Appendix G: Program Requirements for Development of a Rail Transit Agency System Security and Emergency Preparedness Program Plan (SEPP)


SAMPLE

State Oversight Agency Program Requirements for the Development of Rail Transit System Security and Emergency Preparedness Plans

This document has been developed to serve as a template for use by state oversight agencies in specifying the requirements established in 49 CFR Part 659 for the development of a rail transit agency System Security and Emergency Preparedness Plan (SEPP). It includes a sample set of Program Requirements, detailing the required SEPP contents and a set of recommended SEPP appendices.

Table of Contents

SEPP Memorandum of Executive Approval/System Security Policy
1. System Security and Emergency Preparedness Program Introduction
1.1 Purpose of the SEPP
1.2 Goals and Objectives
1.3 Scope of Program
1.4 Security and Law Enforcement
1.5 Management Authority and Legal Aspects
1.6 Government Involvement
1.7 Security Acronyms and Definitions
2.0 System Description
2.1 Background & History of System
2.2 Organizational Structure
2.3 Human Resources
2.4 Passengers
2.5 Services and Operations
2.6 Operating Environment
2.7 Integration with Other Plans and Programs
2.8 Current Security Conditions
2.9 Capabilities and Practices
3.0 SEPP Management Activities
3.1 Responsibility for Mission Statement and System Security Policy
3.2 Management of the SEPP Program
3.3 Division of Security Responsibilities
4. SEPP Program Description
4.1 Planning
4.2 Organization
4.3 Equipment
4.4 Training and Procedures
4.5 Emergency Exercises and Evaluation
5.0 Threat and Vulnerability Identification, Assessment, and Resolution
5.1 Threat and Vulnerability Identification
5.2 Threat and Vulnerability Assessment
5.3 Threat and Vulnerability Resolution
6.0 Implementation and Evaluation of SEPP
6.1 Implementation Tasks for Goals and Objectives
6.2 Implementation Schedule
6.3 Evaluation
7.0 Modification of System Security Plan
7.1 Initiation
7.2 Review Process
7.3 Implement Modifications
Appendix A: DHS Regulation and Requirements Relevant to the SEPP
Appendix B: Acronyms
Appendix C: Definitions

SEPP Memorandum of Executive Approval/System Security Policy

In this section, a policy statement should be provided which establishes the System Security and Emergency Preparedness Plan (SEPP) as an operating document that has been prepared for, and approved by, rail transit agency top management.

The policy statement should define, as clearly as possible, the authority for the establishment and implementation of the SEPP. As appropriate, reference should be made to the authority provided by state and local statues to develop and securely operate the rail transit system and coordinate with local, state and federal agencies regarding security and emergency preparedness issues. The role of the SEPP in addressing FTA’s 49 CFR Part 659 and state oversight agency requirements should be clearly described. Participation in programs managed by the Department of Homeland Security, Office of Grants and Training (G&T) (formerly the Office of State and Local Government Coordination and Preparedness (SLGCP), Office for Domestic Preparedness (ODP)) and the Transportation Security Administration (TSA) that require the SEPP should also be mentioned, including the Transit Security Grant Program (TSGP) and compliance with TSA directives and the TSA Rail Security Inspector Program.

Reference should be made to management's approval, either by referencing the enabling signature on the title page or by other means.

1. System Security and Emergency Preparedness Program Introduction

1.1 Purpose of the SEPP

This section of the SEPP should identify its purpose. For most rail transit agencies, the purpose of the SEPP is to ensure a planned, documented, organized response to actual and potential security threats to the system, and to address these threats with proactive measures and response techniques that manage and minimize the outcome of security breaches or related events. The SEPP typically:

As set forth in rail transit agency's security program policy, accountability for security and emergency preparedness of the rail transit system rests with each employee, supervisor, manager, director, and department. As a result of this program, the rail transit agency will achieve not only an effective physical security program, but also develop emergency preparedness.

The rail transit agency's plans for response to natural disaster or terrorism incidents are based on partnerships with the emergency management and first-responder organizations of the cities and counties throughout the rail transit agency's service area, and the region's coordinated plans for response and recovery from such events. This coordination is essential for the rail transit agency's response and recovery capabilities, while at the same time, continuity of rail transit operations during a community-wide emergency is a vital capability for the region's recovery.

1.1.1 System Security

System security is defined as: “the application of operating, technical, and management techniques and principles to the security aspects of a system throughout its life to reduce threats and vulnerabilities to the most practical level through the most effective use of available resources.” System security provides a structured methodology for analyzing threats and weighing the consequences of the cost of their resolution against the capabilities of the system to fund improvements. This process allows the system; whatever its size, service, or operating environment; to implement the most effective security and preparedness program possible within its available resources. System security promotes an integrated approach to protection, identifying how all system activities come together as part of an interdependent system that deters, detects, assesses, and responds to threats.

1.1.2 Emergency Preparedness

Within the context of this approach, emergency preparedness is a central feature of the program, ensuring the capability to mitigate and manage those events that cannot be prevented. Emergency preparedness is defined as: “a uniform basis for operating policies and procedures for mobilizing public transportation system and other public safety resources to assure rapid, controlled, and predictable responses to various types of transportation and community emergencies.” Emergency preparedness ensures that the rail transit agency has a process in place to provide fast, controlled and predictable responses to various types of emergencies that may occur within the system or nearby locations. Emergency preparedness identifies how municipal and county agencies can both support, and obtain support from, the rail transit agency in addressing transit-specific and area-wide emergencies.

1.2 Goals and Objectives

1.2.1 Goals

This section of the SEPP should identify the goals developed by the rail transit agency to meet the purpose established for the SEPP. Goals are broad statements of ideal future conditions for the safety program that are desired by the rail transit agency, endorsed by top management, and are supported by specific objectives to aid in their attainment. Goals should be realistic and generally are presented in qualitative terms. Sample goals include the following:

  1. Security: Reduce the rate of crime, and the fear of crime, on the rail transit system.
  2. Awareness and Involvement: Engage all rail transit employees and contractor personnel in a program of awareness activities to ensure that they serve as “eyes and ears” for the system. Also establish a similar process of engagement in awareness activities for passengers and others who come into contact with the system.
  3. System Approach: Systematically and continually identify, assess and resolve threats to the security of the system, optimizing use of human resources, operating procedures, technology and equipment, facilities design and improvements, and community and interagency partnerships, to maximize security effectiveness.
  4. Emergency Preparedness: Develop and implement Plans, Organization, Equipment, Training/procedures, and emergency Exercises/evaluation (POETE) to assure preparedness for catastrophic natural disasters or terrorist attacks. These POETE activities should be appropriately coordinated and integrated with the emergency management/response jurisdictions in the rail transit agency’s service area, and should support compliance with Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan (NRP), the National Incident Management System (NIMS), the National Infrastructure Protection Plan (NIPP), and the National Preparedness Goal. The rail transit agency’s activities to support implementation of HSPD requirements may be coordinated through the Regional Transit Security Working Group (RTSWG) and the Regional Transit Security Strategy (RTSS).

1.2.2 Objectives

Objectives are the working elements of the SEPP, the means by which the identified goals are achieved. Unlike goals, objectives should be easily quantifiable. They should provide a framework for guiding the day-to-day activities that provide for a safe and secure rail transit operation. Objectives are often supported by the identification of associated tasks that are required to be completed. Objectives for the sample goals identified above are presented in the table that follows.

GOALS AND OBJECTIVES

Goal #1. Security: Reduce the rate of crime, and the fear of crime, on the rail transit system.

Objective 1.A Maintain 100,000 boarding rides or better per reported crime on the rail transit system, as measured by crimes occurring on the system reported to police.
Objective 1.B Maintain 70% or better customer rating of "good" or "excellent" addressing concerns about security on board the rail system, as measured through the rail transit agency’s annual Attitude and Awareness survey.
Objective 1.C Maintain 300,000 or better boarding rides per customer complaint about security or vandalism, as measured through rail transit agency’s Customer Service Information (CSI) system.

Goal # 2. Awareness and Involvement: Engage all rail transit employees and contractor personnel in a program of awareness activities to ensure that they serve as “eyes and ears” for the system. Also establish a similar process of engagement in awareness activities for passengers and others who come into contact with the system.

Objective 2.A Achieve broad-based awareness of security responsibilities, alertness and procedures by rail transit personnel (means of measurement to be determined).
Objective 2.B Achieve broad-based security alertness by rail transit agency customers (means of measurement to be determined).

Goal # 3. System Approach: Systematically and continually identify, assess and resolve threats to the security of the system, optimizing use of human resources, operating procedures, technology and equipment, facilities design and improvements, and community and interagency partnerships, to maximize security effectiveness.

Objective 3.A Systematically determine and assess deployments and tactics of dedicated security personnel, in relation to systematically analyzed information on crime, threats, and effectiveness on customer perception of security on the transit system.
Objective 3.B Continually foster partnerships with law enforcement jurisdictions and community organizations, in support and extension of the rail transit agency’s dedicated security resources.
Objective 3.C. Systematically incorporate security design considerations and security technology and equipment into design of rail transit agency facilities.

Goal # 4. Emergency Preparedness: Develop and implement Plans, Organization, Equipment, Training/procedures, and emergency Exercises/evaluation (POETE) for preparedness to perform the prevention, detection, response and recovery capabilities applicable to rail transit systems and their employees during catastrophic natural disasters or terrorist attacks. These activities should be appropriately integrated with emergency management/public safety jurisdictions in the rail transitagency’s service area, and should support compliance with Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan (NRP), the National Incident Management System (NIMS), the National Infrastructure Protection Plan (NIPP), and the National Preparedness Goal. The rail transit agency’s activities to support implementation of HSPD requirements will be coordinated through the Regional Transit Security Working Group (RTSWG) and the Regional Transit Security Strategy (RTSS).

Objective 4.A Develop and implement the rail transit agency’s internal emergency preparedness POETE through integration of these activities into the agency’s Emergency Operations Plan and into the development of Memorandum of Understanding (MOUs) with external agencies.
Objective 4.B Develop and implement the rail transit agency’s external emergency preparedness, through the development of procedures, training and emergency exercises, by partnering with the emergency management and first-responder organizations of cities and counties throughout the rail transit agency’s service area, to integrate POETE needed for natural disaster or terrorism incidents on the transit system, and into the region's coordinated, mutual POETE for response and recovery from such events.

1.3 Scope of Program

This section of the SEPP should establish the scope of the SEPP to cover all agency personnel, and be applicable to all agency operations:

The Scope should also specify that coordinating and integrating the emergency response plans of the rail transit agency and of the jurisdictions in the agency's service area, is part of the SEPP program.

1.4 Security and Law Enforcement

This section of the SEPP should describe the security and law enforcement functions that manage and support implementation of the SEPP. If the rail transit agency has its own police force, this section of the SEPP should introduce this department and provide an overview of the department’s activities. Also, this section of the SEPP should identify the rail transit police responsibilities regarding relationships with other law enforcement agencies in the municipalities traversed by the rail transit system.

If the rail transit system purchases security services from local law enforcement agency(s), the plan should introduce this arrangement, and provide an overview of the mechanisms in place to integrate contracted law enforcement services into the rail transit agency’s day-to-day operations. This section of the SEPP should also clarify which function within the rail transit agency manages this contract, and how activities are coordinated with other law enforcement agencies in the rail transit agency’s service area.

If the system employs its own security (non-sworn) force or purchases security services from a private company, the plan should provide an overview of these >security forces and identify the methodologies used to support cooperation with local law enforcement agencies in the rail transit agency’s service area. This section of the SEPP should also clarify which function within the rail transit agency manages this contract or in-house security force.

If the system depends solely on local law enforcement for primary response, the plan should discuss how the system interacts with local law enforcement and what formal or informal arrangements or agreements, including any memorandum of understanding (MOU), are in place. If the system uses any combination of these types of security configurations, the SEPP should provide an overview of how the various components of the security/police function work together.

Whatever the rail transit operator's police or security configuration, the SEPP should explain how staff officers work with, communicate with, coordinate activities with, and share jurisdiction with local law enforcement agencies. In this discussion, the rail transit agency should include information regarding response to incidents, planning and deployment, joint operations, special events, and the sharing the threat and crime information.

1.5 Management Authority and Legal Aspects

This section of the SEPP should describe the authority which oversees the operation and management of the rail transit agency, including its security/police function. The section should identify the charter or legislation which created the rail transit agency, and address the roles of the Board of Directors, General Manager, other executive leadership, and the manager of the security/police function in executing the SEPP. Municipal, county and state codes that are enforced on the transit system should be identified, including ordinances for fare evasion, parking enforcement, vandalism, disorderly conduct, and other public order violations. Any special authorities provided to transit police, contracted law enforcement, contracted private security or in-house security personnel should also be identified.

In preparing this section, the rail transit agency may first introduce its charter, enabling legislation and/or cooperative agreements with the municipalities and counties in its service area. Then, after describing the role of the Board of Directors (providing stewardship and budget approval for the transit agency) and the General Manager (approves and issues the SEPP, established policy that assigns responsibility for developing, implementing and administering the SEPP), this section may identify the roles of other management positions (Executive Director, Operations; Director of Safety and Security, Chief of Police/Security Manager) and explain how each is responsible for developing and enforcing the Standard Operating Procedures (SOPs), operating orders, training, rules compliance programs, evaluation programs, internal security audits, and other activities that assure implementation of the SEPP.

Then, the roles and responsibilities of middle management and line personnel may be briefly introduced and described (i.e., management within the transit security/police function, as well as the roles of supervisors and operations and maintenance personnel). Finally, the section may conclude with a discussion of the ordinances, codes, rules and other laws enforced on the rail transit system (i.e., felonies and misdemeanors applicable to the transit agency’s service area, fare evasion, vandalism, unlawful entry (trespass) upon transit property or vehicles, interference with movement of or access to transit vehicles, disorderly conduct on transit property or in transit vehicles, and offensive physical contact with a transit passenger, employee, agent, security officer or police officer).

