Sensitive
[optional: insert company logo]
TRANSPORT S ECURITY PROGRAM (TSP) FOR
[INSERT ORGANISATION ’S LEGAL NAME]
A Regulated Air Cargo Agent (RACA) regulated under the Aviation Transport Security Act 2004
Legal name of RACA:
[INSERT ORGANISATION’S LEGAL NAME]
Trading or operating as:
[Insert trading / operating names]
ACN/ARBN:
[Insert Australian Company Number or Australian Registered Body Number as
applicable]
ABN:
[Insert Australian Business Number if held]
[READ AND DELETE THIS TEXT BOX BEFORE SUBMITTING TSP]
Your completed TSP must accurately reflect the specific security measures and procedures employed by your
organisation. Before starting your TSP, please read the accompanying guidance for RACAs developing a TSP.
Disclaimer
The Australian Government has prepared this document with due care. However, it is made available on the
understanding that the Australian Government is not providing legal advice and that users of this guidance
exercise their own skill and care with respect to its use and seek independent advice if necessary. The
Australian Government takes no responsibility for any errors, omissions or changes to the information that
may occur and disclaims any responsibility and liability to any person, organisation or the environment in
respect of anything done, or omitted to be done, in reliance upon information contained in this guidance.
The information contained is guidance material only. The information in no way overrides Commonwealth or
State legislation. Aviation industry participants should refer to the Aviation Transport Security Act 2004 and
the Aviation Transport Security Regulations 2005 before submitting TSPs for approval.
Under regulation 2.06 of the Aviation Transport Security Regulations 2005 it is an offence to disclose any information
about the content of an aviation industry participant’s TSP without the consent of the participant.
SCT05-06 (September 2015)
Sensitive
TSP – [RACA trading name]
Sensitive
Contents
Document Revision Record.................................................................................................................... iv
Key References ...................................................................................................................................... v
Definitions [s9; r1.03 and others] .................................................................................................................................... v
Glossary of acronyms and terms...................................................................................................................................... v
1
GENERAL OBLIGATIONS ........................................................................................................................ 1
1.1
1.2
1.3
Program scope and objectives [r2.48] ............................................................................................ 1
Local security risk context statement [r2.49] .................................................................................. 1
Quality control [r2.53] ................................................................................................................... 1
1.3.1 Audits [r2.53(1)(a)-(b)].......................................................................................................................................... 1
1.3.2 TSP reviews [r2.53(1)(c)-(d)] ................................................................................................................................. 2
1.4
1.5
2
Information security [s16(2)(e); r2.51(4); r2.52(3)] ......................................................................... 3
Security of passwords, keys and access devices [r2.55(1)(f)] ........................................................... 3
OPERATIONAL DETAILS ......................................................................................................................... 5
2.1
2.2
Sites and facilities covered by this TSP [s16(2)(f); r2.54] ................................................................. 5
Security management [s16(2)(a); r2.52(1); r2.58] ........................................................................... 5
2.2.1
2.2.2
2.2.3
2.2.4
2.3
Organisational structure and security management arrangements [r2.52(1)(a)] ................................................ 5
Security contact officer (SCO) [r2.01; r2.02; r2.52(1)(b); r2.58] ........................................................................... 5
Other staff with security-related roles [r2.52(1)(b); r2.52(1)(c); r2.58] ............................................................... 5
Contractors [r2.52(1)(b); r2.58] ............................................................................................................................ 7
Consultation and communication [s16(2)(b),(g); r2.52(2)] ............................................................... 7
2.3.1 Consultation to develop this TSP [s16(2)(g)] ........................................................................................................ 7
2.3.2 Communication and consultation within the organisation [r2.52(2)(a)] .............................................................. 7
2.3.3 Communication and consultation with the operator of a security controlled airport at which the
Organisation has a facility [r2.52(2)(b)] ........................................................................................................................... 7
2.3.4 Communication and consultation with relevant third parties [r2.52(2)(d)] ......................................................... 8
2.4
3
Implementation of security measures and procedures [r2.55(2)] .................................................... 8
PHYSICAL SECURITY AND ACCESS CONTROL MEASURES [R2.54(1)(D); R2.55] ................................................... 9
3.1
Physical security of sites and facilities [r2.54(1)(d); r2.55(1)(e)] ...................................................... 9
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.2
Building security ................................................................................................................................................... 9
Perimeter security ................................................................................................................................................ 9
Signage.................................................................................................................................................................. 9
CCTV coverage ...................................................................................................................................................... 9
Alarms ................................................................................................................................................................. 10
Access control measures for sites and facilities [r2.54(1)(d); r2.55(1)(e)] ....................................... 10
3.2.1 Access control ..................................................................................................................................................... 10
3.2.2 Identification ...................................................................................................................................................... 11
3.3
3.4
3.5
4
Access control measures for airside and security zones [r2.55(1)(b)-(d)] ....................................... 11
Maintenance of security equipment [r2.55(1)(g)] ......................................................................... 11
Physical security of cargo transport vehicles [r2.55(1)(h)] ............................................................. 12
CARGO SECURITY AND EXAMINATION [R2.51; R2.55(1)(I)]......................................................................... 13
4.1
Cargo security [r2.51(1); r2.51(2); r2.52(3)] .................................................................................. 13
4.1.1 Cargo Records [r2.52(3)] ..................................................................................................................................... 13
The following measures and procedures are used for the keeping of accurate records of cargo in the
Organisation’s possession or under the Organisation’s control: ................................................................................... 13
4.1.2 Deter and detect unauthorised explosives [r2.51(1)]......................................................................................... 13
SCT05-06 (September 2015)
Sensitive
Page ii
TSP – [RACA trading name]
Sensitive
4.1.3 Ensuring the security of cargo at all times [r2.51(2)] ......................................................................................... 13
4.2
Cargo examination [s16(2)(c); r2.51(1A); r2.55(1)(i)] ..................................................................... 13
4.2.1 Methods, techniques and equipment for examination of cargo [s16(2)(c); r2.51(1A); r2.55(1)(i)] ................... 13
5
REGULAR CUSTOMERS [R2.60] ............................................................................................................ 15
5.1
5.2
5.3
6
Maintaining a regular customer list [r2.60(a)] .............................................................................. 15
Regular customer undertaking [r2.60(b)] ..................................................................................... 15
Receiving cargo from a regular customer [r2.60(c)] ...................................................................... 15
CARGO SECURITY RESPONSES [S16(2)(D); R2.51(3); R2.57] ....................................................................... 16
6.1
6.2
Measures and procedures for the handling and treatment of suspect cargo [r2.51(3)] .................. 16
Measures and procedures in the event of a heightened security alert [s16(2)(d); r2.57] ................ 16
ANNEX A: CLEARING CARGO ..................................................................................................................... 17
Introduction......................................................................................................................................... 17
Notes on treatment of cargo [s44B(2)] .................................................................................................. 17
Notes on dealing with cargo [s44B(3)] .................................................................................................. 17
Notes on regular customers.................................................................................................................. 17
Receiving Cargo Tables ......................................................................................................................... 17
Supporting Tables: ............................................................................................................................... 20
ATTACHMENT A: SIGNED STATEMENT [S16(1) AND R2.05] ................................................................................ 22
ATTACHMENT B: LOCAL SECURITY RISK CONTEXT STATEMENT [R2.49] .................................................................. 23
General threats and generic security risk events of relevance to the Organisation ...................................................... 23
People, assets, infrastructure and operations that need to be protected .................................................................... 24
ATTACHMENT C: LIST OF SITES AND FACILITIES COVERED BY THIS TSP [R2.54(1)] ................................................... 25
ATTACHMENT D: ORGANISATIONAL STRUCTURE AND SECURITY MANAGEMENT ARRANGEMENTS [R2.52(1)(A)] ............ 26
ATTACHMENT E: CONSULTATION UNDERTAKEN AS PART OF THE DEVELOPMENT OF THIS TSP [S16(2)(G)] ...................... 27
ATTACHMENT F: REGULAR CUSTOMER UNDERTAKING [R2.60(B)] ....................................................................... 28
ACCOMPANYING DOCUMENT 1: DETAILS OF SITES AND FACILITIES COVERED BY THIS TSP [R2.54(2)]........................... 29
ACCOMPANYING DOCUMENT 2: TIMETABLE FOR IMPLEMENTATION OF SECURITY MEASURES AND PROCEDURES
[R2.55(2)(B)] ........................................................................................................................... 30
ACCOMPANYING DOCUMENT 3: MEASURES AND PROCEDURES IN THE EVENT OF A HEIGHTENED SECURITY ALERT [R2.57] .. 31
Aviation security incident response [r2.57(2)(a)] .......................................................................................................... 31
Reporting aviation security breaches [r2.57(2)(b)] ........................................................................................................ 32
Evacuation and emergency management [r2.57(2)(c)] ................................................................................................. 32
Special security directions [r2.57(2)(d)] ......................................................................................................................... 33
Staff security awareness [r2.57(2)(e)]............................................................................................................................ 33
Contingency Plans [r2.57(2)(f)] ...................................................................................................................................... 33
FINAL CHECKS PRIOR TO SUBMISSION ............................................................................................................ 35
SCT05-06 (September 2015)
Sensitive
Page iii
TSP – [RACA trading name]
Sensitive
Document Revision Record
Updates, revisions and alterations to this TSP are recorded below in the TSP Revision Record. Authority to make updates and alterations to this record is restricted to
the Security Contact Officer (SCO) and [Insert title of any other authorised person if relevant] who is/are authorised by the Organisation to effect such changes.
Note: ‘Nature of revision’ includes initial submission and any alteration (minor amendment) etcetera. If the type of revision is an alteration, you should note which part of the TSP the
alteration affected.
TSP REVISION RECORD
Version
number
Nature of revision
Revision date
Page(s) affected
Section(s) affected
1.0
Initial submission
dd/mm/yy
All
All
SCT05-06 (September 2015)
Sensitive
Actioned by (name, title)
Name, title
Action date
Approved dd/mm/yy
Page iv
TSP – [RACA trading name]
Sensitive
Key References
All section (s) references in this TSP are to sections of the Aviation Transport Security Act 2004 (the Act)
and all references to regulations (r) are to the Aviation Transport Security Regulations 2005 (the
Regulations).
Definitions [s9; r1.03 and others]
Definitions are provided in the Act and the Regulations. Key definitions are found in s9 of the Act and
r1.03 of the Regulations. The Act and Regulations are available at www.comlaw.gov.au.
Glossary of acronyms and terms
The following list includes definitive acronyms used in this TSP.
Term
Meaning
AACA
Accredited Air Cargo Agent
Act, the
Aviation Transport Security Act 2004
Cargo
Goods (other than baggage or stores) that are transported by air, or are
intended or are reasonably likely to be transported by air
ChOCS
Chain of Custody Statement
Cleared Cargo
Cargo that has received clearance and has been dealt with in accordance with
the Regulations, including cargo that is received by a RACA with both a Security
Declaration and ChOCS
Department, the
The Australian Government department responsible for the administration of
the Act and the Regulations
Diplomatic Bag
An item that is a diplomatic bag for the purposes of the Diplomatic Privileges
and Immunities Act 1967
Exempt Items
Items of cargo that can be cleared without examination because the Secretary
has issued a notice under s44B(2)(b) of the Act
International Cargo
International cargo means cargo that is destined for a foreign country and that
is not transhipped cargo
LSRCS
Local Security Risk Context Statement
Organisation, the
The RACA, named in this TSP, to whom this TSP applies
OTS
Office of Transport Security
RACA
Regulated Air Cargo Agent
Regulated Business
Regulated business means a RACA, AACA or an operator of a prescribed air
service
Regulations, the
Aviation Transport Security Regulations 2005
SCO
Security Contact Officer
Secretary, the
The Secretary of the Department
SSD
Special Security Direction
TSP
Transport Security Program
Uncleared Cargo
Cargo that is not cleared cargo, including cargo that is received by a RACA
without both a Security Declaration and ChOCS
SCT05-06 (September 2015)
Sensitive
Page v
TSP – [RACA trading name]
Sensitive
1 General Obligations
This TSP has been made in accordance with the obligations of a RACA as set out in s12 of the Act and
r2.03(a) of the Regulations. This TSP applies to the RACA identified and named on the cover of this
document (the Organisation).
A signed statement, to the effect that the Organisation believes this TSP gives effect to its obligations set
out in section 16(1) of the Act, is provided at Attachment A.
1.1 Program scope and objectives [r2.48]
This TSP applies measures and procedures to all cargo that is in the possession of this RACA or under the
control of this RACA and at each site or facility that is covered by this TSP. It sets out the measures and
procedures to be used to examine, handle, store and transport cargo in a secure manner and make
arrangements for the secure movement of cargo. This includes measures and procedures to:
a) prevent an act of unlawful interference with aviation;
b) safeguard against unlawful interference with aviation by ensuring the security of cargo handled (or
for which arrangements are made) by all parties covered by this TSP; and
c) increase public confidence in aviation security arrangements.
1.2 Local security risk context statement [r2.49]
A statement outlining the local security risk context for the Organisation is provided at Attachment B.
The statement has been developed in the context of:

the location of the Organisation’s sites and facilities;

seasonal and operational factors relevant to the Organisation and its environment;

general threats and generic security risk events to people, assets, infrastructure and operations;
and

an outline of the people, assets, infrastructure and operations that need to be protected.
1.3 Quality control [r2.53]
The following quality control procedures are employed by the Organisation:
1.3.1
Audits [r2.53(1)(a)-(b)]
The Organisation will conduct audits of security measures and procedures to ensure that measures and
procedures described in this TSP, as required under the Act and Regulations, have been implemented.
Audits will be scheduled as follows:

[insert details of how audits are scheduled].
Audits will be conducted as follows:
Set out details of the procedures for conducting an audit at your organisation. For example:
Audits will be systematic and will assess the implementation of this TSP and all security measures detailed
within it. All audits will include consideration of and, where required, consultation on the following:

results from any previous audits and TSP reviews;

measures set out in the TSP;

any results from drills and/or exercises conducted; and
SCT05-06 (September 2015)
Sensitive
Page 1
TSP – [RACA trading name]

Sensitive
any relevant aviation security incidents.
Particular consideration will also be given to whether the security measures and procedures are being
applied as per the TSP and, if not, what corrective action will be taken.
Consideration may also be given to:

[please specify as appropriate for the Organisation – for example options for continuous
improvement in regard to security measures and procedures].
Findings and recommendations will be presented to [full title of the vetting authority within your
organisation, such as the CEO, or the Operations Manager] and to [full title of any security committee or
other body which will view the reports] for consideration, and implemented as appropriate.
1.3.2
TSP reviews [r2.53(1)(c)-(d)]
A review of this TSP will be conducted if:

there is a change in the security threat level for air cargo or the Organisation;

an aviation security incident occurs;

there is a major change in the operational profile of the Organisation;

a change in ownership or organisational structure; or

directed by the Department to do so.

