Canadian Aviation Security Regulations, 2012 (SOR/2011-318)

Marginal note:Requirement to consult

203 The operator of an aerodrome must consult its multi-agency advisory committee when the operator

• (a) establishes its strategic airport security plan; and

• (b) amends its strategic airport security plan under subsection 205.2(1).

Marginal note:Requirement to submit

204 The operator of an aerodrome must submit its strategic airport security plan to the Minister for approval.

Marginal note:Requirement to implement

205 The operator of an aerodrome must, as soon as its strategic airport security plan is approved, implement its risk-management strategy.

Marginal note:Approval of plan

205.1 The Minister must approve a strategic airport security plan submitted by the operator of an aerodrome if

• (a) the plan meets the requirements of section 202;

• (b) the plan has been reviewed by an executive within the operator’s organization who is responsible for security;

• (c) the plan is likely to enable the operator to prepare for, detect, prevent, respond to and recover from acts or attempted acts of unlawful interference with civil aviation;

• (d) the risk-management strategy is in proportion to the risks it addresses;

• (e) the operator has considered the advice of its multi-agency advisory committee;

• (f) the operator has not overlooked an aviation security risk that could affect the operation of the aerodrome;

• (g) the additional safeguards can be implemented rapidly and consistently;

• (h) the additional safeguards are consistent with existing rights and freedoms; and

• (i) the plan can be implemented without compromising aviation security.

Marginal note:Amendments

• 205.2 (1) The operator of an aerodrome may amend its strategic airport security plan at any time, but must do so if

  • (a) the plan does not reflect the operator’s most recent airport security risk assessment;

  • (b) the Minister informs the operator that there is a change in the threat environment that could result in a new or unaddressed medium to high risk;

  • (c) the Minister informs the operator that there is a change in the threat environment that requires the addition or deletion of additional safeguards;

  • (d) the Minister informs the operator that its risk-management strategy is not in proportion to a medium to high risk set out in the operator’s airport security risk assessment;

  • (e) the operator identifies a deficiency in the plan; or

  • (f) a change is made in the aviation security provisions of the Act or in regulatory requirements and the change affects the additional safeguards.

• Marginal note:Documentation

  (2) If the operator of the aerodrome amends its strategic airport security plan, the operator must document

  • (a) the reason for the amendment; and

  • (b) the factors that were taken into consideration in making that amendment.

• Marginal note:Submission of amendment

  (3) If the operator of the aerodrome amends its strategic airport security plan, the operator must, as soon as possible, submit the amendment to the Minister for approval.

• Marginal note:Approval

  (4) The Minister must approve an amendment if

  • (a) in the case of an amendment to the summary required under paragraph 202(1)(a), the conditions set out in paragraphs 205.1(a) to (c) have been met;

  • (b) in the case of an amendment to the risk-management strategy required under paragraph 202(1)(b), the conditions set out in paragraphs 205.1(a) to (f) and (i) have been met; and

  • (c) in the case of an amendment to the menu of additional safeguards required under paragraph 202(1)(c), the conditions set out in paragraphs 205.1(a), (b) and (f) to (i) have been met.

• Marginal note:Implementation

  (5) If the operator of the aerodrome amends its risk-management strategy, the operator must implement the amended version of the strategy once it is approved by the Minister.

Emergency Plans

Marginal note:Plan requirements

• 206 (1) The operator of an aerodrome must establish an emergency plan that sets out the response procedures to be followed at the aerodrome for coordinated responses to the following emergencies:

  • (a) bomb threats;

  • (b) hijackings of aircraft; and

  • (c) other acts of unlawful interference with civil aviation.

• Marginal note:Response procedures

  (2) The response procedures must

  • (a) set out in detail the actions to be taken by the employees and contractors of the operator of the aerodrome and identify the responsibilities of all other persons or organizations involved, including, as applicable, the police, emergency response providers, air carriers, emergency coordination centre personnel and control tower or flight service station personnel;

  • (b) include detailed procedures for the evacuation of air terminal buildings;

  • (c) include detailed procedures for the search of air terminal buildings;

  • (d) include detailed procedures for the handling and disposal of a suspected bomb; and

  • (e) include detailed procedures for the detention on the ground of any aircraft involved in a bomb threat or hijacking.

Security Exercises

Marginal note:Operations-based security exercise

• 207 (1) The operator of an aerodrome must, at least once every two years, carry out an operations-based security exercise that

  • (a) tests the effectiveness of the operator’s emergency plan in response to an act of unlawful interference with civil aviation and involves the persons and organizations referred to in the plan; and

  • (b) tests the effectiveness of additional safeguards that the operator chooses from its menu of additional safeguards.

• Marginal note:Equivalency

  (2) If, in response to an aviation security incident, the Minister raises the AVSEC level for an aerodrome or any part of an aerodrome, the implementation of additional safeguards by the operator of the aerodrome counts as an operations-based security exercise for the purposes of subsection (1).

Marginal note:Discussion-based security exercise

• 208 (1) The operator of an aerodrome must, at least once a year, carry out a discussion-based security exercise that

  • (a) tests the effectiveness of the operator’s emergency plan in response to an act of unlawful interference with civil aviation and involves the persons and organizations referred to in the plan; and

  • (b) tests the effectiveness of additional safeguards that the operator chooses from its menu of additional safeguards.