This section of the SEPP should provide a high-level overview only. SEPP management and implementation will be discussed in greater detail in Chapters 3 and 4.

1.6 Government Involvement

This section of the SEPP should introduce and briefly describe the local, state and federal agencies with whom the rail transit agency coordinates for security and emergency preparedness. For example, at the federal level, the rail transit agency may coordinate with government agencies for funding support and to ensure compliance with security regulations and grant requirements. Federal partners may include: FTA, Federal Highway Administration (FHWA), Federal Railroad Administration (FRA), DHS, and its subsidiary bureaus, including G&T, the Federal Emergency Management Agency (FEMA), and TSA.

In working with FTA, 49 USC 5307(J)(i) requires that a recipient of federal transportation funds under 49 USCS 5336 spend at least one percent of the amount received on mass transportation security projects. The rail transit agency may consistently exceed the 1% utilization the FTA guideline.

In working with DHS, the rail transit agency may participate in the Transit Security Grant Program (TSGP), which is funded by G&T, and administered by the State Administrative Agency (SAA) and the regional Urban Area Security Initiative (UASI) Point-of-Contact Working Group (UAPOC). Participation in the TSGP requires the development of this SEPP, the implementation of an on-going threat and vulnerability assessment process, and creation of Regional Transit Security Working Groups (RTSWG) to develop and implement a Regional Transit Security Strategy (RTSS), in coordination with the SAA and UAPOC. G&T also offers technical assistance programs for establishing the RTSS, conducting rail transit threat and vulnerability assessment, and developing and conducting emergency exercises and evaluation.

The rail agency also coordinates with local, regional and state emergency management and public safety agencies to address other DHS requirements for implementation of the National Response Plan, the National Incident Management System, and the National Infrastructure Protection Plan. The rail transit agency may also support the TSA Rail Security Inspector Program, as well as research and pilot projects being performed by TSA, and ensure compliance with TSA directives. Appendix A provides additional information on these DHS, G&T and TSA programs.

State government coordination may include the state Department of Transportation (DOT), the state Office of Homeland Security, and the state SAA for the G&T TSGP program. The state oversight agency should also be discussed here, including its role in requiring, receiving, reviewing and approving the SEPP. If the state oversight agency does not have protections in place to shield security documents from public release, then the procedures developed to review and approve these documents, discussed in Section 6 of this SEPP, should be briefly mentioned. The state oversight agency’s enabling legislation and/or program requirements may be referenced here or included as an appendix.

At the regional level, the rail transit agency may coordinate with the region's emergency management group, the county emergency management agency, or a county emergency management committee; the UAPOC; the local office of the Federal Bureau of Investigation’s (FBI) Joint Terrorism Task Force (JTTF), and for transportation project funding, the region's Metropolitan Planning Organization (MPO). In supporting regional coordination, the rail transit agency may have signed intergovernmental agreements or memorandum of understanding (MOUs) to formally partner with the county/regional emergency management agency or committee, including requirements for participation in emergency management planning monthly coordination meetings and implementation of regional incident management and response protocols. The rail transit agency may have also joined the region's UASI working group, UAPOC, in support of the region's UASI Strategy, through implementation of the RTSS.

The rail transit agency may also have signed MOUs with local law enforcement, emergency medical services (EMS), fire departments, hospitals, and other transit providers in the region to address a range of issues associated with SEPP implementation.

1.7 Security Acronyms and Definitions

This section of the SEPP should include all of the acronyms and definitions used in the plan. Acronyms and definitions may be presented in this section or included in an Appendix that is referenced in this section. Appendices B and C of this document include sample acronym and definition lists.

2.0 System Description

The primary purpose of Chapter 2 is to provide organizational information and operating parameters for both those outside the organizations that need to understand the transit system, and those inside the organization to have clearly defined lines of report and responsibility delineation. The information presented should be sufficient to allow non-technical and non-transit persons to understand the system and its basic operations.

2.1 Background & History of System

This section should briefly describe the system's characteristics. This section should describe when and how the transit system was established, history of service delivery, major milestones in the transit system’s history, and the modes of service provided. A system map and reference to the transit agency’s website should also be provided.

2.2 Organizational Structure

This section of the SEPP should provide or reference:

2.3 Human Resources

This section of the SEPP should identify all departments supported at the rail transit agency and clarify how many full-time employees, part-time employees, and contracted personnel support them. For example, a table such as the one appearing below may be used.

Department
Full-time Employees Part-Time Employees Contractors
General and Administrative
Capital Projects and Facilities
    CP&F Bus and Rail Facilities Management
Operations
Administration and Planning
Safety and Security Department
Director and Administrative Staff
Security Staff
Safety Staff
Transit Police Officers
Transit Security Officers
Rider Advocates
Deputy District Attorney
Bus and Rail Transportation
Transportation Staff and Supervisory
Full-Time Bus Operators
Part-Time Bus Operators
Rail Operators
Contracted Support
Field Operations
Field Operations Staff and Lead Supervisors
Bus Dispatchers and Rail Controllers
Bus and Rail Field Operations Supervisors
Fare Inspection Field Operations Supervisors
Accessible Transportation Programs
Administrative and IT Staff
Vehicle Operators
Vehicle Maintainers
Dispatchers
Bus Maintenance
Maintenance Staff and Supervisory
Mechanics, Helpers, Cleaners, Clerks, Storekeepers
Rail Maintenance (excl. Rail Facilities Mgmt)
Maintenance Staff and Supervisory
Mechanics, Cleaners, Clerks, Storekeepers

2.4 Passengers

This section of the SEPP should provide annual ridership statistics for the most recent year they are available. Ridership may be broken down mode of service and by day of week. Weekly and annual totals should also be provided. Major changes in ridership (increases, decreases, new service areas or expanded modes of service) should also be identified. Relevant statistics or information on system riders may also be included, such as: growth in population in service area, characteristics of typical riders (i.e., commuters, students, etc.), percentage of adults living in service are who ride the system at least once a month, and information on the usage of accessible services and paratransit service.

2.5 Services and Operations

In this section of the SEPP, the rail transit agency should provide information on the size, location, and function of the transit agency’s physical assets including; maintenance facilities, offices, stations, vehicles, signals, and structures for all modes. This information, for each mode of service, may include: hours of operation, the number of vehicles, the number of routes, number of vehicles typically in peak and off-peak service, frequency of vehicles, the types of facilities owned and operated by the system and the types of activities performed there, and the names and addresses of relevant locations.

2.6 Operating Environment

This section of the SEPP should describe the rail transit agency’s operating environment, including traffic conditions, rail alignment, weather, issues associated with special events or other activities, safety issues associated with the rail transit service, and levels of crime in the communities served by the rail transit agency.

2.7 Integration with Other Plans and Programs

This section of the SEPP should discuss how the SEPP is integrated with the System Safety Program Plan, the System Safety and Security Certification Program Plan, the Emergency Operations Plan, Incident Specific Response Plans, Facility Emergency/Evacuation Plans, and other documents and programs that affect security and emergency preparedness, including the Regional Transit Security Strategy. A brief description of each of these documents should be provided, as well as the management interface which ensures coordination at the rail transit agency.

For example, the rail transit agency may state that the System Safety Program Plan and the SEPP are companion documents, and both are in accordance with FTA regulations concerning safety and security of transit systems, as implement by the state oversight agency. The rail transit agency may also specify that the Emergency Operations Plan and supporting training, drills and exercises are critical elements which support and reinforce SEPP provisions and procedures. Finally, the rail transit agency may identify how the SEPP supports, and is supported by, the Regional Transit Security Strategy, including the identification of tasks and G&T grant allocations to support achievement of SEPP goals and objectives.

2.8 Current Security Conditions

This section should describe current security conditions and issues at the transit agency including the incidents of crime experienced on the system and relevant information on passenger fear/perceptions of security. Crime data should be provided, documenting the most recent year for which it is available. The types of security incidents (including Part I and Part II offenses and ordinance violations) and their frequency of occurrence on the transit system should be included. Also this section should provide context for this information, including a comparison of crime rates at the transit system over time and/or a comparison of crime rates from the rail transit agency with crime rates for the municipalities in its service area.

2.9 Capabilities and Practices

This section should summarize methods and procedures, devices, and systems utilized by the transit agency to minimize security incidents throughout the transit system. In addition, this section should also address activities performed to reduce passenger fear. This section should not provide detailed information on the security/police function or distinct security roles and responsibilities of specific elements of the rail transit organization (this information will be provided in Chapter 3). Instead, this section is intended to provide a broad overview of the types of activities performed by the rail transit agency to address the security conditions described in Section 2.8. In preparing this section, the rail transit agency may want to consider the following types of descriptions:

Other Security Programs may be in place to address a range of passenger security issues and concerns, including:

Security-related features of the rail transit agency’s vehicles, facilities and communication systems include the following:

3.0 SEPP Management Activities

The purpose of Chapter 3 is to identify responsibilities for managing the rail transit agency’s SEPP program, including its conception, development, implementation, evaluation, review, and update. This Chapter will first identify responsibilities of senior management for specific functions necessary to create the SEPP and its supporting program. Then, responsibilities for SEPP implementation will be detailed for the security/police function, for the other rail transit agency departments/functions, and by job title. The role of external agencies in supporting SEPP development, implementation and evaluation will also be explained. Finally, this chapter will describe the committee(s) established by the rail transit agency to manage and coordinate security issues across departments/functions.

3.1 Responsibility for Mission Statement and System Security Policy

This section should define the authority and responsibility for the security organization, including but not limited to:

Typically, this section of the SEPP will discuss the role of the General Manager in preparing, revising, reviewing and signing the policy statement and the role of the head of security/police function and his or her staff in preparing, revising and reviewing the SEPP. It should be noted that annual reviews are now required by FTA’s 49 CFR Part 659 and the state oversight agency, regarding a determination of whether the SEPP should be updated. The head of the security/police function is typically responsible for ensuring that this annual review is performed and that the results are conveyed to the state oversight agency according to procedures and time-frames specified in the oversight agency’s Program Standard. This section may quote or reference the SEPP Memorandum of Executive Approval/System Security Policy.

3.2 Management of the SEPP Program

This section of the SEPP needs to identify the person or people in charge of managing transit security and emergency preparedness and the SEPP program. Two basic structures for managing the program are possibly dependent on the size of the transit system. In a small rail transit system that lacks its own police or security department, the General Manager or Operations Manager may play a large role not only in setting SEPP policy, but in actually overseeing the plan and carrying it out on a regular basis.

In larger rail transit systems, although the General Manager is ultimately responsible and accountable for system security and emergency preparedness, it is expected that another individual, most likely the Manager or Chief of the security/police function, will be responsible for coordinating the daily activities outlined in the SEPP. Other individuals within the security/police function may be designed to support the Manager or Chief in overseeing implementation of the SEPP.

Although it may appear self-evident which arrangement governs the plan, this section should state clearly and unequivocally which structure is in effect and should present the general reporting responsibilities regarding security for the entire organization. Specifically, this section should address who is responsible for these ten critical SEPP management activities:

  1. Defining ultimate responsibility for secure rail transit system operations.
  2. Communicating that security is a top priority for all rail transit employees.
  3. Advocating for, and allocating security program resources; directing day-to-day security operational activities (including tactics, intelligence and analysis); and assessing security performance.
  4. Developing and explaining relations with outside organizations that contribute to the rail transit agency's security and emergency preparedness program.
  5. Developing relations with local, state and federal security-related agencies, including security oversight roles of FTA's state Safety Oversight and Project Management Oversight (PMO) programs, security oversight role of DHS TSA, and emergency preparedness roles of DHS G&T, the state Office of Homeland Security, the region's emergency management group or committee, and Urban Area Security Initiative, Point-of-Contact Working Group.
  6. Explaining the mechanism for bringing security concerns to the attention of the appropriate rail transit agency official or group.
  7. Identifying potential security concerns in any part of the rail transit agency's operations.
  8. Explaining the liaison between rail transit employees and other security and emergency preparedness groups, committees and functions at the rail transit agency, for the purpose of addressing employees' security concerns.
  9. Actively soliciting the security concerns of employees.
  10. Working to ensure the rail transit agency's security and emergency preparedness program is carried out on a daily basis.

A matrix could also be used to present these 10 activities and to identify which management positions have responsibility for their implementation (i.e., General Manager, Manager, the Manager or Chief of the security/police function, the Commander of the Transit Police Division, the rail transit agency’s Security Committee(s), the heads of various rail transit departments/functions, and operations and maintenance supervisors).

3.3 Division of Security Responsibilities

3.3.1 Security/Police Function Responsibilities

This section should present a detailed description of the security/police function, including staff, the qualifications of the personnel, any planned short- or long-term additions to the security organization's mission, and any additional staff which may be required. Specific roles and responsibilities should also be identified.

In preparing this section of the SEPP, the rail transit agency should consider including:

In addressing this last category, the rail transit agency may consider the following examples.

In describing the roles and responsibilities of the Manager or Chief of the security/police function, the rail transit agency may identify the following activities:

The security functions and responsibilities of the Commander, Transit Police Division may include:

In another example, Transit Police Officers may be responsible for:

3.3.2 Security Responsibilities of Other Departments/Functions

This section of the SEPP should provide an overview of the other rail transit agency departments/functions that support the security/police function in implementing the SEPP. This section should contain a narrative description of the general roles and responsibilities performed by each department/function and how that department/function interfaces with the security/police function. As a guideline, no more than two or three paragraphs should be devoted to describing the security responsibilities of each other department/function within the rail transit agency.