[please specify any additional circumstances as appropriate for your organisation – for example
after each security audit].
Reviews will involve input from a variety of sources including consultation with all parties affected by this
TSP.
Set out details of the procedures for reviewing your TSP, including a process for consultation. For example:
All reviews will assess the current security measures and procedures to consider if they are adequate to
meet the requirements of the current local security risk context statement set out in Attachment B. They
will include consideration of and, where required, consultation on the following:

results from any previous audits and reviews;

any change to Transport Security Advisories or the Aviation Security Risk Context Statement
issued by the Department in relation to cargo;

any changes to the local risk context;

any changes in TSP coverage;

any results from drills and/or exercises conducted;

any relevant aviation security incidents; and

any changes in the regulatory requirements.
Particular consideration will also be given to whether the security measures and procedures set out in the
TSP remain appropriate and proportionate in relation to the local risk context statement and operational
requirements.
Findings and recommendations will be presented to [full title of the vetting authority within your
organisation, such as the CEO, or the Operations Manager] and to [full title of any security committee or
other body which will view the reports] for consideration, and implemented as appropriate. This may
require an amendment to, or revision of, this TSP.
SCT05-06 (September 2015)
Sensitive
Page 2
TSP – [RACA trading name]
Sensitive
1.4 Information security [s16(2)(e); r2.51(4); r2.52(3)]
The following security information requires protection against unauthorised access, amendment and
disclosure:

this TSP;

any attachments or accompanying documents to this TSP;

security measures to be applied to cargo;

aircraft operator and flight information for cargo, prior to that cargo being received by the
Organisation;

security compliance information (e.g. findings from audits conducted by the Department);

results, records and reports of any audit or review carried out in accordance with the TSP, the Act
or Regulations;

[any other – please specify]
Access to this security information is restricted to persons who have a ‘need to know’, and requires
authorisation from [specify position/role].
[Specify position/role] is responsible for:

the protection of the TSP;

determining who has access to the TSP;

the approval of electronic access to the TSP;

the distribution, return and destruction of all TSP copies;

the recording of the movement of all TSP copies;

determining who is authorised to amend the TSP; and

managing access, amendment and disclosure of other security information within the
Organisation.
Security information will be protected against unauthorised access, amendment and disclosure through
the following measures and procedures:
Insert your measures and procedures. For example:

Security information will be identified and classified appropriately.

Records of authorised disclosure of security information will be retained.

Physical copies of security information are securely stored in [type of container/location] at
[insert location]. Only [specify] is authorised to remove them from the container, and a register
of all requests and approvals in maintained.

Electronic copies are stored on a computer system that is restricted to authorised personnel only.
1.5 Security of passwords, keys and access devices [r2.55(1)(f)]
Set out how and where passwords, security codes or access devices are used as a security measure in your
organisation.
The management and control of all passwords, access codes, access devices and keys [specify] is the
responsibility of [specify].
SCT05-06 (September 2015)
Sensitive
Page 3
TSP – [RACA trading name]
Sensitive
Records of all security passwords, access codes, keys and access devices issued is kept by the [specify].
These records are secured [specify the receptacle, location, and the method to secure the record].
Security passwords / access codes are changed:
Insert your measures and procedures. For example:

every three to twelve months OR [specify timeframe];

when any staff with security access leave; and / or

when a security incident involving unauthorised access to security areas and security zones has
been determined by the SCO to have compromised access control security.
Audits of keys and access devices are conducted [specify how often and by whom] to ensure that:
Insert your measures and procedures. For example:

nominated staff have their correct passwords and access devices;

staff with access to security information or zones and areas still require it;

any loss of keys or access device has been reported, recorded and investigated; and

keys and access devices that are held in storage have been issued and returned correctly.
SCT05-06 (September 2015)
Sensitive
Page 4
TSP – [RACA trading name]
Sensitive
2 Operational Details
2.1 Sites and facilities covered by this TSP [s16(2)(f); r2.54]
A list of all sites that operate on behalf of the Organisation and all facilities that are covered by this TSP,
including other aviation industry participants operating under this TSP, are set out in Attachment C.
Further details for sites and facilities covered by this TSP are set out in Accompanying Document 1.
Note: under the Regulations, the TSP must only cover an aviation industry participant that is an agent or subsidiary
of the Organisation, or has a contract with the Organisation to provide a service for the movement or handling of
cargo or the making of arrangements for the movement or handling of cargo.
2.2 Security management [s16(2)(a); r2.52(1); r2.58]
2.2.1
Organisational structure and security management arrangements [r2.52(1)(a)]
The Organisation’s structure, and the arrangements for managing security at each of our facilities, are set
out in Attachment D.
2.2.2
Security contact officer (SCO) [r2.01; r2.02; r2.52(1)(b); r2.58]
The SCO is responsible for facilitating the development, implementation, review and maintenance of this
TSP. The SCO is also responsible for the maintenance of the administration of security measures and
procedures contained in this TSP.
Specific responsibilities include:

liaising with other aviation industry participants in relation to aviation security matters;

liaising with the Department to ensure compliance with all aviation security regulatory
requirements, change in the Department’s threat assessment, and any Special Security Directives
or Compliance Control Directions;
Set out any additional responsibilities for the SCO in your organisation. For example:

ensuring employees, contractors or other persons with aviation security related roles have
sufficient knowledge, skills and training to perform their duties;

ensuring staff are briefed on all security-related matters in relation to the Organisation’s facilities;

ensuring the appropriate protection of all security information against unauthorised access,
amendment and disclosure; ensuring the integrity of all preventive security measures and
arranging maintenance as required;

overseeing the serviceability of all security equipment;

Maintaining the Regular Customer List;

reporting and monitoring aviation security incidents, including threats and breaches; and

attending relevant aviation security meetings.
The knowledge, skills and other requirements to fulfil the security-related aspects of this position are:

Specify as relevant to your organisation, including details of training / qualifications that satisfy
the requirements.
Note: under the Regulations, the RACA must appoint a SCO and the RACA must provide security awareness training
for the relevant staff to enable them to properly perform the security related aspects of their positions.
2.2.3 Other staff with security-related roles [r2.52(1)(b); r2.52(1)(c); r2.58]
SCT05-06 (September 2015)
Sensitive
Page 5
TSP – [RACA trading name]
Sensitive
The roles and responsibilities of security officers and other persons assigned particular security duties and
responsibilities are as follows:
Insert as relevant to your organisation. For example:
Senior Security Officers/Security Officers
Senior Security Officers / Security Officers are supervised by and report to [specify].
Their duties and responsibilities require them to:

Manage day to day security issues;

brief staff on security-related matters such as changes in the security environment when directed
by [specify].

