. At the point at which new airport operations are fully integrated the CASE II Project may also offer an assessment of some of the related security operations (use of the deployed screening technology, landside security measures, perimeter surveillance, etc.).

Peer review of airport security (APEX/ACI)

Duration: 3 days
Number of experts: 1
Language : EN, FR

What does it involve?
A team of experts including representatives from the aviation industry or professional organisations such as ACI will conduct an airport review to identify security gaps and contribute to the development of an action plan to maximise operational efficiency while enhancing the standard of security. The security review may include the following areas:

  • Organisation: organisational set-up; compliance; documentation; risk management;
  • Facilities: perimeter protection; terminal design; access control; screening facilities and equipment;
  • People: recruitment and selection; background checks and vetting; training; sub-contractor management;
  • Procedures: passenger and cabin baggage screening; hold baggage screening; staff screening; guarding and patrolling; incident and crisis management;
  • Quality management: security culture; internal auditing; reporting and monitoring; continuous improvement.

Reviews are tailored to meet the needs of the host airport in accordance with their risk environment and operational circumstances.

Who should participate?
Participation will consist of representatives of the host airport operator and the Civil Aviation Authority in the Partner State (PS). 

What is expected of the Partner State?

  • The PS and airport operator should ensure the team of visiting experts have access to documentation relevant to the areas included in the scope of the survey;
  • The visiting experts should be assured access to airport operator and security management representatives;
  • Provision of required meeting rooms and where necessary, transport between locations.

How will it work?
The expert(s) will provide a pre-review questionnaire which will be used to identify areas requiring specific focus. An assessment of security operations will be made jointly with the host airport and observations and recommendations will be presented on-site and will include the of experience and lessons learnt from other airports. Thereafter the expert team will provide the PS and host airport with a written report, no later than 30 working days after the visit.

What will be delivered?
The expert’s report will cover the outcome of the security survey and will include recommendations for changes or additions. This guidance will include recommendations relating to the need to achieve minimum international security standards as well as best practice in delivering effective, efficient and sustainable implementation of security measures. 

What happens afterwards?
The PS may require further assistance, for example in implementing one or more of the recommendations reflected in the expert’s report. Depending on the need and on the availability of assistance, the CASE II Project Team may consider adding such assistance to the Country Programme of Action of the PS. When airport operations have commenced, the CASE II Project may also offer an assessment of some of the related security operations (use of deployed screening technology, landside security measures, perimeter surveillance, etc.).

Joint assessment of vulnerabilities in landside security

Duration: 5 days
Number of experts: 2-3
Language: EN, FR

What does it involve?
This activity relates to a joint assessment conducted by ECAC-certified assessors and a national expert appointed by the Partner State (PS) consisting of an examination of vulnerabilities in landside security arrangements at a designated international airport within the territory of the PS. The aim is to provide guidance on best practice associated with residual risks identified during the assessment which will assist in strengthening landside security. Areas covered include: design of landside facilities; hostile vehicle mitigation; management of employees in landside areas; contingency planning; airport planning; and physical mitigation measures (the latter being one of the principal areas of focus). As a consequence, existing regulatory frameworks applicable to all the areas described may also be considered. 

Who should participate?
The assessment will involve joint observations and discussions with the security force. This will necessitate the involvement of several agencies responsible for landside operations. Additional input should be provided by the national intelligence agencies responsible for threat assessments and the Civil Aviation Authority. If an Airport Operations Committee is active at the selected airport, its security representatives should also be consulted by the assessment team. A sample of companies doing business in the landside areas at the airport will also be in scope, including their employees and managers. 

What is expected of the Partner State? 

  • Complete and return a Pre-Assessment Questionnaire (PAQ) on landside security to the CASE II Project Team;
  • Nomination of a national expert to join the CASE II experts;
  • Selection of a Point of Contact (PoC) other than the national expert to assist with the activity;
  • Arrange briefing and debriefing meetings to introduce and conclude the assessment and to ensure the attendance of all relevant Government agencies/ departments and operators;
  • Plan provision of required meeting rooms and where necessary, transport between locations;
  • Ensure that the joint assessment team has appropriate flexible access (e.g. provision of access to the airport to observe landside security operations at all hours);
  • Arrange a meeting on day 1 to include national intelligence agencies for the purposes of informing the experts in confidence of the national and local threats to landside areas.