3.3.3 Job-specific Security Responsibilities

This section should review and list the titles of all line and staff positions of the other departments/functions within the transit system and summarize their respective security responsibilities. In preparing these lists, rail transit agency’s may to consider the following examples.

Rail operators have an important role in system security and emergency response. They are expected to:

Rail supervisors have specific security and emergency responsibilities as well as a general responsibility for monitoring employees’ compliance with the agency’s security procedures. For this reason, rail supervisors should have full knowledge of security rules and procedures, and should communicate them on an ongoing basis so as to encourage other employees to incorporate security practices into their daily work activities. Specifically, rail supervisors are to:

Rail controllers are expected to:

3.3.4 Security Task Responsibilities Matrix

A security task responsibilities matrix should be presented showing interfaces and the key reports or actions required, including the frequency of those reports or actions. An example of a security task matrix, organized by SEPP section, is displayed Figure 1 below.

Figure 1 SEPP Program Roles and Responsibilities Matrix

Figure 1 displays a sample Program Roles and Responsibilities Matrix for a transportation system.  The first column lists the tasks or activities separated by row.  The column headings are: Task or Activity; Management; Operations; Maintenance; Security/Police; Training; Engineering; Human Resources; and System Safety.  For each task/activity a symbol is placed in each column.  The symbols are:  P = Primary Responsibility; S = Support Responsibility; A = Approval and C = Review and Comment.  The tasks/activities are listed as: System Security Program Introduction; Purpose of System Security Program Plan and Program; Goals, Objectives, and Tasks for the Program; Scope of Program; Security and Law Enforcement; Management Authority and Legal Aspects; Government Involvement; Security Definitions; System Description; Background and History of System; Organizational Structure; Human Resources; Passengers; Services and Operations; Operating Environment; Integration with Other Plans; Current Security Conditions; Capabilities and Practices; Management of the System Security Plan; Responsibility for Mission Statement and System Security; Management of the Program; General Manager; Chief Operating Officer; Division of Security Responsibilities; Job-specific Security Responsibilities; External Agencies; Security Committees; SEPP Program: Roles and Responsibilities; Planning; Proactive Measures; Training; Day-to-Day Activities; Security Program Threat and Vulnerability Management; Threat and Vulnerability Identification; Security Testing and Inspections; Data Collection; Reports; Security Information Flow; Threat and Vulnerability Assessment; Responsibility; Data Analysis; Frequency and Severity; Threat and Vulnerability Resolution; Emergency Response; Breach Investigation; Research and Improvements; Eliminate, Mitigate, or Accept; Implementation & Evaluation of System Security Program Plan; Implementation Goals and Objectives; Implementation Schedule; Evaluation; Internal Audit – Management; External Audits; Modification of the System Security Program Plan; Initiation; Review Process; Implement Modifications.

For rail transit agencies choosing to take another approach, the task matrix can also be organized by specific tasks identified to implement the goals and objectives presented in Section 1.2. Or, as an alternate approach, rail transit agencies can organize their task matrices using a combination of specific activities to be performed to achieve goals and objectives and the SEPP plan organization.

3.3.5 Responsibilities of External Agencies

This section should briefly identify the external agencies that the rail transit agency works with in implementing its SEPP. As appropriate, reference may be made to Section 1.6 (Government Involvement) of this plan. For each external agency listed, this section of the SEPP should identify their specific responsibilities in supporting the SEPP (i.e., providing funding, training or technical assistance, reviewing and approving plans, etc.).

In addition, this section of the SEPP should also describe the rail transit agency’s relationship with the state safety oversight agency. This section should briefly summarize the requirements specified by the state oversight agency for SEPP development and implementation and other security activities, and the activities that must be performed by the state oversight agency.

The role of G&T and TSA in reviewing the SEPP should also be specified.

3.3.6 Security Committees

This section of the SEPP should identify the committee or committees established by the rail transit agency to address security issues. In the rail transit environment, the security committee(s) generally reports to top management through the chief operating officer or director of operations. The major task of this committee(s) is to identify and resolve potential security risks that the transportation system may encounter during operations. In preparing this section, the rail transit agency may consider the following example:

Coordinating and leading planning for the rail transit agency's SEPP program development is an essential job function of the Manager or Chief of the security/police function. In performing this activity, the Manager or Chief chairs the rail transit agency's Security Committee, consisting of the following:

The Security Committee also includes two rail operator representatives and one front-line maintenance employee representative.

Members of the Security Committee, in their respective security-related functional roles, contribute directly to planning the security and emergency preparedness program. The Security Committee meets at least once monthly. It extends the scope and effectiveness of the management of the security program, by assuring involvement and collaboration of all rail transit agency departments/functions in security program development and implementation, and by advising on development and evaluation of the program.

Security Committee meetings include reviews of:

4. SEPP Program Description

Chapter 3 identified the rail transit agency’s approach to managing the SEPP, and specified the SEPP-related responsibilities of management and line positions within the security/police function and the other rail transit departments/functions. Chapter 4 demonstrates how the SEPP management functions and responsibilities identified in Chapter 3 are integrated into a cohesive and effective program. The elements of this program are presented using the POETE categorization specified by DHS/TSA and G&T in implementing the National Preparedness Goal: Planning, Organization, Equipment, Training/Procedures, and Emergency Exercises and Evaluation. Examples for how rail transit agencies could address each of these five categories of activities are provided in Sections 4.1 through 4.5 below.

NOTE: In describing implementation of the SEPP program, rail transit agencies who are not participating in the G&T Transit Security Grant Program may use the traditional categories, previously recommended in FTA guidance: Planning, Proactive Measures, Training, and Day-to-Day Activities. Or these rail transit agencies may choose to use the POETE categories, since either organizational scheme provides the same general information.

4.1 Planning

Planning for the SEPP program includes developing internal agency plans to address SEPP issues during rail transit agency operations; budgeting for system security and emergency preparedness functions; addressing security requirements in system design and safety/security certification for extensions and major projects, renovations and rehabilitations; and coordinating with local emergency management agencies and public safety agencies to ensure integration of the rail transit agency into response community plans for major criminal events, terrorist activities (including the use of Improvised Explosive Devices [IEDs] and the release of Chemical, Biological, Radiological, Nuclear and Explosive [CBRNE] agents), and natural disasters.

Internal Planning: Planning is an integral part of maintaining and operating a secure rail transit system. Stemming from state safety oversight requirements and DHS/G&T regulations and requirements, the rail transit agency has developed a set of plans to document its combined activities to address issues affecting the safety and security of passengers and employees, the agency’s ability to protect its infrastructure from crime and terrorism, and the agency’s capabilities to provide effective emergency response to a wide range of emergencies. To this end, the rail transit agency has developed this SEPP, as well as a System Safety Program Plan, a System Safety and Security Certification Program Plan, an Emergency Operations Plan, and a set of Incident Specific Response Plans for severe weather and natural disaster, a range of accident types and fires, and major crimes and terrorism.

Wherever possible and appropriate, these plans address state oversight agency requirements as well as DHS Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan, the National Incident Management System, the National Infrastructure Protection Plan, and the National Preparedness Goal. In addition, the results of internal and external assessments performed at and by the agency addressing SEPP-related issues are also integrated into these plans, including needs assessments and threat and vulnerability assessments.

Budgeting: The rail transit agency's annual capital budget recommendations are developed by a senior staff group called the Capital Committee. The Executive Director, Operations is represented on the Capital Committee by the Director, Operations Planning and Development, who assures that the security capital improvement needs are incorporated into the rail transit agency's annual capital budget development process and 5-year Capital Improvement Program (C.I.P.) forecast. The rail transit agency’s security/police function provides an annual budget request. Rail transit agency committees also identify needed security and emergency preparedness improvements and make recommendations to the Director, Operations Planning and Development. Finally, the results of needs assessments and regional plans for communications interoperability and terrorism early warning systems are also shared with the Capital Committee.

Security Requirements in Design: The rail transit agency addresses security in planning for system modifications, extensions and rehabilitations. Using selected design features and technologies, crime and terrorism prevention capabilities are accomplished through an integrated approach based on CPTED principles. The rail transit agency requires all drawings and specifications to be reviewed by an American Society for Industrial Security (ASIS) Board Certified Protection Professional (CPP) who reviews them for CPTED concepts and upon acceptance, stamps the drawings and approves the specifications. Security reviews are conducted throughout the design process, and during construction, security features are assessed for their compliance with specifications, prior to being accepted and placed into service. The security/police function has both formal and informal input into design decisions that affect passenger, employee, and equipment security. In addition, the rail transit agency has developed Security Design Criteria, which ensure that CPTED principles are applied to all aspects of facilities and vehicle design. FTA's Transit Security Design Considerations is incorporated by reference into the design criteria, as a comprehensive CPTED guide.

The rail transit agency’s security planning in development of new transit projects is formalized through the Safety Certification Program. As described in the rail transit agency’s System Safety Program Plan and System Safety and Security Certification Program Plan, the rail transit agency conducts a safety certification process to ensure that safety concerns and hazards are adequately addressed prior to the initiation of passenger operations for new start rail transit projects and for major modifications to rail transit systems. The intent and practice of the safety certification program is that security considerations are integrated into the safety certification process, in the same manner as safety considerations.

To conduct this process, the rail transit agency specifies use of its security design criteria, a set of safety and security design reviews performed by several groups devoted to safety and security issues, including the Safety and Security Task Force, Fire/Life Safety and Security Committee, contracted safety and security engineering support, the rail transit agency’s system safety and security/police functions, and the agency’s standing committee for configuration management, and an extensive verification process to ensure that security elements specified in the design are actually built into the delivered project. Testing, start-up, training and emergency readiness issues are also addressed in this process.

Coordination for Regional Emergency Preparedness Capabilities: Following the events of September 11, 2001, and all subsequent DHS directives and guidance calling for a permanently heightened level of security awareness and emergency preparedness, officials from the rail transit agency have been working closely with officials of the region's emergency management organizations to: (1) include the rail transit agency as a full-fledged member of regional organizations and working groups established by emergency management and public safety organizations for purposes of planning and preparing for regional emergency responses, and (2) assure appropriate inclusion of the rail transit agency in the emergency response and security alert procedures of the region's Emergency Operations Centers.

The rail transit agency has coordinated with both local and county governments and the emergency management agencies in its service area to support on-going development and revision of their respective Emergency Operations Plans and supporting incident management and response protocols and resource inventories. The rail transit agency has also partnered with the major municipality in its service area to develop a Downtown Evacuation Plan, to ensure effective response to no-notice evacuations and emergencies, including events related to IED and CBRNE, earthquakes, fires and flooding.

The rail transit agency has established MOUs with local law enforcement, emergency medical services, fire departments, hospitals and other transit providers in the region. These MOUs provide direction and clarification regarding response to an incident occurring on the rail transit agency, and how the rail transit agency may support response to area-wide emergencies.

In addition, the rail transit agency, working with the Regional Transit Security Working Group and the region’s Urban Area Security Initiative agencies, has developed and implemented the Regional Transit Security Strategy. The RTSS provides the integration point between the individual, risk-based SEPPs of the rail transit agencies in the region, and the overall security goals and objectives established for the region. The RTSS demonstrates a clear linkage to the applicable state and urban area homeland security strategies developed or currently being developed. For G&T’s Transit Security Grant Program, it is expected that the SEPPs and the RTSS will serve as the basis on which funding is allocated to address regional transit security priorities, and the vehicle through which the rail transit agency may justify and access other funding and resources available on a region-wide basis through the UASI program.

4.2 Organization

Capabilities for the rail transit agency’s response to major crimes, terrorism and natural disaster emergencies are organized following the Incident Management Organization specified in the rail transit agency Emergency Operations Plan, as well as the procedures identified in rail rulebooks and SOPs/Emergency Procedures, the agency’s Crisis Communications Plan, the security/police function’s General Orders, the agency’s Incident Specific Response Plans, and internal transit facility emergency emergency/evacuation plans. The rail transit agency’s Incident Management Organization provides an organized command and control structure to ensure (1) coordinated response across the agency’s departments/functions and (2) adequate resources are mobilized during emergency incidents. The rail transit agency’s Incident Management Organization is akin to the Incident Command System (ICS) used by local responders. This organization enables the rail transit agency to integrate effectively with the ICS established by public safety and emergency management agencies, complying with the terms of both NIMS and the Major Emergency Incident Management System protocols established for the regional area.

These capabilities are coordinated and integrated with external jurisdictions and regional emergency preparedness plans, such as the municipal and county Emergency Operations Plans and the Downtown Evacuation Plan. Specific rail transit agency capabilities are also documented in the Regional Transit Security Strategy.

Specifically for terrorism, the rail transit agency recognizes that unique capabilities are provided by public safety responders in the region for addressing a range of terrorism-related events, including CBRNE and IED events occurring on or adjacent to rail transit property. Further, as specified in the Regional Transit Security Strategy, the rail transit agency has identified these capabilities and also has established its own resources to prevent, detect, respond to and recover from these events.

The organization of terrorism or emergency incident response teams in the rail transit agency’s service area includes the following capabilities: canine teams, explosive ordinance disposal, hazardous materials, underwater dive teams, special weapons and tactics, emergency medical services, medical surge teams, and urban search and rescue. These teams are available throughout the rail transit system’s service area.

Capabilities to collect, analyze, and disseminate information on potential threats to the region's transit systems include:

In additional capability desired is inclusion of public transportation agencies in development of a Terrorism Early Warning (TEW) system for the region. The state Office of Homeland Security is establishing a Strategic Analysis Information Center (SAIC) to effectively collect and share information from many different sources. The SAIC is designed to integrate existing local, state and federal information systems to create a central “fusion” center. The center will partner with many different sources of information, fusing relevant information and distributing valuable information to private and public sectors, first responders and investigators.