[Report / investigate / compile] all security breaches, threats or aviation incident reports for
[specify].
They also assist the Operations Manager / Security Manager / SCO in:

the development, implementation, review and maintenance of the Organisation’s TSP;

liaison with other aviation industry participants in relation to aviation security matters;

providing feedback to SCO / other regarding application and effectiveness of security measures in
the Organisation’s TSP; and

the coordination with the Department’s staff to ensure regulatory compliance.
The knowledge, skills and other requirements for the security-related aspects of these positions are:

Specify as relevant to your organisation, including details of training / qualifications that satisfy
the requirements.
Cargo Receipt Officers
The roles and responsibilities of a Cargo Receipt Officer are as follows:

Receive and inspect cargo consignments from consignors and other regulated businesses in
accordance with measures set out in this TSP;

Check security documentation for consignments; and

Report to SCO / other regarding suspect cargo or any security issues or incidents.
The knowledge, skills and other requirements for the security-related aspects of these positions are:

Specify as relevant to your organisation, including details of training / qualifications that satisfy
the requirements.
Cargo Examination Officers

Conduct cargo examination in accordance with this TSP, relevant air cargo examination notices
and examination equipment instructions;

Report to SCO / other regarding suspect cargo or any security issues or incidents.
The knowledge, skills and other requirements for the security-related aspects of these positions are:

Specify as relevant to your organisation, including details of training / qualifications that satisfy
the requirements.
Note: under the Regulations, the RACA must provide security awareness training for the relevant staff to enable them
to properly perform the security related aspects of their positions.
SCT05-06 (September 2015)
Sensitive
Page 6
TSP – [RACA trading name]
2.2.4
Sensitive
Contractors [r2.52(1)(b); r2.58]
Select from the options below as appropriate for your operations.
The Organisation does not have any arrangements or contracts with any private or secondary businesses
to undertake security roles at the Organisation’s facilities.
OR
The Organisation has a contract with [specify] to undertake the following security relevant duties and
responsibilities:
Insert as relevant to your organisation. For example:

open and inspect each site and facility before daily commencement of operations;

secure each site and facility after the daily conclusion of operations to ensure that all persons
have vacated and there are no unattended items;

lock, alarm and/or patrol site and facility building(s);

monitor CCTV and respond to any suspicious behaviour or incidents;

monitor the alarms and respond to any activation of the alarm system; and

perform regular / irregular patrols of the area surrounding each site and facility.
The knowledge, skills and other requirements for the security-related aspects of these positions are:

[Specify as relevant to your organisation, including details of training / qualifications that satisfy
the requirements.]
Note: under the Regulations, the RACA must provide security awareness training for the relevant staff (including
contractors) to enable them to properly perform the security related aspects of their positions.
2.3 Consultation and communication [s16(2)(b),(g); r2.52(2)]
2.3.1
Consultation to develop this TSP [s16(2)(g)]
Details of the consultation undertaken in developing this TSP can be found at Attachment E.
2.3.2
Communication and consultation within the organisation [r2.52(2)(a)]
The [specify position/role] is responsible for ensuring ongoing and effective communication within the
organisation and within each site covered by the TSP for the purpose of coordinating security-related
activities. The mechanisms used to communicate and consult within the organisation are:
Insert as relevant to your organisation. For example:

A weekly email to all staff and contractors.

Meetings or phone calls as required.
2.3.3
Communication and consultation with the operator of a security controlled airport at
which the Organisation has a facility [r2.52(2)(b)]
The Organisation does not have any sites or facilities at any security controlled airports.
OR
The [specify position/role] is responsible for ensuring ongoing and effective communication between the
organisation and the operator of any security controlled airport at which the Organisation has a facility
for the purpose of coordinating security-relevant activities. The mechanisms used to communicate and
consult with these airport operators are:
SCT05-06 (September 2015)
Sensitive
Page 7
TSP – [RACA trading name]
Sensitive
Insert as relevant to your organisation. For example:

2.3.4
Quarterly attendance of Airport Security Committee meetings.
Communication and consultation with relevant third parties [r2.52(2)(d)]
The [specify position/role] is responsible for ensuring ongoing and effective communication between the
organisation and relevant third parties, such as police or aircraft operators, for the purpose of
coordinating security-relevant activities. The mechanisms used to communicate and consult with these
third parties are:
Insert as relevant to your organisation. For example:

Industry meetings [specify];

Quarterly meetings of the Airport Security Committee, which includes representatives of the
police, all aircraft operators, airport tenants and lessees.
2.4 Implementation of security measures and procedures [r2.55(2)]
All measures described in this TSP have been implemented.
OR
The measures and procedures that have not yet been implemented, and a timetable for implementation
is set out at Accompanying Document 2.
SCT05-06 (September 2015)
Sensitive
Page 8
TSP – [RACA trading name]
Sensitive
3 Physical Security and Access Control Measures [r2.54(1)(d); r2.55]
3.1 Physical security of sites and facilities [r2.54(1)(d); r2.55(1)(e)]
3.1.1
Building security
The following security measures and procedures apply to all sites OR [specify sites] and include security
procedures for out of hours.
All buildings where cargo is handled are of sound construction and deter unauthorised access.
Access points and potential access or insertion points, such as windows, vents and sky lights, for buildings
where cargo is handled are monitored or secured against unauthorised access or insertion of objects at all
times.
All building access points are closed, secured and deter unauthorised access when not in use and out of
hours.
3.1.2
Perimeter security
The following security measures and procedures apply to all sites OR [specify sites] and include security
procedures for out of hours.
All areas where cargo is handled are secured by fencing that will deter unauthorised access of persons or
vehicles.
Access gates for areas where cargo is handled are monitored or secured against unauthorised access of
persons or vehicles at all times.
All access gates to the site and secure areas are closed, secured and deter unauthorised access when not
in use and out of hours.
The site perimeter is patrolled [specify frequency] by security guards out of hours.
3.1.3
Signage
The following security measures and procedures apply to all sites OR [specify sites].

Signage to advise of authorised personnel only at all secure area access points;

Signage to advise ID cards must be worn in all secure areas;

Signage reminding employees to challenge and report any unauthorised persons or suspicious
behaviour in secure areas;

Signage informing customers that:
3.1.4

cargo will be subject to security and clearing procedures; and

it is illegal to consign as cargo, without authorisation, an explosive or an explosive
device, displayed in cargo consignment areas.
CCTV coverage
The Organisation does not use CCTV.
OR
The following security measures and procedures apply to all sites OR [specify sites] and include security
procedures for out of hours.
The following areas are monitored by CCTV:

site access points;

building access points;
SCT05-06 (September 2015)
Sensitive
Page 9
TSP – [RACA trading name]
Sensitive

cargo handling areas;

cargo storage areas;

office and administration areas; and

overnight parking areas for cargo transport vehicles.
The CCTV monitoring station for the Organisation is located at [specify location] and operates [specify the
hours of operation]. CCTV is monitored by [specify role/position].
CCTV recordings are retained for a period of [specify]. The Organisation will provide a copy of the
recordings to law enforcement authorities upon request, if appropriate.
Staff responsible for CCTV monitoring will report any security incident as soon as practicable to the SCO
and, if necessary or appropriate, to the local law enforcement agency.
3.1.5
Alarms
The Organisation does not use alarms.
OR
The following security measures and procedures apply to all sites OR [specify sites] and include security
procedures for out of hours.
The following areas are monitored by a back-to-base alarm system out of hours:

site access points;

building access points;

cargo handling areas;

cargo storage areas;

office and administration areas; and

overnight parking areas for cargo transport vehicles.
The response to an alarm out of hours is:

Insert measures and procedures for investigating, assessing and responding to an alarm.
3.2 Access control measures for sites and facilities [r2.54(1)(d); r2.55(1)(e)]
3.2.1
Access control
The following measures are used to control access to all sites OR [specify sites] and include security
procedures for out of hours.
Insert your measures and procedures. For example:

Access to sites and facilities is permitted 24 hours a day, 7 days a week OR limited to operational
hours;

Access to the following areas is restricted to authorised persons who have a legitimate purpose
and displaying appropriate identification:

Cargo handling areas,

Cargo storage areas,

Security information storage areas;
SCT05-06 (September 2015)
Sensitive
Page 10
TSP – [RACA trading name]
Sensitive

Access to secure areas is controlled by [specify method of control e.g. swipe cards / guards /
locks]

Authorised persons are not permitted to bring personal bags, packages or non-essential items
into cargo handling areas. Spot checks will be periodically conducted by [specify].