• Marginal note:Exception

  (2) Despite subsection (1), the operator of an aerodrome is not required to carry out a discussion-based security exercise in any year in which it carries out an operations-based security exercise.

Marginal note:Notice

209 The operator of an aerodrome must give the Minister 60 days’ notice of any security exercise that the operator plans to carry out.

Records

Marginal note:Additional safeguards

• 210 (1) Each time additional safeguards are implemented at an aerodrome in order to mitigate heightened risk conditions related to aviation security, the operator of the aerodrome must create a record that includes

  • (a) a description of the additional safeguards that were implemented;

  • (b) an evaluation of the effectiveness of those additional safeguards; and

  • (c) a description of any actions that are planned in order to address deficiencies identified during the implementation of those additional safeguards.

• Marginal note:Emergencies

  (2) Each time an emergency referred to in subsection 206(1) occurs at an aerodrome, the operator of the aerodrome must create a record that includes

  • (a) a description of the emergency;

  • (b) an evaluation of the effectiveness of the operator’s emergency plan; and

  • (c) a description of any actions that are planned in order to address deficiencies identified during the emergency.

• Marginal note:Exercises

  (3) Each time a security exercise is carried out at an aerodrome, the operator of the aerodrome must create a record that includes

  • (a) an outline of the exercise scenario;

  • (b) an evaluation of the effectiveness of the exercise; and

  • (c) a description of any actions that are planned in order to address deficiencies identified during the exercise.

Corrective Actions

Marginal note:Corrective actions

211 Subject to section 212, the operator of an aerodrome must immediately take corrective actions to address a vulnerability that contributes to a heightened aviation security risk at the aerodrome and that

• (a) is identified to the operator by the Minister; or

• (b) is identified by the operator.

Marginal note:Corrective action plan

212 If a corrective action to be taken by the operator of an aerodrome under section 211 involves a phased approach, the operator must include in its airport security program a corrective action plan that sets out

• (a) the nature of the vulnerability to be addressed;

• (b) a rationale for the phased approach; and

• (c) a timetable setting out when each phase of the corrective action plan will be completed.

Disclosure of Information

Marginal note:Prohibition

213 A person other than the Minister must not disclose security-sensitive information that is created or used under this Division unless the disclosure is required by law or is necessary to comply or facilitate compliance with the aviation security provisions of the Act, regulatory requirements or the requirements of an emergency direction.

DIVISION 10Reserved

[214 to 223 reserved]

DIVISION 11Primary Security Line Partners

Overview

Marginal note:Division overview

224 This Division sets out the role of a primary security line partner in supporting the establishment and implementation of an effective airport security program by the operator of an aerodrome.

Security Official

Marginal note:Interpretation

225 A security official of a primary security line partner at an aerodrome is an individual who is responsible for

• (a) coordinating and overseeing compliance with the regulatory requirements that apply to the partner under this Part; and

• (b) acting as the principal contact between the partner, the operator of the aerodrome and the Minister with respect to security matters, including compliance with the regulatory requirements that apply to the partner under this Part.

Marginal note:One security official at all times

• 226 (1) A primary security line partner at an aerodrome must have, at all times, at least one security official or acting security official.

• Marginal note:Contact information

  (2) The primary security line partner must provide the operator of the aerodrome and the Minister with

  • (a) the name of each security official and acting security official; and

  • (b) 24-hour contact information for those officials.

Support for Airport Security Programs

Marginal note:Requirements

227 At each aerodrome where a primary security line partner carries out operations, the partner must

• (a) define and document the aerodrome-related security roles and responsibilities assigned to each of the partner’s employee groups and contractor groups that require access to restricted areas at the aerodrome in the course of their employment;

• (b) communicate the information referred to in paragraph (a) to the employees and contractors in those groups and document how that information is communicated;

• (c) establish, implement and document a security awareness program that promotes a culture of security vigilance and awareness among its employees and contractors if the security awareness program of the operator of the aerodrome does not cover matters that are unique to the partner’s operations;

• (d) document the measures, procedures and processes that the partner has in place at the aerodrome to protect the security of restricted areas and to prevent breaches of the primary security line;

• (e) create a document that

  • (i) describes each area on the aerodrome’s primary security line that is occupied by the partner,

  • (ii) indicates the location of each restricted area access point in those areas, and

  • (iii) describes those restricted area access points;

• (f) establish, implement and document a process for receiving, retaining, disclosing and disposing of sensitive information respecting aerodrome security in order to protect the information from unauthorized access; and

• (g) identify sensitive information respecting aviation security and receive, retain, disclose and dispose of sensitive information respecting aerodrome security in a manner that protects the information from unauthorized access.

[228 to 230 reserved]

Provision of Information

Marginal note:Provision of information to operator of aerodrome

• 231 (1) At each aerodrome where a primary security line partner carries out operations, the partner must provide the operator of the aerodrome with the information that is documented or created under this Division on reasonable notice given by the operator.

• Marginal note:Provision to Minister

  (2) The primary security line partner must provide the Minister with the same information on reasonable notice given by the Minister.