Policies or procedures to coordinate within this organizational structure to share information include:

4.3 Equipment

Through the administration of DHS and FEMA grants in the rail transit agency’s service area, first responders have obtained equipment, training and certification to support response to security and CBRNE events as well as natural disasters. Regional procedures, drills and exercises are being developed to ensure these capabilities. Through the state Emergency Management Agency, this activity has been coordinated with the Terrorism Annex of the state Emergency Operations Plan, as well as the state Homeland Security Assessment and Strategy. Based on the results of this assessment and strategy, specific equipment needs have been identified, prioritized and are being addressed in each of the state’s counties and major municipalities. Regional UASI working groups are also coordinating with the state Senior Interagency Coordinating Group (SICG) and the state Security Task Force to address the need to achieve greater terrorism and natural disaster preparedness and to work toward statewide response capabilities, including the acquisition of additional equipment.

The rail transit agency also has equipment to support its capabilities to detect, prevent, respond to and recover from security and terrorism events and to manage natural disasters:

The rail transit agency also has a variety of equipment in place to ensure the integrity of the following:

The rail transit agency has also identified the following equipment needs for optimum IED/CBRNE prevention, detection and response within the regional transit sector:

4.4 Training and Procedures

Training: At the rail transit agency, training for SEPP-related topics is performed to ensure that:

Training typically addresses rules, policies, and procedures, as well as many of the hazards in the transportation environment (e.g., live power, track and roadway safety, hazardous materials and alternate fuels, medical emergencies or blood-borne pathogen awareness, personal safety, and injury prevention). The rail transit agency also has established an emergency response agency familiarization program that provides orientation for local law enforcement, fire personnel, and medical services regarding the transportation environment and its vehicles.

The rail transit agency has performed basic security awareness or first responder awareness training, which emphasizes topics, such as:

The rail transit agency offers a variety of training programs to support SEPP implementation, as SEPP elements are integrated into including initial and refresher training programs provided to all employees. In addition the rail transit agency provides general security awareness training to all operations and maintenance departments and holds special seminars devoted to SEPP topics with supervisors, managers and the rail transit agency’s executive leadership. A brief summary of key training activities performed by the rail transit agency to address the SEPP appears below:

SEPP Training Campaigns:

Security/Police Function: Employee awareness: Customer awareness: NIMS/ICS: Familiarization Training

An overview of training offered by the rail transit agency is provided in Figure 2 below.

Figure 2 Training Course Offered by a Rail Transit Agency

Figure 2 display a sample overview of training offered by a rail transit agency.  There are 6 columns.  The first column contains the Courses.  The remaining columns have an overarching title of Staff Level and the columns are identified as: Security and/or Police Function; Rail Controllers and OCC Supervisors; Operators and Station Agents; Operations and Maintenance Supervisors; and Staff.  In each Course row, there is an “X” symbol reflecting if that staff level is to receive that training course.  Additionally, by each some of the “X” symbols, there is a 1, 2 or 3.  1 = Pre-qualified, 2 = Supervisors designated as On-site Incident Coordinators, and 3 = Selected Staff.  The courses are identified as: Orientation; SOPs, Emergency Procedures, and Emergency Operations Plan; Safety Rules; Security Awareness; Security Systems, both Facilities and Vehicles; Emergency Training for 1st Responder; Introduction to ICS/NIMS; Incident Command Training; Interagency Training; Weapons of Mass Destruction/CBRNE; CPR; Blood-borne Pathogens; First Aid; Hazardous Material Awareness.

Procedures: Rail operators, rail controllers at the rail transit agency’s Operations Control Center, rail supervisors, transportation and maintenance personnel, and security/police function personnel use Standard Operating Procedures (SOPs) and associated Rulebooks for normal, special, and emergency operations. Most procedures supporting system security are embedded in the operations SOPs pertaining to emergency operations, communications, and response, just as system safety is embedded into operating procedures. Some security procedures are stand-alone SOPs. Training on SOPs and Rulebooks applicable to respective employee jobs is the core element of operations training for the respective jobs, serving as the primary mechanism for safety and security training for employees. To illustrate the scope of security-related and emergency management-related SOPs, a list of selected SOPs which apply to the rail operation appears below.

In other procedures-related activities, the rail transit agency is:

The rail transit agency has also adopted specific procedures for Homeland Security Advisory System (HSAS) threat level changes; when advisory is raised, heightened security sweeps and surveillance patrols for vehicles and stations are put into effect.

Rail transit agency activity to ensure compliance with both training programs and procedures implementation is discussed in Chapter 6 of this SEPP and is also described in the System Safety Program Plan.

4.5 Emergency Exercises and Evaluation

Rail transit agencies are vulnerable to a range of events which may result in emergencies. The list below illustrates some of the most likely of these events, organized into categories of naturally occurring and human-caused events, intentional and unintentional.

Naturally Occurring:

Human Caused - Intentional:

Human Caused - Unintentional:

An exercise is a focused practice activity that places the participants in a simulated situation, which requires them to function in the capacity that would be expected of them in a real event. A good exercise, that is well evaluated, reveals inconsistencies in plans, highlights deficiencies in resources, and underscores the need for additional training.

Going directly into a real emergency operation without exercising involves substantial risks. For example, many participants may not know or thoroughly understand their emergency responsibilities and how they relate to activities performed for other elements of the response; equipment may not function as expected; or procedures may not be as effective as anticipated. Such risks, when thoughtfully considered, are unacceptable to most transportation agencies. Accordingly, a broad spectrum of exercise activity is necessary if functional emergency response and recovery capability is to be realistically assessed and improved.

Well-designed and executed exercises are the most effective means of:

Exercises are also an excellent way to demonstrate community resolve and cooperation to prepare for disastrous events. Review of successful responses to emergencies over the years has shown that pre-emergency exercising pays huge dividends when an actual emergency occurs. This is especially true in instances where communities were involved full-scale exercises that tested the range of response activities, communications protocols, and resources to be applied.

In the rail transit environment, exercises provide an effective way to implement and fine-tune an agency’s emergency plan, provide training, and improve system safety and security. Additionally, as providers of a public service, rail transit agencies have a responsibility to:

Exercises help the rail transit agency to fulfill these responsibilities. Transit agencies that integrate exercise and evaluation programs into their preparedness activities can more efficiently and effectively execute their emergency response plans during an actual event.

Since the mid-1980s, federal, state and local agencies involved in the design, conduct and evaluation of emergency exercises have emphasized the importance of a progressive exercise program. This approach encourages each rail transit agency to organize and prepare for a series of increasingly complex exercises, using a process where each successive exercise builds upon the previous one to meet specific operational goals. This program is coordinated using a set of project management tools that promote defined goals, measurable objectives, formal schedules, and dedicated resources.

A progressive program implements a cycle of emergency planning, training, exercises, and improvement actions. This cycle is used to direct and schedule exercise activity, and then to ensure that identified improvements are addressed. This program begins with the establishment of a three-year exercise cycle. Within this cycle, targeted areas of focus are then identified based on formal needs assessments, threat and vulnerability assessments, and the recommendations of senior personnel. For example, target areas may include the use of communications equipment and systems across multiple jurisdictions, the integration of rail transit resources into the incident/unified command system established by local responders, and/or the performance of specific types of activities in the rail transit environment (de-energizing and re-energizing third rail or overhead catenary systems, station and vehicle evacuations, or procedures for managing suspicious packages in transportation facilities and on vehicles).

Next, emergency response plans, policies, procedures, immediate actions and job aids are developed or existing documents are reviewed in these focus areas, and training is provided (or the quality of existing training is assessed). Then, over the course of the three-year cycle, increasingly more complex types of exercises are conducted to assess and reinforce critical activities within the target areas of focus. Each exercise is evaluated, and results are incorporated into the planning development process. As indicated in Figure 3 below, following this “building block” approach, over the three-year cycle, the rail transit agency will conduct seminars, workshops, tabletops, games, drills, functional exercises and, culminate in a full-scale exercise.

Figure 3 Building Block Approach to Exercises

Figure 3 displays a “staircase” representing the planning/training and capability of exercises.  It represents that agencies are to use a stepped approach to exercises starting with and building upon discussion-based seminars, workshops, tabletops exercises and games; building up to operations-based drills, functional exercises and full-scale exercises.

To support effective SEPP implementation, the rail transit agency has already developed its Three-year Exercise Schedule and Program. Following this schedule, the rail transit agency has already conducted security awareness seminars and workshops and will continue this approach for presenting its revised Incident Management Organization and Emergency Operations Plan, as well as basic requirements for NIMS/ICS. The rail transit agency has also conducted a tabletop regarding an Improvised Explosive Device in a rail transit station. Executive Leadership has already participated in “war gaming” conducted by the American Public Transportation Association and co-sponsored by the Transit Cooperative Research Program.

Drills and spot-inspections are routinely conducted by operations and maintenance supervisors to ensure transit personnel knowledge of and compliance with a variety of safety and security-related policies and procedure. The rail transit agency is currently planning and developing both a functional exercise and a full-scale exercise with regional UASI and RTSWG partners, using its newly developed Incident Management Organization, and the NIMS and Incident Command models used by regional emergency management and public safety agencies. These two exercises will address (1) the IED prevention and response requirements and the (2) regional CBRNE exercise plan requirements pursuant to HSPD-8 and the Regional Transit Security Strategy.

In 2002, the rail transit agency received an Emergency Preparedness Drills grant from FTA. The purpose of the drills was to exercise the rail transit agency’s plans and protocols during a Weapons of Mass Destruction event. A table-top exercise was held in July 2003 involving an unknown explosive device left in a rails station receiving passengers for a sold out sporting event. A full-scale exercise was held November 2003 involving aerosol dispersal of an unknown substance on a rail vehicle train spraying transit passengers that who had boarded to depart the airport station. Shortly after these exercises, the rail transit agency filed after-action reports with both FTA and the state oversight agency.

The region’s Urban Area Security Initiative, Point-of-Contact working group members continually share opportunities for joint exercises. A single, coordinated Urban Area (UA) exercises planning calendar is updated monthly by the members. Additional coordination of the UA's exercise calendar is performed monthly by the technical committee of the UA's Regional Emergency Management Group (REMG), which includes UAPOC members and leaders of UA functional discipline working groups. The rail transit agency, represented on both the UAPOC and REMTEC committees, encourages the UA's responder and emergency management agencies to situate exercises on the transit system whenever possible, for mutual benefit to responder organizations and the transit system.

A highly collaborative culture exists in the regional UA among responder and emergency management agencies, with long-standing support to transit system incidents. As a result, there are ongoing exercises in the regional UA involving the transit system, which at the same time fulfill exercise objectives of the sponsoring responder or emergency management agencies. Examples of these regional drills involving the rail transit agency include: Regional bioterrorism tabletop (sponsored by regional Public Health organizations); Regional earthquake full-scale (sponsored by County Emergency Management Agency); Plane crash full-scale exercise at Municipal Airport (sponsored by the airport); and Multi-agency terrorism explosive tabletop (sponsored by the state Emergency Management Agency).

To support the evaluation of emergency exercises, the rail transit agency has committed to following the methodology specified in G&T’s Homeland Security Exercise and Evaluation Program Volume II: Exercise Evaluation and Improvement. This volume identifies DHS mission outcomes in support of the National Preparedness Goal, and provides guidelines for preparing an Exercise Evaluation Guide, to provide evaluation and performance measures to be used during rail transit exercises, which assess results in terms of DHS mission outcomes. This volume also provides guidance on developing after action reports compliant with G&T requirements. While the rail transit agency has not yet applied for funding assistances from the DHS Homeland Security Exercise and Evaluation Program, it may do so in the next year.

5.0 Threat and Vulnerability Identification, Assessment, and Resolution

Chapter 5 of the SEPP outlines the rail transit agency’s process for managing threats and vulnerabilities during operations, and for major projects, extensions, new vehicles and equipment, including integration with the safety certification process.

Threats are defined as “any real or potential condition that can cause injury or death to passengers or employees of damage to or loss of transit equipment, property, and/or facilities.” Threats range from the extreme of CBRNE releases to more common events such as theft of service, pick-pocketing, graffiti and vandalism.Vulnerabilities are defined as “characteristics of passengers, employees, vehicles, and/or facilities which increase the probability of a security breach.”

Threat and vulnerability assessment provides an analytical process to consider the likelihood that a specific threat will endanger the rail transit system. Threat and vulnerability analysis can also identify activities to be performed to reduce risk of a security threat and mitigate its consequences. Threat and vulnerability assessment methodologies offer rail transit decision makers a consistent and mutually agreed-upon process for addressing security risks.

Given the size and ubiquitous nature of the rail transit network, decision makers cannot possibly protect every element of the transportation infrastructure from every type of security event. Nevertheless, an informed threat and vulnerability assessment process can provide a structured and systematic way to ensure that the rail transit agency receives a maximum level of security for its investment. This process will also focus resources where they are most needed to reduce vulnerabilities with the greatest potential for significant harm in the rail transit network.

Recent events have raised expectations that those entrusted with planning, designing and operating the nation’s transportation infrastructure are making adequate provisions to mitigate security risks. As shown in Figure 4 below, DHS/G&T, FTA, FHWA, and a Blue Ribbon Panel of transportation and security experts have also issued guidelines and recommendations which address threat and vulnerability assessment.

Figure 4 Existing Guidelines for Transportation Threat and Vulnerability Assessment

Figure 4 displays the covers of four DHS/G&T, FTA, FHWA, and a Blue Ribbon Panel of transportation and security expert publications.  They are: State Homeland Security Assessment and Strategy Program, A Guide for Highway Vulnerability Assessment; Recommendations for Bridge and Tunnel Security; and The Public Transportation System Security and Emergency Preparedness Planning Guide.