All staff are required to challenge any person in a restricted area who is not known to be
authorised or is not displaying appropriate identification.
3.2.2
Identification
The following measures are used to manage staff and visitor identification procedures to all sites OR
[specify sites].
Insert your measures and procedures. For example:

All staff (including contractors) who access cargo handling areas, handle cargo or transport cargo
are required to have an identification card;

All staff (including contractors) must display their identification card when in cargo handling areas
or when transporting cargo;

Identification cards are tamper-resistant and include the employee’s name and photograph, the
Organisation’s name and an expiry date. Identification cards are valid for no more than two years;

Identification cards are recovered when expired or when employment ends. Records for the issue
and recovery of all identification cards are kept and maintained by [specify];

Temporary identification cards may be provided for:

New employees,

Short-term contractors, and

Employees whose identification card is temporarily unavailable.
Temporary identification cards are valid for a single day only; and

Visitor cards may be provided for visitors who need access to cargo handling areas or security
information storage areas. Visitor identification cards are valid for a single day only and must be
reclaimed when the visitor leaves the site. Visitors must be escorted in cargo handling areas and
other secure areas at all times.
3.3 Access control measures for airside and security zones [r2.55(1)(b)-(d)]
The Organisation does not access airside areas or airport security zones.
OR
The following security measures and procedures apply to all sites OR [specify sites] and include security
procedures for out of hours.
Measures to deter and detect unauthorised access include:
Insert your measures and procedures. For example:

Compliance with airport security measures, including ID checks for personnel accessing airside or
airport security zones;

Monitor relevant access points during operational periods; and

Secure and alarm relevant access points out of hours.
3.4 Maintenance of security equipment [r2.55(1)(g)]
SCT05-06 (September 2015)
Sensitive
Page 11
TSP – [RACA trading name]
Sensitive
The following measures are used to maintain security equipment at all sites OR [specify sites].
Insert your measures and procedures. For example:

All security equipment is maintained according to the manufacturer’s instructions;

All security equipment is calibrated by [specify role/position] according to the manufacturer’s
instructions; and

[Specify role/position] is responsible for managing and recording details of equipment
maintenance procedures, maintenance checks and calibration checks.
3.5 Physical security of cargo transport vehicles [r2.55(1)(h)]
The following measures are used to secure cargo transport vehicles at all sites OR [specify sites] and
include security procedures for out of hours.
Insert your measures and procedures. For example:

All vehicles used to transport cargo are of sound condition and deter unauthorised access;

Passenger and cargo areas of vehicles used to transport cargo are kept locked when unattended
or not in use;

Vehicles used to transport cargo are parked in secure areas and/or monitored out of hours;

Vehicles used to transport cargo are inspected for unauthorised access, tampering or insertion of
unauthorised objects:

daily prior to use; and

After any period left unattended in an unsecured area.
SCT05-06 (September 2015)
Sensitive
Page 12
TSP – [RACA trading name]
Sensitive
4 Cargo security and examination [r2.51; r2.55(1)(i)]
4.1 Cargo security [r2.51(1); r2.51(2); r2.52(3)]
4.1.1
Cargo Records [r2.52(3)]
The following measures and procedures are used for the keeping of accurate records of cargo in the
Organisation’s possession or under the Organisation’s control:
Insert your measures and procedures. For example:

4.1.2
[cargo record keeping procedures]
Deter and detect unauthorised explosives [r2.51(1)]
The following measures and procedures are used to deter and detect the unauthorised carriage, as cargo,
of explosives that could facilitate an act of unlawful interference with aviation:
Insert your measures and procedures. For example:

All cargo that is received by the Organisation is checked on receipt for signs of tampering or that
it may be suspect cargo, in accordance with the procedures set out in Annex A.

All uncleared cargo is treated in accordance with the procedures set out in Annex A and receives
clearance. A Security Declaration is issued for all cargo that receives clearance.

Cleared cargo is:

Cargo for which the Organisation issued a Security Declaration; or

Cargo that was received by the Organisation with both a Security Declaration and a
ChOCS.

Cleared cargo is kept secure at all times and dealt with in accordance with the procedures set out
in Annex A. A ChOCS is issued for all cleared cargo.

Any cargo that shows signs of tampering or that it may contain unauthorised explosives or is
examined and cannot be cleared is treated as suspect cargo in accordance with this TSP and is not
provided to another regular business.
The following procedures will have effect during equipment failure or unserviceability:
Insert your measures and procedures. For example:

4.1.3
[specify contingency procedures if security equipment fails]
Ensuring the security of cargo at all times [r2.51(2)]
The following measures and procedures are used to ensure the security of cargo at all times:
Insert your measures and procedures. For example:

All cargo is kept secure while in the possession of the Organisation by ensuring that it is
accompanied, monitored, or kept in a secure area at all times.

Access to cargo is restricted to authorised persons only in accordance with the access control
procedures set out in this TSP.

Any cargo that is found to have not been kept secure at all times is rechecked for tampering and
unauthorised explosives and treated as uncleared cargo until it subsequently receives clearance.
4.2 Cargo examination [s16(2)(c); r2.51(1A); r2.55(1)(i)]
4.2.1
Methods, techniques and equipment for examination of cargo [s16(2)(c); r2.51(1A);
r2.55(1)(i)]
SCT05-06 (September 2015)
Sensitive
Page 13
TSP – [RACA trading name]
Sensitive
The methods, techniques and equipment for examination of cargo for all sites OR [specify sites] is set out
in Annex A and in any notices issued to the Organisation under regulation 4.41J.
SCT05-06 (September 2015)
Sensitive
Page 14
TSP – [RACA trading name]
Sensitive
5 Regular Customers [r2.60]
5.1 Maintaining a regular customer list [r2.60(a)]
The following procedures apply to the Organisation’s regular customer list:
Insert your measures and procedures. For example:

Customers may become regular customers by their inclusion on the Organisation’s regular
customer list.

Customers may only be added to the regular customer list by [specify role/position].

To be eligible to be added to the regular customer list, the customer must sign a regular customer
undertaking, and evidence must be provided that the customer:


is the regular customer of another RACA; or

has an established credit rating; and

has consigned cargo at least three times without incident.
For each regular customer, the regular customer list must include:

the customer’s name and contact details;

why the customer was included on the list; and

the date of the customer’s inclusion on the list.
5.2 Regular customer undertaking [r2.60(b)]
The form of the regular customer undertaking can be found at Attachment F.
5.3 Receiving cargo from a regular customer [r2.60(c)]
The procedures for receiving cargo from a regular customer, including procedures to identify people who
represent such a customer, can be found in Annex A.
SCT05-06 (September 2015)
Sensitive
Page 15
TSP – [RACA trading name]
Sensitive
6 Cargo security responses [s16(2)(d); r2.51(3); r2.57]
6.1 Measures and procedures for the handling and treatment of suspect cargo
[r2.51(3)]
[Specify position/role] is responsible for determining whether an item is suspect cargo and the
appropriate response. If there is any concern that an item may cause unlawful interference with aviation,
or contain an unauthorised explosive or explosive device, items will be considered suspect cargo.
Following the identification of suspect cargo, the following actions will be taken:
Insert your measures and procedures. For example:

The area around the item or vehicle will be cleared;

Employees and customers will be instructed to clear the area or evacuate and not interfere with
or approach the suspect cargo;

