Management and Accountability

1. Establish Written System Security Programs and Emergency Management Plans:
   
   
   1. Ensure that Security and Emergency Management Plan(s) is/are signed/approved by senior level management
   2. Review plans at least annually and update as circumstances warrant
      
   3. Ensure the Security and Emergency Management Plan(s) integrate visibility, randomness, and unpredictability into security deployment activities to avoid exploitable patterns and to enhance deterrent effect
      
   4. Establish and maintain standard security and emergency operations procedures (SOPs/EOPs) for each mode operated, including procedures for operations control centers
      
   5. Establish plans and protocols that address specific threats from (i) Improvised Explosive Devices (IED), (ii) Weapons of Mass Destruction, and (iii) other high consequence risks identified in transit risk assessments
      
   6. Apply security design and crime prevention criteria through environmental design (CPTED) for major capital construction projects, system modifications, and procurements
      
   7. Ensure the Security and Emergency Management Plan(s) address(es) Continuity of Operations
      
   8. Ensure the Security and Emergency Management Plan(s) address(es) Business Recovery
      



Related Documents

Recommended Practice for a Continuity of Operations Plan September 2008, Page 9   Recommended Practice for Security & Emergency Management Aspects of Special Event Service September 2008, Page 10   Public Transportation System Security and Emergency Preparedness Planning Guide, Federal Transit Administration, January 2003, Page 10   System Security and Emergency Preparedness Program Plan Template, Federal Transit Administration, January 2003   NFPA 1600: Standard on Disaster/Emergency Management and Business Continuity Programs, National Fire Protection Association, 2007, Page 7   Critical Incident Management Guidelines, Federal Transit Administration, July 1998   Transit Security Design Considerations, Federal Transit Administration, November 2004



2. Define roles and responsibilities for security and emergency management.  
   
   
   1. Assign Security and Emergency Management Programs to (a) Senior Level Manager(s)
   2. Maintain a current record of the name and title of the Primary and Alternate Security Coordinator (includes Security Directors and Transit Police Chiefs)
      
   3. Ensure that Security Coordinators report to senior level management
      
   4. Maintain accurate contact information for Security Coordinators and ensure they are accessible by telephonic and electronic communications means at all times
      
   5. Ensure that management defines and delegates security duties to front line employees
      
   6. Ensure that security and emergency management plan(s) is/are distributed to appropriate departmental personnel in the organization
      
   7. Hold regular senior staff and middle management security coordination meetings
      
   8. Hold informational briefings with appropriate personnel whenever security protocols are substantially updated
      
   9. Establish lines of delegated authority/succession of security responsibilities and inform personnel
        
      

Related Documents
System Security and Emergency Preparedness Program Plan Template, Federal Transit Administration, January 2003, Section 4 - Program Roles and Responsibilities



3. Ensure that operations and maintenance supervisors, forepersons, and managers are held accountable for security issues under their control
   
   
   1. Hold regular supervisor and foreperson security review and coordination briefings
      
   2. Develop and maintain an internal security incident reporting system
      
   3. Ensure that a Security Review Committee (or other designated group) regularly reviews security incident reports, trends, and program audit findings, and makes recommendations to senior level management for changes to plans and processes
       
    

Related Documents
System Security and Emergency Preparedness Program Plan Template, Federal Transit Administration, January 2003, Section 4 - Program Roles and Responsibilities



4. Coordinate Security and Emergency Management Plan(s) with local and regional agencies

1. Coordinate with Federal and State governmental entities associated with public transportation security ( example: STSI Area Office, State Office of Homeland Security, FTA Regional Office, JTTF, Office of State Safety Oversight etc) in the regional area of the transit agency
   
2. Ensure consistency with the National Incident Management System (NIMS) and the National Response Plan (NRP)
   
3. Establish Memorandums of Agreement or Mutual Aid Agreements with local government, fire, police and other entities with shared infrastructure (example: other transit agencies or rail systems)
   
4. Maintain communications interoperability with first responders with security responsibilities in the transit system's regional area

Security and Emergency Response Training

5. Establish and Maintain a Security and Emergency Training Program
   
   
   1. Provide ongoing basic training to all employees in i) security orientation/ awareness and ii) emergency response
      
   2. Provide ongoing advanced i) security and ii) emergency response training by job function, including actions at incremental Homeland Security Advisory System (HSAS) threat advisory levels, to:
      
      • Field Supervisors
        
      • Controllers/Dispatchers
        
      • Fare Inspectors
        
      • Law Enforcement personnel
        
      • Operators
        
      • Maintenance personnel
        
        • Field personnel
          
        • Vehicle personnel
          
   3. Provide ongoing advanced security training programs for transit managers, including but not limited to CEOs, General Managers, Operations Managers, and Security Coordinators (includes Security Directors and Transit Police Chiefs)
      
   4. Regularly update security awareness, emergency response, and counterrorism training materials to address (i) Improvised Explosive Devices, (ii) Weapons of Mass Destruction and (iii) other high consequence risks identified through the transit agency's system risk assessments
      
   5. Ensure that security training programs reinforce security roles, responsibilities, and duties of employees, and ensure proficiency in their performance.
      