As required by FTA’s revised 49 CFR Part 659 and the state oversight agency, in performing the threat and vulnerability assessments to be documented in Chapter 5 of the SEPP, rail transit agencies should, at a minimum, reference the process specified in “Chapter 5: Reducing Threat and Vulnerability” in FTA’s Public Transportation System Security and Emergency Preparedness Planning Guide (January 2003), available on FTA’s safety and security website at: http://transit-safety.volpe.dot.gov .

For those rail transit agencies participating in the DHS G&T Transit Security Grant Program, other practices may be referenced, such as adoption of the threat and vulnerability assessment process specified in G&T’s Special Needs Jurisdiction Tool Kit, or a process jointly developed by the rail transit agency and G&T as a result of G&T’s Technical Assistance Program for Risk Assessment. The G&T program follows an approach similar to what is described in FTA’s Public Transportation System Security and Emergency Preparedness Planning Guide, which is a referenced requirement in the DHS Transit Security Grant Program application.

In preparing this SEPP chapter, the rail transit agency should begin by describing the methods the transit system will use to prioritize critical assets and to identify threats and vulnerabilities to those assets. Once threats and vulnerabilities have been systematically identified, they should be assessed to determine their impact on both the affected asset(s) and the entire system, to ensure that the greatest risks to the agency, its passengers and employees are identified. Finally, the process used by the rail transit agency to make decisions regarding whether potential impacts from identified threat and vulnerabilities will be accepted, mitigated or eliminated, should be explained. For each of these activities, the SEPP should also identify the department/function responsible.

In addressing these three elements, FTA’s recommended methodology from its System Security and Emergency Preparedness Planning Guide is presented graphically in Figure 5 figure. The G&T Special Needs Jurisdiction Risk Assessment Process is summarized on the page following. In this SEPP chapter, the rail transit agency can describe whichever approach is the most appropriate for its operations and its status in the G&T Transit Security Grant Program.

5.1 Threat and Vulnerability Identification

This section of the SEPP should begin by describing the methods the transit system will use to identify security and terrorism-related threats and vulnerabilities. Typically, this process begins with the identification and prioritization of rail transit agency assets. Then, using the rail transit agency’s process for security data collection and analysis, specific threats and vulnerabilities are identified for each prioritized asset.

Figure 5 FTA’s Threat and Vulnerability Process

Figure 5 displays FTA’s recommended methodology for Threat and Vulnerability identification and assessment process. At the core is Scenarios (the pairing of prioritized assets with identified threats).  From this core are: 1) a table of the likeliness of Occurrence of Vulnerabilities with ratings of Frequent, Probable, Occasional, Remote and Improbable; from there are the Issues to be Considered such as Surroundings, terrain, site layout, location and access of utilities, etc., also feeding into Scenarios are Critical Assets such as Station, Shops, Tunnels, Bridges, Vehicles, Critical personnel, etc.; Threats such as explosives, incendiary devices, chemical agents, biological agents, etc., and a table of the Severity of Occurrence regarding Impact listed as Catastrophic, Critical, Marginal and Negligible.  From this table, is a matrix of severity and likelihood (the Vulnerabilities table also flows into this table.  The process culminates in the design and procedural countermeasures such as: Design, Security technology, Procedures and training, Personnel and Planning and exercising.

G&T Special Needs Jurisdiction Risk Assessment Process

5.1.1 Asset Analysis

In security terms, assets are broadly defined as people, information, and property. For rail transit agencies, the people typically include passengers, employees, visitors, and contractors, vendors, nearby community members, and others who come into contact with system. Information includes operating and maintenance procedures, vehicle control and power systems, employee information, computer network configurations and passwords, and other proprietary information. The range of rail transit assets that a SEPP program might consider is presented below.

Rail Transit Assets

In reviewing assets, the rail transit agency should prioritize which among them has the greatest consequences for people and the ability of the system to sustain service. These assets may require higher or special protection from an attack. In making this determination, the system may wish to consider:

There are a variety of worksheets which may be used by the rail transit agency in identifying which assets in their operations would produce the greatest losses to the system and the community. Worksheets are included in the System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process. G&T’s on-site technical assistance program also supports the activities of rail transit agencies in identifying critical assets.

Based on the results of the completed worksheets, the rail transit agency should have a listing of its most important assets. Rail transit agencies participating in G&T programs should share this listing with the Regional Transit Security Working Group and the Urban Area Security Initiative Point-of-Contact Working Group to support regional prioritization of assets and security planning.

Rail transit agency departments/functions responsible for the identification of critical assets typically include the capital/planning department/function, the system safety function, and the security/police function.

5.1.2 Security Data Collection for the Identification of Threats and Vulnerabilities

The rail transit agency’s security/police function is often the central point for collection, assessment, reporting and recordkeeping of security data and information involving the rail transit system. The rail transit agency’s security database includes standard crime analysis codes, and information sorted by geographic location, geographic area, day of week, time of day, and train route. Analysis of the security database is conducted continually to indicate patterns of criminal behavior occurring on the rail transit system, as a valuable tool used to help determine deployment of security resources on the system. The rail transit agency’s security/police function also receives security threat and crime intelligence through law enforcement sources in the region continually and concurrently, for assessment and incorporation into security personnel resource deployments and tactics and rail transit agency operations orders. Security data and information inputs to the security/police function include:

In addition, the rail transit agency is a member of the U.S. DOT and APTA-sponsored Surface Transportation Information Sharing and Analysis Center (ST-ISAC), and monitors daily threat information reported by ST-ISAC. The rail transit agency’s security/police function is also provided transit-related intelligence information from the regional FBI Joint Terrorism Task Force (JTTF). The rail agency will also join the state-wide terrorism early warning system, when it is operational next year.

Every effort is made to compile all security-related data and reports into the most complete accounting of transit system security information possible. The designated Security Data Coordinator for the security/police function reviews security data and information for accuracy and completeness on an on-going basis, and makes determinations regarding the reliability of the information available as an appropriate basis for security operations and tactics.

5.1.3 Other Sources of Information – Security Reviews, Testing and Inspection Programs

The rail transit agency’s threat and vulnerability identification process also includes security testing and inspections. These activities are geared toward ensuring that equipment is operating properly, is readily available when needed, and that employees are proficient in the use of the equipment. To accomplish this, testing programs are developed for specific systems and equipment that not only assess the current state of security, but can also be used to upgrade staff effectiveness through training.

The rail transit agency conducts formal reviews of every incident on its transit system which may require changes in or additions to operating procedures, training programs, or to the design of vehicles, equipment or facilities. Security or emergency incident reviews are generally conducted through the rail transit agency’s Security Committee. The rail transit agency’s security/police function typically leads the review process for security or emergency incidents. The incident reviews identify causes, and corrective actions, as appropriate.

The rail transit agency has designated employees at each of its operating facilities and office buildings, responsible to coordinate with occupant work groups at each facility and the rail transit agency’s security/police function to assure that internal security procedures are identified and followed, and that appropriate physical features and equipment for building/site security are identified, implemented and maintained at each work facility. At a typical operations facility, the security representatives are the maintenance and transportation operations managers of that location. In addition, monthly safety inspections of operating facilities, which are performed by these personnel, include inspections of security-related items. Managers responsible for maintenance of the respective facilities are responsible to correct any security items found non-compliant by the monthly safety/security inspections.

The rail transit agency security/police function also supports facility security representatives and operations managers by providing security assessments of transit system assets such as transit centers, park/ride facilities, light rail tunnel and stations, and operations facilities. Supplemental or update assessments may occur whenever prompted by identification of a vulnerability or in corrective action resulting from a security breach incident review.

Within the security/police function, security data and information is processed in three (3) functional areas:

Security data and information outputs from the security/police function include:

In addition, the Operations Control Center reports rail transit security incidents meeting specified thresholds to the state oversight agency, as required in 49 CFR Part 659. Every effort is made to issue these reports within two-hours of incident occurrence, as per the standard of 49 CFR § 659.33. Full investigations are conducted of these events, and corrective action plans are developed, reviewed and approved by the state oversight agency, and tracked through to implementation by the security/police function.

As security issues are identified, they are documented and addressed through security design criteria; development of new procedures and practices; employee training; changes in the deployment of security personnel; and targeted integration with relevant local law enforcement and regional emergency management agencies. The security/police function takes the lead in coordinating rail transit agency activity to address the results of security information collection.

5.1.4 Identifying Threats for Prioritized Assets

Based on this security information collection and analysis process described above, the rail transit agency will identify specific threats for its list of prioritized assets. This activity is termed “threat analysis.” Threat analysis defines the level or degree of the threats against a prioritized asset by evaluating the intent, motivation, and possible tactics of those who may carry them out. The process involves gathering historical data about the ways in which criminals have perpetrated crimes on the systems and also, for terrorism, identifying ways in which threats could be carried out again the system. In performing this assessment, the rail transit agency should identify and evaluate which information, from all that is collected, is relevant in assessing the threats against the prioritized assets. This activity may be performed by the security/police function with the support of a consultant and the system safety function.

Specifically for terrorism, possible methods of carrying out hostile actions in the transportation environment are identified below. Historical examples are provided for reference and consideration, as well as the types of weapons typically used in these attacks.

Attack Type: Explosive and Incendiary Devices

Historical Examples and Types of Weapons Used:

Attack Type: Exterior Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Stand-off Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Ballistics Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Networked/Inside Access: Forced Entry; Covert Entry; Insider Compromise; Visual Surveillance; Acoustic/ Electronic Surveillance

Historical Examples and Types of Weapons Used:

Attack Type: Cyber Attack

Historical Examples and Types of Weapons Used:

Attack Type: Chemical, Biological, Radiological, & Nuclear (CBRN) Agent Release

Historical Examples and Types of Weapons Used:

Identified threats for each prioritized asset may be recorded in worksheets or databases are maintained by the rail transit agency’s security/police function. Sample worksheets are included in the System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

5.1.5 Identifying Vulnerabilities

Vulnerability is anything that can be taken advantage of to carry out a threat. This includes vulnerabilities in the design and construction of a facility, in its technological systems, and in the way a facility is operated (e.g., security procedures and practices or administrative and management controls). To identify vulnerabilities, the rail transit agency should pair prioritized assets with identified threats to create scenarios. This activity is termed “vulnerability analysis.”

This figure displays the coupling of an asset and a threat to equal a scenario as explained in the preceding text.

Vulnerability analysis identifies specific weaknesses with respect to how they may invite and permit a threat to be accomplished. Vulnerabilities are commonly prioritized through the creation of scenarios that pair identified assets and threats. Using these scenarios, transportation agencies can evaluate the effectiveness of their current policies, procedures, and physical protection capabilities to address consequences.

In conducting its vulnerability analysis, the rail transit agency should apply an interpretive methodology that encourages role-playing by transportation personnel, emergency responders, and contractors to brainstorm ways to attack the system. By matching threats to critical assets, transportation personnel can identify the capabilities required to support specific types of attacks. This activity promotes awareness and highlights those activities that can be preformed to recognize, prevent, and mitigate the consequences of attacks.

Both the FBI and DHS recommend that rail transit agencies focus on the top 10% of identified critical assets (at a minimum). Using these assets, transportation personnel should investigate the most likely threats, considering the range of attack objectives and methods that may be used (such as property and violent crime, disruption of traffic, destruction of bridge or tunnel, airborne contamination, hazardous materials accident, and threat or attack with explosives intended to disrupt or destroy). The system should also consider the range of perpetrators, such as juvenile gang members, drug users and pushers, car thieves, organized crime, terrorists, disgruntled employees, disturbed copycats, and others.

When conducting the scenario analysis, the system may choose to create chronological scenarios (event horizons) that emphasize the worst credible scenario as opposed to the worse case scenario. Experienced transportation personnel, who have participated in transportation war-gaming, recommend the investigation of worst credible scenarios. Based on this type of assessment, the rail transit system may determine certain scenarios as the most relevant. Results can be recorded in worksheets provided in System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

Relevant Rail Scenarios

Rail Assets Most Probable Threats
Stations
  • High-yield vehicle bomb near stations
  • Lower-yield explosive device in station
  • Armed assault, hijacking, hostage, or barricade situation in station
  • Chemical, biological, and nuclear release in station
  • Secondary explosive device directed at emergency responders
  • Graffiti in station
  • Car theft from station parking lot
Track/Signal
  • Explosive detonated on track
  • Chemical, biological, nuclear release on track
  • Signal and/or rail tampering
  • Dumping of debris on track
Rail Cars
  • Explosives placed on or under rail car
  • Improvised explosive device (pipe/fire bomb) on rail car
  • Chemical, biological, nuclear release on rail car
  • Armed assault, hostage, or barricade situation on rail car
  • Secondary explosive device directed at emergency responders
  • Graffiti on rail car
Power substations
  • Explosive detonated in or near substation
  • Tampering with power substations and components
Command Control Centers
  • Physical or information attack on train control system
  • Physical or information attack dispatch system
  • Armed assault, hostage, or barricade situation
  • Explosive device near or in Center
  • Sabotage of train control system

5.2 Threat and Vulnerability Assessment

Threats and vulnerabilities to a transit system cover a wide array of events, virtually none of which can be totally eliminated while still operating the system. Since no system can be rendered totally secure, once threats and vulnerabilities are identified, their impact on the total system must be assessed to determine whether to accept the risk of a particular danger, and the extent to which corrective measures can eliminate or reduce its severity.