State or Territory police will be contacted immediately;

Consideration will be given to whether local site operations can continue safely and whether to
temporarily alter or cease local operations;

The Department and any other relevant government agencies will be notified when practicable;

The instructions of police and government agencies will be followed; and

Procedures regarding the discovery of an explosive device will be followed if the item is identified
as an unauthorised explosive.
6.2 Measures and procedures in the event of a heightened security alert
[s16(2)(d); r2.57]
The Organisation has a number of additional security measures and procedures available for
implementation in the event of a heightened security alert. These measures and procedures are detailed
at Accompanying Document 3.
Measures for heightened security alerts may be implemented:

when the Australian Government formally raises a national counter-terrorism alert level;

when specific threats are directed towards the Organisation;

in response to an aviation security incident;

in response to the issuance of an SSD; or

as otherwise advised by the Department.
SCT05-06 (September 2015)
Sensitive
Page 16
TSP – [RACA trading name]
Sensitive
ANNEX A: Clearing Cargo
Introduction
This Annex (version 3.2) details the basic security measures for cargo to receive clearance. This includes
the receipt, examination and treatment of cargo. This Annex also details the requirements for dealing
with cargo in order to clear cargo and maintain its cleared status.
This Annex forms part of the TSP and, where any discrepancies exist, security measures detailed within
this Annex take precedence over measures detailed elsewhere within the TSP.
Notes on treatment of cargo [s44B(2)]
Cargo has been treated in accordance with this TSP if the receipt, ID and examination requirements set
out in Tables 1.1 and 1.2 have been met and a Security Declaration has been issued (if required).
Notes on dealing with cargo [s44B(3)]
Cargo has been dealt with in accordance with this TSP if the cargo is:

checked on receipt and not suspect cargo and not tampered with;

kept secure at all times; and

continues to show no signs of tampering, suspect cargo or containing unauthorised explosives for
the entire time it is in the possession of the RACA.
Indications that cargo has been tampered with may include oil stains and damage or cuts in packaging or
wrapping.
Signs that cargo is suspect cargo may include unusual smells, excessive postage or if the weight exceeds
the normal weight for the consignment type or any other indications of potential explosives.
Notes on regular customers
All cargo from Regular Customers must be received by a Regulated Business directly from the regular
customer in order to maintain cleared cargo status.
Receiving Cargo Tables
Records of identification are to be retained for a period of 30 days.
Examination will be conducted in accordance with the Table 1.5 titled ‘Examination Methods’.
Any changes to examination of cargo will be by written notice issued by the Secretary of the Department,
or delegate, and will occur independently of the requirements of this TSP.
A Notice listing those items that are exempt from examination is issued from time to time by the
Department.
SCT05-06 (September 2015)
Sensitive
Page 17
TSP – [RACA trading name]
Sensitive
Table 1.1: Uncleared cargo that is received by RACA without a Security Declaration
Cargo Type
1
2
3
4
Items ≤ 250 gm and ≤ 5 mm thick
Domestic cargo items > 250gm and/or > 5mm
thick
International exempt items > 250 gm and/or >
5mm thick
International non-exempt items > 250gm and/or
> 5mm thick
SCT05-06 (September 2015)
Received From
Check ID of
sender
Record ID
of sender
Examination of
cargo required
(refer to
Table 1.3)
(refer to
Table 1.4)
(refer to Table 1.5)
Documentation to be issued
(refer to Table 1.6)
Unregulated
No
No
No
No
Regular Customer
No
No
No
No
Regulated Business
No
No
No
No
Unregulated
No
No
No
No
Regular Customer
No
No
No
No
Regulated Business
No
No
No
No
Unregulated
Yes
Yes
No
Security Declaration and
Chain of Custody Statement
Regular Customer
Yes
No
No
Security Declaration and
Chain of Custody Statement
Regulated Business
Yes
Yes
No
Security Declaration and
Chain of Custody Statement
Unregulated
Yes
Yes
Yes
Security Declaration and
Chain of Custody Statement
Regular Customer
Yes
No
No
Security Declaration and
Chain of Custody Statement
Regulated Business
Yes
Yes
Yes
Security Declaration and
Chain of Custody Statement
Sensitive
Page 18
TSP – [RACA trading name]
Sensitive
Table 1.2: Cleared cargo that is received by a RACA with a Security Declaration and Chain of Custody Statement
Please note that once cargo is cleared it can only retain its cleared status if transported and handled by a regulated business in accordance with their Security Program. When
passing on cleared cargo a Regulated Business must issue a Chain of Custody Statement as evidence that cleared cargo has been held securely at all times whilst in the
regulated business’s possession. Cargo that is transported or handled by a non-regulated business after clearance is no longer cleared and will require re-examination.
Cargo Type
1
Items ≤ 250 gm and ≤ 5 mm thick
Received From
Check ID of
sender
(refer to
table 1.3)
Domestic cargo items > 250gm and/or > 5mm
thick
3
Regular Customer
N/A (Refer to Table 1.1)
No
International non-exempt items > 250gm
and/or > 5mm thick
No
No
N/A (Refer to Table 1.1)
Regular Customer
N/A (Refer to Table 1.1)
No
No
No
No
Unregulated
N/A (Refer to Table 1.1)
Regular Customer
N/A (Refer to Table 1.1)
No
No
No
Chain of Custody Statement
(existing Security Declaration
is still valid)
Unregulated
N/A (Refer to Table 1.1)
Regular Customer
N/A (Refer to Table 1.1)
Regulated Business
SCT05-06 (September 2015)
No
Unregulated
Regulated Business
4
Documentation to be issued
(refer to table 1.6)
N/A (Refer to Table 1.1)
Regulated Business
International exempt items > 250 gm and/or >
5mm thick
Examination of
cargo required
(refer to table 1.5)
Unregulated
Regulated Business
2
Record ID
of sender
(refer to
table 1.4)
No
Sensitive
No
No
Chain of Custody Statement
(existing Security Declaration
is still valid)
Page 19
TSP – [RACA trading name]
Sensitive
Supporting Tables:
Table 1.3: Required Identification Document:
The following are the only forms of valid identification documents that are permitted for the purposes
of preparing cargo for clearance:






An Australian photographic drivers licence;
An Australian passport;
A foreign passport supported by a second form of identification (that may not appear on this list);
A photo credit or debit card issued by an authorised deposit-taking institution;
A photographic identification card issued by an Australian government body (including Australian
State/Territory bodies).
Appropriate identification that satisfies the sender represents the Regular Customer.
Table 1.4: Recording Identification:
In order to clear cargo a RACA is required to identify the person sending the cargo. If required to do so
you must sight a Required Identification Document, and record the following details:




The senders name;
The type of Identification Document (e.g. drivers’ licence);
The issuing body (e.g. NSW RTA); and
The unique identification number shown on the Identification Document.
Where the sender is a corporation a Required Identification Document of an authorised representative of
the sender (e.g. an employee) must be sighted and recorded.
Table 1.5: Examination Methods:
Each examination will be conducted in accordance with one of the methods shown below:




Physical Examination – The contents of the cargo will be searched as thoroughly as is practical to
verify that the contents are consistent with any available description and that no unauthorised
explosive or incendiary device appears to be included in the cargo (Note: this includes but is not
limited to a visual assessment of the cargo).
Explosive Trace Detection – The use and maintenance of Explosive Trace Detection equipment
will be in accordance with the manufacturers’ instructions, the equipments operational
limitations and any advice or notice issued by the Department of Infrastructure and Transport.
X-Ray – The use and maintenance of X-Ray equipment will be in accordance with the
manufacturers’ instructions, the equipments operational limitations and any advice or notice
issued by the Department of Infrastructure and Transport.
Seven day secure hold – cargo is held securely for a period of seven days prior to transfer.
SCT05-06 (September 2015)
Sensitive
Page 20
TSP – [RACA trading name]
Sensitive
Table 1.6: Cargo Security Documentation:
Security Declaration:
A Security Declaration is issued by a RACA to indicate that cargo has received clearance through being:
a) examined or, where an exemption notice has been issued, the cargo is exempt from examination; and
b) treated in accordance with the RACA’s TSP.
The Security Declaration must:
a) identify the cargo (such as reference to a Consignment number, Master Air Waybill or equivalent
document that specifically identifies the cargo);
b) state the name of the RACA issuing the Security Declaration;
c) state the name and contact details of the individual issuing the Security Declaration on behalf of the
RACA;
d) state the time and date the Security Declaration is issued; and
e) declare the cargo has received clearance.
Chain of Custody Statement:
A Chain of Custody Statement is provided by each Regulated Business (the Issuer) to another Regulated Business
to whom they are passing the cleared cargo, stating that the Issuer has dealt with the cleared cargo by
preventing unauthorised access and holding the cleared cargo in a manner that makes tampering with the
cleared cargo obvious.
The Chain of Custody Statement must:
a) identify the cargo (such as reference to a Consignment number, Master Air Waybill or equivalent
document that specifically identifies the cargo);
b) state the name of the Regulated Business issuing the Chain of Custody Statement;
c) state the name and contact details of the individual issuing the Chain of Custody Statement on behalf of
the Regulated Business;
d) state the time and date the Chain of Custody Statement is issued;
e) state whether the Regulated Business received a Security Declaration for the cargo when the Regulated
Business took possession of the cargo;
f) if the Regulated Business received a Security Declaration for the cargo when taking possession of the
cargo, the Chain of Custody Statement must state that the cargo has been held securely at all times in
accordance with the Regulated Business’s TSP or AACA security program; and
g) if the Regulated Business did not receive a Security Declaration for the cargo when taking possession of
the cargo, then Chain of Custody Statement must state that the RACA issued a Security Declaration for
the cargo and that the cargo has been held securely at all times after the cargo received clearance in
accordance with the Regulated Business’s TSP.
For cleared cargo to maintain its cleared status, it must be accompanied by a Security Declaration and a
Chain of Custody Statement at all times.
If you did not receive both a Security Declaration and a Chain of Custody Statement when taking
possession of cargo, treat the cargo as uncleared cargo and remove any security documentation.
SCT05-06 (September 2015)
Sensitive
Page 21
TSP – [RACA trading name]
Sensitive
Attachment A: Signed statement [s16(1) and r2.05]
[Optional: Insert Organisation’s logo]
[Insert Organisation’s legal name here]:

is aware of its general responsibility to contribute to the maintenance of aviation security;

has developed an integrated, responsible and proactive approach to managing aviation security
within the Organisation;

is aware of, and has the capacity to meet, the specific legislative obligations; and

has taken into account relevant features of its operation in developing activities and strategies for
managing aviation security within the Organisation.
[insert Organisation’s legal name here] believes that this TSP gives effect to all of the above obligations.
Signature :
Title :
(Chief Executive Officer or authorised representative)
Date :
SCT05-06 (September 2015)
Sensitive
Page 22
TSP – [RACA trading name]
Sensitive
Attachment B: Local security risk context statement [r2.49]
Provide a statement outlining the local security risk context for the Organisation, including consideration of its
location, and seasonal and operational factors. For example:
The Organisation employs [number] of staff and contractors and cargo is handled at [number] of sites in
Australia and operate facilities that handle cargo at the following airports [list sites on airports].
The Organisation regularly handles the following types of cargo from [regular customers / other businesses /
freight forwarders / other regulated businesses only / unknown individuals]:

[list types of cargo handled by the Organisation];
The Organisation uses [its own drivers and vehicles / contract drivers / couriers / an AACA / another
regulated business] to transport cargo to [another freight forwarder / an express freight forwarder / a CTO /
an airline].
The Organisation handles cargo to [Australia only / all countries / countries that might be the target of
terrorism or unlawful interference with aviation].
The Organisation [conducts technological examination of cargo / clears cargo from regular customers only /
does not clear cargo].
The Organisation understands that the National Terrorism Public Alert Level in Australia remains at a HIGH,
and that this means that a terrorist attack is likely. We acknowledge that this threat is likely to continue for
the foreseeable future, and that airports and aircraft have been the target of previous attacks.
The Organisation understands the importance of ensuring that its measures and procedures are suitable to
protect its employees, contractors and the broader aviation industry. In preparing this TSP, and in
establishing and implementing measures and procedures to address aviation security issues, we particularly
considered the following threats of relevance (set out below) and the people, assets and infrastructure that
we need to protect.
General threats and generic security risk events of relevance to the Organisation
Source of Risk
Risk Event
Improvised
explosive device
(IED) consigned in
cargo
IED consigned as cargo by known or unknown sender.
 IED device consigned as a piece of cargo;
 IED device disguised as a piece of cargo (e.g. a fake laptop);
 IED device concealed within a piece of cargo;
 IED device concealed within an object consigned as cargo (e.g. printer cartridges);
IED inserted into
cargo
IED placed into cargo for loading on an aircraft by intruder, trusted insider or visitor.
 IED device placed in cargo item;
 IED device placed in cargo consolidation;
 IED device placed in cargo palette, ULD or other container;
 IED device placed directly into aircraft cargo hold;
Computer network Deliberate disruption of websites or IT systems to cause loss or compromise of
attack
information relevant to aviation security.
Hoax threats
Hoax threats used to deliberately cause disruption to services/distract emergency
responders.
Theft of business
assets
This could include theft of aircraft, ground handling equipment, maintenance
equipment, cargo etc
 Forced entry to terminal building may damage security systems;
SCT05-06 (September 2015)
Sensitive
Page 23
TSP – [RACA trading name]
Source of Risk
Sensitive
Risk Event