   6. Ensure security training programs emphasize integration of visible deterrence, randomness, and unpredictability into security deployment activities to avoid exploitable patterns and heighten deterrent effect
      
   7. Establish a system that records personnel training in i) security and ii) emergency response
      
      • Initial training
        
      • Recurrent training (periodic, refresher)
        
      • Establish and maintain a security notification process to inform personnel of significant updates to security and emergency management plans and procedures
        
        

Related Links
Transportation Safety Institute National Transit Institute FLETC (Federal Law Enforcement Training Center, Department of Homeland Security) DHS-approved Training Courses for the Transit Security Grant Program

Homeland Security Advisory System (HSAS) 

6. Establish plans and protocols to respond to the DHS Homeland Security Advisory System (HSAS) threat levels

1. Security and emergency management plans and procedures should identify incremental actions to be implemented at each HSAS threat level
   
2. Exercises should test implementation of the preventive measures for each HSAS threat level, including random application of security measures
   

Public Awareness

7. Implement and Reinforce a Public Security and Emergency Awareness program
    
   • Develop and implement a public security and emergency awareness program
     
   • Prominently display security awareness and emergency preparedness information materials throughout the system (e.g., channel cards, posters, fliers)
     
   • Incorporate general security awareness and emergency preparedness into public announcement messages (security messages and evacuation procedures)
     
     • In stations (electronic message boards, voice)
     • On board vehicles
       
   • Post security awareness and emergency preparedness information on the transit agency website
     
   • Ensure security awareness materials and announcements emphasize the importance of vigilance and provide clear direction to the public on reporting of suspicious activities
     
   • Vary the content and appearance of messages to retain public interest
     
   • Increase the frequency of security/emergency awareness activities (e.g. public address announcements) as the HSAS threat advisory level is raised
     
   • Issue public service announcements in local media (e.g. newspaper, radio and/or television)
     
   • Provide volunteer training to the public for system evacuations and emergency response

Drills and Exercises

8. Conduct Tabletop and Functional drills
    
   
   1. Conduct tabletop exercises at least every six months to exercise system security programs and emergency management plans
      
   2. Participate as an active player in full-scale, regional exercises held at least annually
      
   3. Coordinate with regional security partners, including Federal, State, and local governmental representatives and other affected entities (example: other transit agencies or rail systems) to integrate their representatives into exercise programs
      
   4. Exercise plans and procedures for threat scenarios involving (i) improvised explosive devices (IEDs), (ii) weapons of mass destruction (WMD), and (iii) other high consequence risks identified through the transit agency's system risk assessments
      
   5. Conduct de-briefings for tabletop and full scale exercises
      
   6. Develop after-action reports and review results of all tabletop and full scale exercises
      
   7. Update plans, protocols and processes to incorporate after-action report findings, recommendations, and corrective actions

Risk Management and Information Sharing

9. Establish and use a Risk Management Process to assess and manage threats, vulnerabilities and consequences (Note: Risk management includes mitigation measures selected after risk assessment has been completed)
   
   
   1. Establish a risk management process that is based on a system-wide assessment of risks and obtain management approval of this process
      
   2. Ensure proper training of management and staff responsible for managing the risk assessment process
      
   3. Update the system-wide risk assessment whenever a new asset/facility is added or modified, and when conditions warrant (e.g. changes in threats or intelligence)
      
   4. Use the risk assessment process to prioritize security investments
      
   5. Coordinate with regional security partners, including Federal, State, and local governments and entities with shared infrastructure (example: other transit agencies or rail systems), to leverage resources and experience for conducting risk assessments (example: leverage resources such as the Security Analysis and Action Program operated by TSA's Surface Transportation Security Inspectors)
       

Related Documents
Public Transportation System Security and Emergency Preparedness Planning Guide, Federal Transit Administration, January 2003, Pages 65 through 78



10. Participate in an information sharing process for threat and intelligence information
    
    
    1.  Participate in information sharing networks or arrangements with:
       • State and local law enforcement and homeland security officials
         
       • DHS' Homeland Security Information Network (HSIN) and its mass transit portal (The HSIN portal enables secure information sharing among transit agencies and passenger rail systems at no cost to users)
         
       • FBI Joint Terrorism Task Force (JTTF) and/or other regional anti-terrorism task force (e.g. Terrorism Early Warning Group (TEW), US Attorney's Office)
         
       • TSA Surface Transportation Security Inspectors (STSI)
         
       • Public Transportation Information Sharing and Analysis Center (PT-ISAC)
         
         

    Related Documents
    TCRP Report 86: Public Transportation Security, Volume 1: Communication of Threats: A Guide, Transportation Research Board, 2002

    
    
11.  Establish and Use a Reporting Process for Suspicious Activity (internal and external)
    
    
    1. Through training and awareness programs, ensure transit agency employees understand the what, how, and when to report observed suspicious activity or items
       
    2. Use exercises to test employee awareness and the effectiveness of reporting and response procedures
       
    3. Ensure public awareness materials and announcements provide clear direction to the public on reporting of suspicious activity
       