To conduct its threat and vulnerability assessment, for each scenario pairing prioritized assets with identified threats, the transportation system should attempt to identify the costs and impacts using a standard risk level matrix, which supports the organization of consequences into categories of high, serious, and low. Consequences are assessed both in terms of severity of impact and probability of loss for a given threat scenario. A sample matrix is presented in Figure 6 below:

Figure 6 Sample Threat and Vulnerability Assessment Matrix

Figure 6 contains two parts.  The first part is a table identifying codes for Vulnerabilities and Impacts.  Vulnerabilities are defined as A – Very Easy; B – Relatively Easy; C – Difficult; D – Very Difficult; and E – Too Difficult.  Impact are identified as I – Loss of Life; II – Serious injuries, major service impact, >$250K damage; III – Minor injuries, minor service impact, <$250K damage; and IV – No Injuries, no service Impact.  The a arrow shows the correlation to a Criticality Matrix which shows the five levels of vulnerability the first column, the four levels of impact as the remaining column heading, and for each box in the matrix a H = High, S= Serious, or L = Low criticality.

Scenarios with vulnerabilities identified as “high” may require further investigation and the implementation of countermeasures. Scenario-based analysis is not an exact science but rather an illustrative tool demonstrating potential consequences associated with low-probability to high-impact events. To determine the system’s actual need for additional counter-measures, and to provide the rationale for allocating resources to these counter-measures, the system should use the scenarios to pin-point the vulnerable elements of the critical assets and make evaluations concerning the adequacy of current levels of protection.

Examples of vulnerabilities that may be identified from scenario-based analysis include the following:

At the conclusion of the scenario-based analysis, the transportation system should have assembled a list of prioritized vulnerabilities for its top 10% critical assets. Typically, these vulnerabilities may be organized into the following categories:

These vulnerabilities should be documented in a confidential report or memorandum for the system’s executive director. Results can be recorded in worksheets provided in System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

5.3 Threat and Vulnerability Resolution

Based on the results of the analysis described in Section 5.2 of this SEPP, the rail transit system can then identify countermeasures to reduce vulnerabilities identified as unacceptable to management. Effective countermeasures typically integrate mutually supporting elements.

Figure 7 as illustrated on the next page, security tends to emphasize “rings of protection,” meaning that the most important or most vulnerable assets should be placed in the center of concentric levels of increasingly stringent security measures. For example, a rail transit agency’s Operational Control Center should not be placed right next to the building’s reception area, rather, it should be located deeper within the building so that, to reach the control center, an intruder would have to penetrate numerous rings of protection, such as a fence at the property line, a locked exterior door, an alert receptionist, an elevator with key-controlled floor buttons, or a locked door to the control room.

Figure 7 Sample Rings of Protection

Figure 7 displays a Core Asset Ring with 3 concentric circles and text explaining each ring. The Inner Ring includes: alert personnel; door and cabinet locks; network firewalls and password controls; visitor escort policies; document shredding; access control devices; emergency communications systems; secure computer room; and motion-activated closed-circuit television.  The Middle Ring includes:  locked doors; receptionist; badge checks; access control system; window bars; parcel inspection; and turnstiles.  The Outer Ring includes: lighting; fences; gates; bollards; walls; trenches; intrusion detection sensors; and guards on patrol and posted at property-line access points.

Within the rings of protection concept, the development of countermeasures typically reflects standard precedence guidelines for hazard resolution, including:

As a first step in assessing the need for countermeasures, the rail transit agency assures that the security policies, procedures, responsibilities, equipment, technology, and response capabilities described throughout this SEPP are effectively in-place for all threats, so that the risks of loss from security incidents to transit customers and employees, and to operating performance of the transit system, is at a manageable or acceptable level.

Next, based on the assessment of identified vulnerabilities, the rail transit agency may consider implementation of additional strategies to mitigate or eliminate vulnerabilities. Typically, rail transit agencies consider both passive and active strategies for identifying, managing, and resolving threats to the system’s operation. Passive strategies include all security and emergency response planning activity, outreach with local law enforcement, training, evacuation and business continuity and recovery plans, employee awareness, public information, and passenger training. Passive responses also include security design strategies, supported by Crime Prevention Through Environmental Design (CPTED) and Situational Crime Prevention (SCP) methods, such as landscaping, lighting, and physical barriers (planters or bollards).

Active strategies include security technology, such electronic access control, intrusion detection, closed circuit TV, digital recorders, emergency communications systems, and chemical agent or portable explosives detectors. Active systems also include personnel deployment. It is important to consider the entire lifecycle cost when evaluating security solutions. Technology options may require a substantial one-time investment, supported by fractional annual allocations for maintenance and vendor support contracts. Personnel solutions are generally more expensive.

Examples of ways in which the above prioritization may be applied include:

Other prevention strategies involve cooperation with law enforcement agencies, security staff in other systems, and industry associations in order to share threat information. It is useful to know whether other transportation systems in an area have experienced threats, stolen uniforms or keys, or a particular type of criminal activity, in order to implement appropriate security measures.

The table below provides a sample listing of possible countermeasures.

Possible Rail Transit Agency Countermeasures
Rail Transit Agency Countermeasures Planning Coordination with Local Responsers Training and Exercising Access Control Surveillance Blast Mitigation WMD Agent Protection
Identifying Unusual or Out-of-Place Activity X X X X X
Security Screening and Inspection Procedures X X X X X X
Enhancing Access Control for Stations/Vehicles X X X X X
Securing Perimeters for Non-revenue Areas X X X
Denying Access to Authorized-only Areas X X X X
Securing Vulnerable Areas (target hardening) X X X X
Removing Obstacles to Clear Line-of-Sight X X X
Protecting Parking Lots X X X
Enhanced Access Control for Control Center X X X
Securing Critical Functions and Back-ups X X X
Promoting Visibility of Uniformed Staff X X X
Removing Spaces that Permit Concealment X X X X
Reinforcing Natural Surveillance X X X
Procedures for Vehicle and Station Evacuations X X X X X
Coordination with Community Planning Efforts X X X X
Backing up Critical Computer Systems X X
Revising Lost-and-Found Policies X X X
Securing Tunnels and Elevated Structures X X X X X X
Elevating/securing Fresh Air Intakes X X X
Protecting Incoming Utilities X X X X X
Establishing Mail-handling Procedures X X X X
Identifying Appropriate Personal Protective Equipment and Training X X X X
Preparing Response Folders and Notebooks for Facilities and Vehicles X X X X X X
Familiarization Training for Local Emergency Response Agencies X X X
Planning for Scene Management and Emergency Response X X X X

6.0 Implementation and Evaluation of SEPP

6.1 Implementation Tasks for Goals and Objectives

This section should describe the specific tasks that will be implemented by the rail transit agency to meet the goals and objectives specified in Section 1.2 of the SEPP, and the roles, responsibilities and program implementation activities described in the other chapters. For example, for the sample goals and objectives identified in Section 1.2 of this SEPP, the rail transit agency may identify the following tasks:

6.2 Implementation Schedule

This section should detail a schedule that is used for the implementation of the security program. For example, if the security plan is to be reviewed by the transit agency on an annual basis, beginning in January of each year, then this review should be included in the general schedule. In addition, if specific threat and vulnerability analysis of key stations or facilities are to be updated every year, this section should include those items in the schedule.

6.3 Evaluation

This section of the SEPP should document the rail transit agency’s process for conducting internal security audits to evaluate compliance and measure the effectiveness of the SEPP. This process must ensure that all elements in the rail transit SEPP are reviewed for their implementation and effectiveness in an on-going manner over a three-year cycle. This process may be combined with the internal audit process used for the System Safety Program Plan, or it may be an independent procedure.

This section of the SEPP should identify the department/function with responsibility for conducting these audits, the activities to be performed, including establishing the audit schedule, the development of checklists to guide the audit, and the notification of the state oversight agency no less than 30 days prior to the conduct of an audit, the frequency of the audits, and, if possible, the specific person or internal function responsible. For example, the system safety function may audit the security/police function as part of its internal audit program on a three year basis. In addition, security management may perform weekly or daily reviews of the private security forces it has hired to provide security at transit agency facilities. The rail transit agency must submit an annual report to the state oversight agency for review and approval, documenting its internal audit activities over the past year, along with a certification, signed by the General Manager that, based on the results of internal audit process, the SEPP is being implemented by the rail transit agency.

Any external reviews of the security program should also be explained in this section. The SEPP should state that the state safety oversight agency will conduct an external review of the rail transit agency’s SEPP program on a three year basis at a minimum. The transit agency should also explain the process for correcting any findings that are a result of the external review. To respond to findings of an oversight agency external review, the rail transit agency may need to submit a corrective action plan describing how the finding will be resolved. The corrective action plan should include the corrective action plan required, the person(s) or department responsible for implementing the corrective action, a time frame for implementing the corrective action, and the status of the corrective action plan. As applicable, the rail transit agency should also note reviews to be conducted by G&T and/or TSA.

7.0 Modification of System Security Plan

7.1 Initiation

This section of the SEPP plan should include a process for initiating revisions, gathering input for the revisions and procedures for updating the plan and the identification of the responsible person.

7.2 Review Process

The process used to review and revise the security plans as necessary should be explained, including frequency and responsible person(s). The role of the state safety oversight in requiring annual updates and reviewing the security plan needs to be included in this section.

This section of the SEPP should also document the rail transit agency’s process for making its SEPP and accompanying procedures available to the oversight agency for review and approval. As specified in § 659.11 of the revised Rule, the oversight agency must either have provisions in place for protecting security-related materials from public disclosure or the rail transit agency must develop special procedures to ensure that these materials cannot be released. The rail transit agency’s SEPP must describe the process in place to ensure that all security-related materials are protected from public disclosure. In many instances, this may include the state oversight agency conducting an on-site review of the SEPP and supporting procedures at the rail transit by agency.

7.3 Implement Modifications

The process of communicating, disseminating and implementing new and revised procedures of the security plan throughout the transit agency should be detailed.

Appendix A: DHS Regulation and Requirements Relevant to the SEPP

As discussed briefly in Section 1.6 (Government Involvement) and Section 3.3.6 (Responsibilities of External Agencies), DHS and its departments (including G&T, FEMA, and TSA) all have a new role in public transportation system security and emergency preparedness. This section of the SEPP describes the various elements of this role, which are based in the Homeland Security Act of 2002 and subsequent Homeland Security Presidential Directives (HSPDs), and identifies the implications for the rail transit agency.

The authority of the Department of Homeland Security to regulate the security and emergency preparedness operations of public transportation agencies is two-fold. First, DHS has direct regulatory authority over all modes of transportation. See Aviation and Transportation Security Act of 2001, PL 107-71, 115 Stat. 597, 49 USC 40101 (transferring regulation of all modes of security to the Transportation Security Administration (TSA), still within the Department of Transportation) and Homeland Security Act of 2002, PL 107-296, 116 Stat. 2135, 6 USCA 101 (transferring TSA from the DOT to DHS). Thus, DHS (through TSA) has the authority to regulate and oversee implementation of security and emergency preparedness measures for all modes of transportation in the United States. TSA may exercise its authority through formal rulemaking or binding directives to transportation operators. See 49 CFR § 1500–1699 (current rules as codified).

Second, DHS has control over the intergovernmental coordination of national security operations, and because public transportation agencies are “local governments” as defined in the Homeland Security Act, they are subject to the guidelines and any grant-based requirements associated with DHS coordination efforts. See Homeland Security Act of 2002, PL 107-296, 116 Stat. 2135, 6 USCA 101. The Office of the Secretary of DHS includes the Office of State and Local Government Coordination and Preparedness (SLGCP), which includes G&T, which plays a major role administering and managing DHS grant programs. FEMA, now a part of DHS, also plays a significant role in coordinating intergovernmental activities for all-hazards emergency preparedness.

Homeland Security Presidential Directives and Supporting Guidance

Under the Homeland Security Act, activities identified to support intergovernmental coordination are carried out primarily by G&T and FEMA, following guidance and requirements specified in Homeland Security Presidential Directives (HSPDs), particularly:

Homeland Security Presidential Directive 5: Management of Domestic Incidents, February 28, 2003

Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection, December 17, 2003

Homeland Security Presidential Directive 8: National Preparedness, December 17, 2003

Relationships among HSPDs 5, 7 and 8 are depicted graphically in Figure 8 below.

Figure 8 DHS Strategy, HSPDs, National Initiatives and Expected Results

Figure 8 depicts how the document “The National Strategy for Homeland Security” directly relates to Homeland Security Presidential Directives 5, 7 and 8.  Presidential directives 5 and 7 directly relate to the National Initiative such as the National Incident Management System (NIMS), the National Response Plan (NRP) and the National Infrastructure Protection Plan.  Presidential Directive 8 directly relates to National Initiatives: National Preparedness Goal, the Capabilities-Based Planning Tools (Scenarios, UTL and TCL), Homeland Security Grant Program Guidance, and National Preparedness Guidance.  Finally all of the National Initiatives directly relate to Results such as: a Common approach to national incident management which includes: prevention, protections, response, recovery and preparedness.

HSPD-5 (Management of Domestic Incidents) mandated the creation of the National Incident Management System (NIMS) and National Response Plan (NRP). The NIMS provides a consistent framework for entities at all jurisdictional levels to work together to manage domestic incidents, regardless of cause, size, or complexity. To promote interoperability and compatibility among federal, state, local, and tribal capabilities, the NIMS includes a core set of guidelines, standards, and protocols for command and management, preparedness, resource management, communications and information management, supporting technologies, and management and maintenance of NIMS. The NRP, using the template established by the NIMS, is an all-discipline, all-hazards plan that provides the structure and mechanisms to coordinate operations for evolving or potential Incidents of National Significance. Incidents of National Significance are major events that “require a coordinated and effective response by an appropriate combination of federal, state, local, tribal, private sector, and nongovernmental entities.” The relationship of NIMS and the NRP during Incidents of National Significance is presented in Figure 9 below.