How will it work?
The CASE II Project Team will send the PAQ to the designated PoC in the PS no later than 60 days in advance of the planned activity. No less than 30 days before the activity commences, the PS should return the completed PAQ (to be handled confidentially) and nominate its national expert for the joint assessment team. The exact number experts provisioned via the CASE II Project is dependent on the volume of activity and size of the airport, as informed through the PAQ. Upon arrival, the joint assessment team should spend up to 5 working days observing landside security operations and engaging with the participants mentioned previously. The team should then present its preliminary findings and recommendations during a debriefing meeting with all agencies and operators involved at the end of Day 5. The specific relevant attendees for this debrief are to be determined by the PS. 

What will be delivered?
The report will be sent securely to the PoC and will seek to identify any residual vulnerabilities in the landside security measures observed, along with recommendations on further mitigation, as appropriate. The joint composition of the assessment team will foster the effective transfer of methodologies and techniques between the ECAC-certified vulnerability assessors and the national expert. 

What happens afterwards?
The CASE II Project offers a complementary course to train national assessors in landside security vulnerabilities, which can be added to the Country Programme of Action (CPA) of the PS. If the PS considers benefitting from this training, the participation of the national expert in the assessment team is strongly recommended. Conversely, if the training was received before the assessment, the national expert should, in principle, be selected from among those trainees. Should the PS require any additional assistance, for example in implementing the recommendations made by the assessment team, the CASE II Project Team can consider adding appropriate support to the CPA.

Vulnerability assessment associated with insider threats

Duration: 5 days
Number of experts: 4
Language : EN, FR

What does it involve?
This will be a joint assessment with the Partner State (PS) to examine both the nature of the threat and the current mitigation in place. This will take place at a specified airport within the territory of the PS, so as to identify any potential vulnerabilities. The assessment will also cover issues such as: pre and post-employment back-ground checks; staff screening; staff access control regimes; and recognised best practice associated with legal and regulatory frameworks. 

Who should participate?
As a joint assessment, the PS should ensure its own experts from all relevant agencies participate actively in the activity, including one expert to participate directly as a member of the assessment team. In particular, participants may include individuals from the Civil Aviation Authority, the Ministry of Interior (police) and other law enforcement agencies responsible for aviation security, national intelligence agencies and airport management, as appropriate. 

What is expected of the Partner State?
Ahead of the activity:

  • Appointment of a national point of contact (PoC) for the activity and a national expert to be added to the assessment team;
  • Complete and return a Pre-Assessment Questionnaire (PAQ) to the CASE II Project Team at least 20 working days in advance;
  • Ensure suitable participants.

On arrival of the experts:

  • Ensure that all play an active role in the assessment ensuring, for example, that the experts have sight of all relevant information regarding the nature and level of insider threats, documentation and airport procedures;
  • Provision of a classroom facility, including audio-visual equipment;
  • Provision of full access to the airport and transport between location where required;
  • The assessment team should be granted unrestricted access to formally or informally interview staff engaged with public or private organisations associated with the airport.

How will it work?
The PAQ will be sent by the CASE II Project Team 40 working days ahead of the experts’ arrival and should be completed by the PS no less than 20 working days before the arrival of the assessment team. The joint assessment will be conducted over a period not exceeding 5 working days, unless otherwise agreed by both parties. The assessment will involve a team of 4 experts (3 ECAC-certified vulnerability assessors assigned by the Project team, and the embedded national expert). The joint assessment will assume a residual risk level and decide whether further mitigation is required via background checks and vetting procedures, physical screening and airport access controls, or through changes to the regulatory framework. A comparison will be made with best practice to ensure high standards are achieved and can be sustained. 

What will be delivered?
The CASE II Project will produce a confidential written report to the PS within 20 working days of the joint assessment, covering whether the current mitigation sufficiently meets the threat; whether vetting, screening and access processes are sufficiently robust; and an indication as to the adequacy of the regulatory framework. The report will also, if appropriate, suggest a corrective action plan relating to any or all of these elements. In addition, embedding a national expert in the assessment team will foster an informal, practical transfer of related methodology and best practice in the field of vulnerability assessment on insider threats.

What happens afterwards?
At the request of the PS, the CASE II Project Team can offer mentoring assistance to implement the recommendations contained in the assessment report with a particular focus on the update of background check procedures. Such support can be added to the Country Programme of Action (CPA) previously agreed between the CASE II Project and the PS. The PS may also wish to consider adding the activity consisting of Mentoring on Security Culture (p. 16) to its CPA, if it has not already done do. This will explain how such a culture can actively assist in mitigating insider threats, in addition to embedding a broader approach to security within relevant agencies and operations that is proactive and self-sustaining.