    4. Maintain protocols to ensure that designated Security Coordinator(s) report threats and significant security concerns to appropriate law enforcement authorities and TSA's Transportation Security Operations Center (TSOC)
       
    5. Maintain protocols that ensure actionable security events are included in reports to the FTA's National Transit Database (NTD)



Related Links / Related Documents

Immediate Actions (IAs) for Transit Agencies for Potential and Actual Life-Threatening Incidents, Federal Transit Administration, April 2004 NCHRP Report 525, Volume 1, Surface Transportation Security. Responding to Threats: A Field Personnel Manual, Chapters 5 and 6. This Workbook style document provides useful information on where to look and what to look for regarding suspicious activity. Chapter 5 focuses on areas of concentration and "red zones" around facilities and Chapter 6 highlights the characteristics of unusual behavior, activities and objects. Transit Watch Program, Federal Transit Administration, American Public Transportation Association, and Amalgamated Transit Union, 2003, Federal Transit Administration, Transportation Security Administration, and Office of Grants & Training, Enhanced 2006

Facility Security and Access Controls

12. Control Access to Security Critical Facilities with ID badges for all visitors, employees and contractors
    
    
    1. Identify security critical facilities and assets
       
    2. Use ID badges for employee access control
       
    3. Use ID badges for visitors and contractors
       
    4. Develop a written policy and procedures for restricting access (e.g.: card key, ID badges, keys, safe combinations etc) to security critical facilities and assets. Ensure that policy is updated when new threats, audit findings or circumstances warrant.
        
       

Related Documents
Transit Security Design Considerations, Federal Transit Administration, November 2004, Chapter 5 TCRP Report 86 Public Transportation Security, Volume 4, Intrusion Detection for Public Transportation Facilities Handbook, 2003, Chapters 4-5. Securing America’s Passenger Rail Systems, RAND, 2007, Pages 36, 59


 
13. Conduct Physical Security Inspections
    
    
    1. Conduct, monitor and document facility security inspections (e.g., perimeter/access control) on a regular basis, with increasing frequency in response to elevation of the HSAS threat advisory level
       
    2. Develop and use protocols for vehicle (e.g. buses and rail cars) inspections that correspond to HSAS threat advisory levels
       
    3. Develop and use protocols for inspections of rights-of-way corresponding to HSAS threat advisory levels
       
    4. Vary the manner in which inspections of facilities, vehicles, and rights-of-way are conducted to avoid setting discernible and exploitable patterns and to integrate unpredictability
       
       

    Related Documents

    Recommended Practice for CCTV Camera Coverage and Field of View Criteria for Passenger Facilities, September 2008, Page 10 Recommended Practice for Trash/Recycling Container Placement to Mitigate the Effects of an Explosive Event, September 2008, Page 10 Transit Agency Security and Emergency Management Protective Measures, Federal Transit Administration, November 2006 Public Transportation System Security and Emergency Preparedness Planning Guide, Federal Transit Administration, January 2003, Pages 55 through 74 Conduct physical security inspections. Mineta Transportation Institute, Selective Screening of Rail Passengers, February 2007, Current Practices, Page 31 and Appendix- Security Survey

    
     

Background Investigations

14. Conduct Background Investigations of Employees and Contractors
     
    
    1. Conduct background investigations (i.e., criminal history and motor vehicle records) on all new front-line operations and maintenance employees, and employees with access to sensitive security information and security critical facilities and systems.
       
    2. Conduct background investigations on contractors, including vendors, with access to sensitive security information and security critical facilities and systems.
       
    3. Ensure that background investigations are consistent with applicable laws
       
    4. Document the background investigation process, including criteria for background investigations by employee type (operator, maintenance, safety/security sensitive, contractor, etc.)

Document Control

15. Control access to documents of security critical systems and facilities
     
    
    1. Identify and protect documents on security critical systems, such as tunnels, facility HVAC systems, and surveillance, monitoring, and intrusion detection systems
       
    2. Limit access to documents on security critical systems to persons with a need to know
       
    3. Identify a department/person responsible for administering the document control policy
       
    4. Ensure that the security review committee (or other designated group) has meetings/briefings that include reviewing document control compliance issues
       
       
16. Process for handling and access to Sensitive Security Information (SSI)
     
    1. Be familiar with the requirements pertaining to the proper handling of SSI materials (reference 49 CFR Parts 15 and 1520), such as security plans and risk and vulnerability assessments
       
    2. Ensure that the Security Review Committee (or other designated group) regularly reviews matters pertaining to the access to and handling of SSI material

Security Audits

17.  Audit Program
    
    
    1. Conduct security program audits at least annually
       
       • Internal
       • External
    2. Ensure that the Security Review Committee (or other designated group) addresses the findings and recommendations from audits, and updates plans, protocols and processes as necessary. (see 3c)
       



Related Documents
Public Transportation System Security and Emergency Preparedness Planning Guide, Federal Transit Administration, January 2003, Pages 17 through 39

Footnotes:

(1) These action items covers all modes directly operated or contracted by the transit agency (e.g., bus, bus rapid transit, light rail, heavy rail, commuter rail, paratransit etc.)

(2) Contact MTActionItems@dhs.gov for Questions or Comments

Updated August, 2008