Figure 9 National Response Plan and National Incident Management System

Figure 9, the National Incident Management System (NIMS) contains a standardized process and procedures for incident management.  NIMS aligns command, control, organization structure, terminology, communication protocols, resources and resource-typing for synchronization of response efforts at all echelons of government.  It guides support and response for local, state and federal incidents.  The National Response Plan (NRP) guides activation and proactive application of integrated Federal resources.  The NRP is activated for Incidents of National Significance.  DHS integrates and applies federal resources both pre and post incident for federal incidents.

Specific requirements in support of NRP and NIMS implementation have been placed on county, municipal, and state emergency management agencies and on local emergency response agencies, including law enforcement. Public transportation agencies now must address these requirements through greater integration in the local/regional/state emergency planning process and through adoption and implementation of NIMS.

To support implementation of HSPD-7 (Critical Infrastructure Identification, Prioritization, and Protection), DHS issued the Interim National Infrastructure Protection Plan (NIPP) in February 2005. The NIPP provides a consistent, unifying structure for integrating critical infrastructure protection (CIP) efforts into a national program. The NIPP outlines how DHS and its stakeholders will develop and implement the national effort to protect infrastructures across all sectors, including transportation. DHS and the Sector-Specific Agencies (SSAs) are evaluating the Interim NIPP with critical stakeholders to further ensure its effectiveness and success. As depicted in Figure 10 below, DHS has developed a risk management framework to be used in evaluating vulnerabilities and establishing priorities in each of the 17 sectors identified as containing critical infrastructure or key resources. Public transportation is included as a critical infrastructure.

Figure 10 DHS Risk Management Process for Critical Infrastructure Protection

Figure 10 depicts that Input of General Threat Information whether physical, human or cyber in nature creates a process for: Identifying Critical Infrastructure; Identifying & Assessing Vulnerabilities; Normalizing, Analyzing and prioritizing; Implementing Proactive Programs; and Measuring effectiveness through Performance Metrics.  Each creates feedback for correlating threats to mitigation programs/effectiveness and continuous process improvements.  The outcomes are: vulnerability reduction; national risk profile; prioritized assets; effective resource allocation; enhanced preparedness; voluntary actions; and potential legislation/regulation.

For public transportation, DHS has identified representative measures of efforts being made across the United States. These measures involve a layered approach to enhancing the safety and security of its transit systems. Some of the elements of this approach include:

HSPD-8 (National Preparedness) establishes policies to strengthen the preparedness of the United States to prevent and respond to threatened or actual domestic terrorist attacks, major disasters and other emergencies by requiring a National Preparedness Goal, establishing mechanisms for improved delivery of federal preparedness assistance to state and local governments and outlining actions to strengthen preparedness capabilities of federal, state, and local entities. Statewide all-hazards preparedness strategies should be consistent with the National Preparedness Goal, assess the most effective ways to enhance preparedness, address areas facing higher risk especially to terrorism, and address local government concerns and Citizen Corps efforts.

The National Preparedness Goal establishes the requirement for federal, state, local and tribal entities to achieve and sustain nationally accepted risk based target levels of capability for prevention, preparedness, response and recovery for major events, especially terrorism. The target levels of capability are based upon National Planning Scenarios, a Universal Task List (UTL), and a Target Capabilities List (TCL). These tools have been developed with input from the homeland security community at all levels and will continue to be updated over time. States should take steps in FY05 to review and incorporate these tools in their preparedness efforts in preparation for full implementation of HSPD-8 in FY06. The figure below (this figure has been converted to a listing for easy reading) provides a visual depiction of the interfaces among the National Planning Scenarios, the Universal Task list, and the Target Capabilities List.

Elements of the National Preparedness Goal

In the National Preparedness Goal Scenarios directly relate to Task, and Tasks directly relate to Capabilities. These Scenarios, Tasks and Capabilities are described below.

Scenarios: The National Planning Scenarios highlight the scope, magnitude and complexity of plausible catastrophic terrorist attacks, major disasters, and other emergencies.

Tasks: The Universal Task List (UTL) provides a menu of tasks from all sources that may be performed in major event such as those illustrated by the National Planning Scenarios.

Capabilities: The Target Capabilities List (TCL) provides guidance on specific capabilities and levels of capability that federal, state, local and tribal entities will be expected to develop and maintain.

The 36 Critical Capabilities required to ensure National Preparedness are listed below:

  1. Animal Health Emergency Support
  2. CBRNE Detection
  3. Citizen Preparedness and Participation
  4. Citizen Protection: Evacuation and/or In-Place Protection
  5. Critical Infrastructure Protection
  6. Critical Resource Logistics and Distribution
  7. Economic and Community Recovery
  8. Emergency Operations Center Management
  9. Emergency Public Information and Warning
  10. Environmental Health and Vector Control
  11. Explosive Device Response Operations
  12. Fatality Management
  13. Firefighting Operations/Support
  14. Food and Agriculture Safety and Defense
  15. Information Collection and Threat Recognition
  16. Information Sharing and Collaboration
  17. Intelligence Fusion and Analysis
  18. Interoperable Communications
  19. Isolation and Quarantine
  20. Mass Care (Sheltering, Feeding, and Related Services)
  21. Mass Prophylaxis
  22. Medical Supplies Management and Distribution
  23. Medical Surge
  24. On-Site Incident Management
  25. Planning
  26. Public Health Epidemiological Investigation and Laboratory Testing
  27. Public Safety and Security Response
  28. Restoration of Lifelines
  29. Risk Analysis
  30. Search and Rescue
  31. Structural Damage Assessment and Mitigation
  32. Terrorism Investigation and Intervention
  33. Triage and Pre-Hospital Treatment
  34. Volunteer Management and Donations
  35. WMD/Hazardous Materials Response and Decontamination
  36. Worker Health and Safety

For HSD-8, DHS has identified seven National Priorities, based on the scenarios, task list and critical capabilities, as building blocks for the National Preparedness System. These seven priorities reflect a limited number of the cross-cutting initiatives and critical capabilities that should drive near-term planning and resource allocation efforts. The National Priorities are intended to guide the nation’s preparedness efforts to meet its most urgent needs, and fall into two categories: (1) overarching priorities that contribute to the development of multiple capabilities, and (2) capability-specific priorities that build selected capabilities for which the nation has the greatest need.

Overarching Priorities

  1. Implement the National Incident Management System and National Response Plan
  2. Expanded Regional Collaboration
  3. Implement the Interim National Infrastructure Protection Plan

Capability-Specific Priorities

  1. Strengthen Information Sharing and Collaboration capabilities
  2. Strengthen Interoperable Communications capabilities
  3. Strengthen CBRNE Detection, Response, and Decontamination capabilities
  4. Strengthen Medical Surge and Mass Prophylaxis capabilities

Implications for the Rail Transit Agency

HSPD-5: NRP: Requirements for the NRP are being addressed by the state Emergency Management Agency (EMA) in revising the state Emergency Operations Plan. The county EMA and/or a specially created County Advisory Board (CEM Board) and the major municipality served by the rail transit agency are also preparing Emergency Operations Plans for the county and city respectively, which reflect requirements from the NRP and the state EOP. The rail transit agency, in turn, is addressing these requirements through participation in the Major Emergency Incident Management System (MEIMS) established for the county/municipality and through the submission of its EOP to the appropriate municipal and county agencies. The rail transit agency is also revising its MOUs and response protocols with the municipality and county, and preparing an itemized inventory of emergency response resources.

The rail transit agency’s cooperative agreement with the county EMA extends to mutual aid with participating communities. In addition, the county coordinate’s homeland security related emergency management planning through the Urban Area Security Initiative (UASI) Point-of-Contact Committee (UAPOC).

HSPD-5: NIMS: To address NIMS requirements, the rail transit agency has developed and documented its Incident Management Organization and emergency notification and response procedures in its Emergency Operations Plan. The rail transit agency EOP:

The rail transit agency understands that full NIMS compliance is required for the receipt of preparedness grants from G&T and FEMA for FY 2007. FEMA’s NIMS Integration Center (NIC) is continuing to develop resource materials and guidance ( http://www.fema.gov/nims ). In addressing NIMS requirements, the rail transit agency has committed to:

The rail transit agency is also addressing NIMS requirements through its partnership with the county and municipal emergency management agencies in its service area. The county has approved the Major Emergency Incident Management System (MEIMS) Basic Principals and Protocols. MEIMS Basic Principles establish Emergency Incident Levels and define the roles and responsibilities of the various entities, including the rail transit agency, which could become involved in emergency response. MEIMS Protocols, which have been adopted by the rail transit agency, specify use of the Incident Command System (ICS) and support compliance with the National Incident Management System (NIMS) and the National Response Plan (NRP) regarding both on-scene response and the request and mobilization of resources.

HSPD-7: NIPP: In developing its Emergency Operations Plan, SEPP, and supporting procedures, plans, policies, training, drills/exercises, and other activities, the rail transit agency is addressing concerns identified in the NIPP. Further, the rail transit agency remains committed to filling requests from DHS or SSAs regarding:

HSPD-8: G&T Transit Security Grant Program: G&T requires fulfillment of DHS emergency preparedness guidance as a condition of eligibility for security preparedness grants and technical assistance. G&T includes a Transportation Infrastructure Security Division (TISD) which administers the Urban Area Security Initiative (UASI), Transit Security Grant Program (TSGP). This program requires that the rail transit agency work with its State Administrative Agency (SAA), and the state Emergency Management Agency, to:

In addition, FY2005 TSGP award recipients should also take advantage of the public awareness materials developed by FTA through Transit Watch. To facilitate this, reproduction of official Transit Watch materials is an allowable expense as part of this program.

TSA REGULATIONS: Under authority of 49 USC 40119, USDOT and TSA have jointly issued, at 49 CFR § 15 and 49 CFR § 1520 respectively, regulations for protection of sensitive security information (SSI), applicable to all modes of transportation. The rail transit agency uses its legal department to address SSI considerations, and, at the present time, does not need protections afforded by these regulations.

In addition, the Transportation Security Administration (TSA) has required, per its security directive RAILPAX-04-01 issued May 20, 2004, the designation of primary and alternate security coordinators (SCs) for public mass transit rail operations. The rail transit agency has provided these SCs to TSA.

The SCs serve as point-of-contact with TSA, such as rail security inspectors under TSA's Surface Transportation Security Inspector (STSI) program. Pursuant to the DHS/G&Ts National Infrastructure Protection Plan (NIPP) and DHS/TSA's Transportation Security Operational Plan (TSOP), TSA has developed a Surface Transportation Security Inspector (STSI) Program (Rail), as mandated by the Fiscal Year 2005 Homeland Security appropriations bill.

The STSI program will hire, train and deploy 100 TSA rail security compliance inspectors, to be located in 19 cities. The cities were chosen for their proximity to major rail hubs, existing Federal Railroad Administration (FRA) and Federal Transit Administration offices, and existing TSA Aviation Operations Districts. In coordination with mass transit and passenger rail systems, the TSA inspectors will: conduct security system evaluations; share security-related best practices information; coordinate security threat advisories; and conduct inspections to ensure compliance with security directives, such as TSA's security directive RAILPAX-04-01 issued May 20, 2004.

Appendix B: Acronyms

AVL - Automatic Vehicle Location

BASS - Behavioral Awareness Security Screening

CBRNE - Chemical, Biological, Radiological, Nuclear, Explosive (WMD)

CCTV - Closed-Circuit Television

COOP - Continuity of Operations Plan

CFR - Code of Federal Regulations

CPTED - Crime Prevention Through Environmental Design

DHS - U.S. Department of Homeland Security

DOT - U.S. Department of Transportation

EMS - Emergency Medical Services

EOC - Emergency Operations Center

EOP - Emergency Operations Plan

G&T - Office of Grants and Training

HSPD - Homeland Security Presidential Directive

IED - Improvised Explosive Device

JTTF - Joint Terrorism Task Force (FBI)

NIMS - National Incident Management System

NTI - National Transit Institute

OCC - Operations Control Center

ODP - Office for Domestic Preparedness

OSHA - Occupational Safety and Health Administration

POETE - Plans, Organization, Equipment, Training/Procedures, and Exercises/Evaluation

RFGS - Rail Fixed Guideway System

RTSS - Regional Transit Security Strategy

SEPP - Security and Emergency Preparedness Plan

SOP - Standard Operating Procedure

SSO - RFGS State Safety Oversight Agency

SSPP - System Safety Program Plan

TEW - Terrorism Early-Warning System

TSA - Transportation Security Administration

UA - Urban Area (for DHS/G&T administration of UASI program)

UAPOC - Regional UASI Point-of-Contact working group

UASI - Urban Areas Security Initiative

WMD - Weapons of Mass Destruction

Appendix C: Definitions

Assessment - The evaluation and interpretation of measurements and other information to provide a basis for decision-making.

Assets - People, information, and property for which the public transportation system is responsible as legal owner, employer, or service provider.

Capabilities Assessment - A formal evaluation, conducted by the public transportation system, to identify the status of its security and emergency preparedness activities. This activity enables the system to determine its existing capacity to: (1) Reduce the threat of crime and other intentional acts, (2) Recognize, mitigate, and resolve incidents that occur in service and on system property, (3) Protect passengers, employees, emergency responders, and the environment during emergency operations, and (4) Support community response to a major event.

Consequences - The severity of impact and probability of loss for a given threat scenario. Consequences may be measured in qualitative or quantitative terms.

Countermeasures - Those activities taken to reduce the likelihood that a specific threat will result in harm. Countermeasures typically include the deployment and training of personnel, the implementation of procedures, the design or retrofit of facilities and vehicles; the use of specialized equipment, the installation of alarms/warning devices and supporting monitoring systems; and communications systems and protocols.

Critical Assets - A sub-category of assets whose loss has the greatest consequences for people and the ability of the system to sustain service. These assets may require higher or special protection.

Critical Infrastructure - Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. (USA Patriot Act of 2001, 42 U.S.C. § 5195(e), incorporated by reference into the Homeland Security Act of 2002, 6 U.S.C. § 101).

Department of Homeland Security (DHS) - U.S. government agency created by the Homeland Security Act of 2002 (Pub. L. 107-296). Includes Transportation Security Administration (TSA), and within the Office of the Secretary of DHS, the Office for Domestic Preparedness (ODP), which is now referred to as the Department of Homeland Security, Preparedness Directorate, Office of Grants and Training (G&T). TSA's authority includes regulation and oversight of security measures for all modes of transportation in the United States. G&T's functions include coordinating emergency preparedness efforts at all levels of government.

Emergency - A condition, situation or occurrence of a serious nature, developing suddenly and unexpectedly, and requiring immediate action.

Emergency Operations Center (EOC) - The physical location at which the coordination of information and resources to support domestic incident management activities normally takes place.

Emergency Operations Plan (EOP) - The formal plan that documents the transportation system’s program for emergency preparedness and response.

Emergency Preparedness - Plans, organization, equipment, training/procedures, and exercises/evaluation, for preparedness to perform the prevention, detection, response and recovery capabilities applicable to mass transit employees and operations during catastrophic natural disasters, or terrorist attacks, appropriately coordinated/integrated with emergency response/management jurisdictions in the transit agency's service area.

Emergency Responder - Federal, state, and local public safety, law enforcement, emergency response, emergency medical (including hospital emergency facilities), and related personnel, agencies, and authorities.

Evacuation - Organized, phased, and supervised withdrawal, dispersal, or removal of civilians from dangerous or potentially dangerous areas, and their reception and care in safe areas.

Event - A planned, non-emergency activity. ICS can be used as the management system for a wide range of events, e.g., parades, concerts, or sporting events.

Federal Transit Administration (FTA) - The agency of the U.S. Department of Transportation which administers the federal program of financial assistance to public transit.

Hazard also Hazardous Condition - Any real or potential condition that can cause injury, illness, or death; damage to or loss of a system, equipment or property; or damage to the environment.

Hazard Severity -

Hazard Threat Probability – The probability a hazard or threat will occur. Probability may be expressed in quantitative or qualitative terms and the ranking system is as follows: (a) frequent, (b) probable, (c) occasional, (d) remote, (e) improbable, and (f) impossible.

Hazard Resolution – The analysis and subsequent actions taken to reduce, to the lowest level practical, the risk associated with an identified hazard.

Homeland Security Presidential Directives (HSPDs) - instruments for communicating presidential decisions about the national security policies of the United States and implementations thereof.

Incident – An occurrence or event, natural or human-caused, which requires an emergency response to protect life or property.

Incident Command System (ICS) - A standardized on-scene emergency management concept specifically designed to provide for the adoption of an integrated organizational structure that reflects the complexity and demands of single or multiple incidents, without being hindered by jurisdictional boundaries. ICS is the combination of facilities, equipment, personnel, procedures, and communications operating within a common organizational structure, designed to aid in the management of resources during incidents.

Incident Commander (IC) - The individual responsible for all incident activities, including the development of strategies and tactics and the ordering and the release of resources. The IC has overall authority and responsibility for conducting incident operations and is responsible for the management of all incident operations at the incident site.

Injury – Injury to a person requiring medical attention necessitating transport to a medical facility by ambulance or police vehicle for medical treatment.

Investigation - The process used to determine the causal and contributing factors of an accident or hazard, so that actions can be identified to prevent recurrence.

Management Loss Control - An element of the system safety and security management function that evaluates the effects of potential hazards/threats considering acceptance, control, or elimination with respect to the expenditure of available resources.

Mitigation - The activities designed to reduce or eliminate risks to persons or property or to lessen the actual or potential effects or consequences of an incident. Mitigation measures may be implemented prior to, during, or after an incident. Mitigation measures are often informed by lessons learned from prior incidents. Mitigation involves ongoing actions to reduce exposure to, probability of, or potential loss from hazards.

Multi-jurisdictional Incident - An incident requiring action from multiple agencies that each have jurisdiction to manage certain aspects of an incident. In ICS, these incidents will be managed under Unified Command.

Mutual-Aid Agreement - Written agreement between agencies and/or jurisdictions that they will assist one another on request, by furnishing personnel, equipment, and/or expertise in a specified manner.

National Incident Management System - A system mandated by HSPD-5 pursuant to the Homeland Security Act of 2002, that provides a consistent nationwide approach for federal, state, local, and tribal governments; the private-sector, and nongovernmental organizations to work effectively and efficiently together to prepare for, respond to, and recover from domestic incidents, regardless of cause, size, or complexity. To provide for interoperability and compatibility among federal, state, local, and tribal capabilities, the NIMS includes a core set of concepts, principles, and terminology. HSPD-5 identifies these as the ICS; multi-agency coordination systems; training; identification and management of resources (including systems for classifying types of resources); qualification and certification; and the collection, tracking, and reporting of incident information and incident resources.

National Infrastructure Protection Plan (NIPP) - A DHS/TSA-issued plan, mandated by HSPD-7 pursuant to the Homeland Security Act of 2002, for protection of critical infrastructure in the United States. The plan designates TSA as the sector-specific federal agency responsible for transportation critical infrastructure protection. In 2005, TSA is developing a Transportation Security Operational Plan (TSOP) that (1) will describe responsibilities and program milestones for securing critical transportation infrastructure in areas of domain awareness, prevention, protection, response, and recovery; and (2) will provide transportation owner/operators with guidance to develop or enhance their respective security plans.

National Response Plan - A DHS/G&T-issued plan, mandated by HSPD-5 pursuant to the Homeland Security Act of 2002, that integrates federal domestic prevention, preparedness, response, and recovery plans into one all-discipline, all-hazards plan.

National Preparedness Goal and National Preparedness Plan - A DHS/G&T-issued plan, mandated by HSPD-8 pursuant to the Homeland Security Act of 2002, that provides a consistent nationwide approach and objectives for federal, state, local, and tribal governments to develop plans, organization, equipment, training/procedures, and exercises/evaluation, for preparedness to perform the prevention, detection, response and recovery capabilities (as specified in the DHS/G&T-issued Target Capabilities List) during catastrophic natural disasters or terrorist attacks (particularly as specified in the DHS/G&T-issued National Planning Scenarios).

Office of Domestic Preparedness (ODP) - see Department of Homeland Security (DHS)

Office of Grants and Training (G&T) – see Department of Homeland Security (DHS)

Off-Peak Period - The period between the morning and evening peak periods when travel activity is generally lower and less transit service is scheduled.

Park and Ride Lot - Designated parking areas for automobile drivers who then board transit vehicles from these locations.

Peak Period - Morning and afternoon time periods when transit riding is heaviest.

Preparedness - The range of deliberate, critical tasks and activities necessary to build, sustain, and improve the operational capability to prevent, protect against, respond to, and recover from domestic incidents.

Prevention - Actions to avoid an incident or to intervene to stop an incident from occurring. Prevention involves actions to protect lives and property. It involves applying intelligence and other information to a range of activities that may include such countermeasures as deterrence operations; heightened inspections; improved surveillance and security operations; investigations to determine the full nature and source of the threat; public health and agricultural surveillance and testing processes; immunizations, isolation, or quarantine; and, as appropriate, specific law enforcement operations aimed at deterring, preempting, interdicting, or disrupting illegal activity and apprehending potential perpetrators and bringing them to justice.

Procedures - Established and documented methods to perform a series of tasks.

Public Information Officer - A member of ICS Command Staff responsible for interfacing with the public and media or with other agencies with incident-related information requirements.

Public Transit System - An organization that provides transportation services owned, operated, or subsidized by any municipality, county, regional authority, state, or other governmental agency, including those operated or managed by a private management firm under contract to the government agency owner.

Recovery - The development, coordination, and execution of service- and site-restoration plans; the reconstitution of government operations and services; individual, private sector, nongovernmental, and public-assistance programs to provide housing and to promote restoration; long-term care and treatment of affected persons; additional measures for social, political, environmental, and economic restoration; evaluation of the incident to identify lessons learned; post-incident reporting; and development of initiatives to mitigate the effects of future incidents.

Response - Activities that address the short-term, direct effects of an incident. Response includes immediate actions to save lives, protect property, and meet basic human needs. Response also includes the execution of emergency operations plans and of mitigation activities designed to limit the loss of life, personal injury, property damage, and other unfavorable outcomes. As indicated by the situation, response activities include applying intelligence and other information to lessen the effects or consequences of an incident; increased security operations; continuing investigations into the nature and source of the threat; on-going public health and agricultural surveillance and testing processes; immunizations, isolation, or quarantine; and specific law enforcement operations aimed at preempting, interdicting, or disrupting illegal activity, and apprehending actual perpetrators and bringing them to justice.

Redundancy - The existence of more than one means of accomplishing a given function.

Ridership - The number of rides taken by people using a public transportation system in a given time period.

Risk Assessment

Safety - Freedom from harm resulting from unintentional acts or circumstances.

Safety Certification - An element of the System Safety Program that documents the functional working of the System Safety Program, and provides a documented database from which to validate the active processes necessary to produce a safe system, ready for revenue service. Used primarily on new systems and expansions of operational properties.

Scenario Analysis - An interpretive methodology that encourages role-playing by transportation personnel, emergency responders, and contractors to brainstorm ways to attack the system. This analysis uses the results of threat analysis, paired with the system’s list of critical assets. Transportation personnel use this analysis to identify the capabilities required to support specific types of attacks. This activity promotes awareness and highlights those activities that can be preformed to recognize, prevent, and mitigate the consequences of attacks.

Security - Freedom from harm resulting from intentional acts or circumstances.

Security Breach - An unforeseen event or occurrence which endangers life or property and may result in the loss of services or system equipment.

Security Threat - Any intentional action with the potential to cause harm in the form of death, injury, destruction, disclosure, interruption of operations, or denial of services.

Sensitive Security Information (SSI) - Information as described at 49 CFR § 1520.5 / 49 CFR § 15.5. SSI is information obtained or developed in the conduct of security activities, the disclosure of which would be detrimental to transportation safety. SSI includes: security program plans, security and vulnerability assessments, threat information, incident response plans, security directives and measures, security inspection or investigative information, security screening information or procedures, specifications for devices for detection of weapons or destructive devices or substances, specifications for communications equipment used for transportation security, and critical infrastructure information (see Critical Infrastructure).

System - A composite of people (employees, passengers, others), property (facilities and equipment), environment (physical, social, institutional), and procedures (standard operating, emergency operating, and training) which are integrated to perform a specific operational function in a specific environment.

System Security - The application of operating, technical, and management techniques and principles to the security aspects of a system throughout its life to reduce threats and vulnerabilities to the most practical level through the most effective use of available resources. System Security Program is the combined tasks and activities of system security management and system security analysis that enhance operational effectiveness by satisfying the security requirements in a timely and cost-effective manner through all phases of a system life cycle. System Security Management is an element of management that defines the system security requirements and ensures the planning, implementation, and accomplishments of system security tasks and activities.

System Security Program Plan - a document developed and adopted by a transit agency describing its security policies, objectives, responsibilities, and procedures.

Terrorism - Under the Homeland Security Act of 2002, terrorism is activity that involves an act dangerous to human life or potentially destructive of critical infrastructure or key resources and is a violation of the criminal laws of the United States or of any state or other subdivision of the United States in which it occurs and is intended to intimidate or coerce the civilian population or influence a government or affect the conduct of a government by mass destruction, assassination, or kidnapping.

Threat - An indication of possible violence, harm, or danger. Any real or potential condition that can cause injury or death to passengers or employees of damage to or loss of transit equipment, property, and/or facilities.

Threat and Vulnerability Assessment - An evaluation performed to consider the likelihood that a specific threat will endanger the system, and to prepare recommendations for the elimination or mitigation of all threats with attendant vulnerabilities that meet pre-determined thresholds. Critical elements of these assessments include:

Threat Severity - A qualitative measure of the worst possible consequences of a specific threat in a specific facility:

Threat Resolution - The analysis and subsequent action taken to reduce the risks associated with an identified threat to the lowest practical level.

Transportation Security Administration (TSA) - see Department of Homeland Security (DHS).

Unified Command - An application of ICS used when there is more than one agency with incident jurisdiction or when incidents cross political jurisdictions. Agencies work together through the designated members of the UC, often the senior person from agencies and/or disciplines participating in the UC, to establish a common set of objectives and strategies and a single IAP.

Unsafe Condition or Act - Any condition or act which endangers life or property.

Urban Area Security Initiative (UASI) - A security grant assistance program of the U.S. Department of Homeland Security (DHS), administered through the Office of Grants and Training. UASI provides grant assistance to address the unique planning equipment training and exercise needs of identified high-risk urban areas (UAs), ports and mass transit agencies, and to assist them in building an enhanced capability to prevent, respond to, and recover from acts of terrorism.

Vulnerability - Characteristics of passengers, employees, vehicles, and/or facilities which increase the probability of a security breach.

Vulnerability Analysis - The systematic identification of physical, operational and structural components within transportation facilities and vehicles that can be taken advantage of to carry out a threat. This includes vulnerabilities in the design and construction of a given transit facility or vehicle, in its technological systems, and in the way it is operated (e.g., security procedures and practices or administrative and management controls). Vulnerability analysis identifies specific weaknesses with respect to how they may invite and permit a threat to be accomplished.