Damage to or theft of assets may put security of travellers and aircraft at risk.
Acts of vandalism
or arson
This might include deliberate damage to cargo or facilities, graffiti etc
 Could threaten the effectiveness of security systems such as CCTV;
 could involve consequential damage to access control systems such as fences.
Could also involve individuals with access, or unauthorised access to locations.
Trusted insider
May be an employee, contractor or visitor. Could involve any of the following:
 Tampering with cargo;
 facilitating or overlooking the transfer or movement of IEDs in cargo.
 Facilitating the passage of an IEDs through examination or clearance;
 causing loss or disruption to computers or networks;
 inappropriate use of ID to access secure areas without authorisation, or give
access to a secure area to another individual;
 tailgating to avoid access being detected; and/or
 tampering with security systems.
Terrorist
surveillance
This may include the following techniques:
 visual surveillance, from a distance;
 visual surveillance, from a static location (e.g. parked vehicle) near facilities;
 vehicle drive-by or on foot;
 scanning websites looking for security information.
Attackers may also undertake dry runs. This may involve:
 threat-testing response time and methods by using false suspect cargo;
 testing security screening systems.
People, assets, infrastructure and operations that need to be protected
People
The following people are to be protected under this TSP:
 Organisation employees and contractors;
 Drivers;
 Consignors/Visitors; and
 Airport staff and the travelling public.
Assets
Assets to be protected under this TSP include:
 Cargo containers and handling equipment;
 Cargo handling vehicles and cargo transport vehicles;
 Administrative assets;
 assets and technology used for screening and clearing purposes; and
 assets which may be required in an emergency.
Infrastructure
Infrastructure to be protected under this TSP includes:
 buildings under the control of the Organisation;
 fences and other structures under the control of the Organisation; and
 airport facilities under the control of the Organisation.
SCT05-06 (September 2015)
Sensitive
Page 24
TSP – [RACA trading name]
Sensitive
Attachment C: List of Sites and Facilities Covered by this TSP [r2.54(1)]
Listed below are all sites that operate on behalf of the Organisation and all facilities covered by this TSP:
Site/facility name
Address
Suburb/town
State
Postcode
Add rows as required
Under the Regulations, for each facility that is located at a security controlled airport, the RACA must give the airport
operator:
(a) the RACA’s contact details, including contact details for the security contact officer; and
(b) details of the procedures to check the identity of persons who are authorised to have access to the facility.
A failure to notify the Secretary in writing within seven (7) days of becoming aware of any changes to the details in
these tables may be an offence under the Regulations.
SCT05-06 (September 2015)
Sensitive
Page 25
TSP – [RACA trading name]
Sensitive
Attachment D: Organisational Structure and Security Management
Arrangements [r2.52(1)(a)]
Insert text and/or a diagram clearly articulating your organisational structure and security management arrangements
here.
SCT05-06 (September 2015)
Sensitive
Page 26
TSP – [RACA trading name]
Sensitive
Attachment E: Consultation undertaken as part of the development of this
TSP [s16(2)(g)]
The following aviation industry participants contributed to the development of this TSP:
Organisation
Title / Relationship
Consultation Undertaken
e.g. your
organisation
e.g. all levels of
management and
staff supervision
e.g. considered and discussed the various security-related
roles and responsibilities within the organisation.
e.g. security measures and procedures to be
implemented in accordance to this TSP.
e.g. reporting responsibilities of staff.
e.g. ABC Airways
e.g. RPT operator
e.g. procedures and requirements for loading cargo.
e.g. XYZ Cargo
e.g. freight operator
e.g. procedures and requirements for loading cargo.
[Other consulted
organisations]
Add rows as required
SCT05-06 (September 2015)
Sensitive
Page 27
TSP – [RACA trading name]
Sensitive
Attachment F: Regular Customer Undertaking [r2.60(b)]
[Optional: Insert customer logo]
[Insert customer’s legal name here] (the customer):

agrees to be placed on the regular customer list of [Organisation’s name].

undertakes to take appropriate security measures to prevent the unauthorised carriage of an
explosive or an explosive device;

undertakes that at time of consignment, cargo will:

have secure, undamaged packaging;

appear not to have been tampered with;

be accompanied by documentation that identifies the customer as the consignor of
the cargo; and

be presented by a person who can be verified as a representative of the customer;

is aware that cargo will be subject to security and clearing procedures; and

is aware that it is illegal to consign as cargo, without authorisation, an explosive or an explosive
device.
Signature :
Title :
(Chief Executive Officer or authorised representative)
Date :
SCT05-06 (September 2015)
Sensitive
Page 28
TSP – [RACA trading name]
Sensitive
Accompanying Document 1: Details of Sites and Facilities Covered by this
TSP [r2.54(2)]
Detailed below are all sites that operate on behalf of the Organisation and all facilities covered by this TSP:
Site/facility name:
Site/facility name or identifying description
Address:
Street address of site/facility
Located on an airport
Yes / No
If yes, is it a security controlled airport
Yes / No
If located on an airport, name of airport and a description of airside and landside operations
This site/facility is located at [airport trading name].
The airside operations at this airport are [location and description].
The landside operations at this airport are [location and description].
Operations conducted at this site/facility include:
handling cargo
consolidating cargo
loading cargo onto road vehicles
loading cargo onto aircraft (CTO operations)
examining cargo
storing cargo after hours
parking cargo transport vehicles after hours
Proportion of cargo handled at this site that is domestic cargo
None / Some / Most / All
Proportion of cargo handled at this site that is international cargo
None / Some / Most / All
Hours of operation
Days
e.g. Mon-Fri
Hours
e.g. 24h
Days
e.g. Sat
Hours
e.g. 0800h – 1200h
Days
e.g. Sun
Hours
e.g. closed
Add additional pages as required
Under the Regulations, for each facility that is located at a security controlled airport, the RACA must give the airport
operator:
(a) the RACA’s contact details, including contact details for the security contact officer; and
(b) details of the procedures to check the identity of persons who are authorised to have access to the facility.
A failure to notify the Secretary in writing within seven (7) days of becoming aware of any changes to the details in
these tables may be an offence under the Regulations.
SCT05-06 (September 2015)
Sensitive
Page 29
TSP – [RACA trading name]
Sensitive
Accompanying Document 2: Timetable for implementation of security
measures and procedures [r2.55(2)(b)]
Detailed below are security measures and/or procedures yet to be implemented at by the Organisation.
Site(s)
Measure or Procedure not yet implemented
e.g. Swipe card access installed to replace the key
lock on all entry doors
All sites
Implementation date
(no later than)
DD/MM/YY
Delete this document if all of the measures and procedures referred to in your TSP have been implemented.
SCT05-06 (September 2015)
Sensitive
Page 30
TSP – [RACA trading name]
Sensitive
Accompanying Document 3: Measures and procedures in the event of a
heightened security alert [r2.57]
The Organisation has a number of additional security measures and procedures available for
implementation in the event of a heightened security alert. These measures are:
Insert your measures and procedures. For example:

an increase in the number of security personnel / guards;

increased frequency of patrols;

implement 7-day hold on all cargo;

examine 100% of cargo (including cargo from regular customers);

24-hour watches;

hiring commercial flood lights;

request assistance from the relevant law enforcement agency;

changes to parking arrangements in the vicinity of the site or facility and/or inspection of vehicles
and changes to the vehicular parking areas;

changes to cargo delivery arrangements; and

increased monitoring or reduction of access points.
All of these measures can be applied almost immediately, and are able to be sustained for an extended
period.
Aviation security incident response [r2.57(2)(a)]
Insert your measures and procedures for responding to an aviation security incident. For example:
If an aviation security incident, including a threat or breach of security, is identified by the Organisation or
any member of staff, the [specify] and the SCO are to be informed immediately.
The SCO is to inform:

all relevant authorities including the local State / Territory Police and the Australian Federal Police;
and

any relevant aviation industry participants facing immediate threat.
The SCO is to ensure:

staff are fully aware of circumstances;

information is passed on; and

evidence is preserved (unless otherwise directed by a relevant authority e.g. for safety reasons).
The SCO is then to:

document or record all information from staff with knowledge of the incident;

provide an analysis of the incident for company action;

be prepared to provide information to assist relevant authorities; and

if requested, consider providing company resources to assist relevant authorities.
All Organisation staff are to:
SCT05-06 (September 2015)
Sensitive
Page 31
TSP – [RACA trading name]
Sensitive

assist the SCO and the Site/Facility Manager in precautionary/preparatory actions; and

comply with all requests and procedures from relevant emergency authorities.
Reporting aviation security breaches [r2.57(2)(b)]
The Organisation has a range of procedures for reporting aviation security breaches, including threats to
aviation security. The nature of the threat and the seriousness of the breach will dictate who will be
advised and the appropriate level of escalation.
These procedures are as follows:
Insert your measures and procedures. For example:

the [specify] and the SCO are to be informed immediately;

the SCO is responsible for recording the breach, and for recording and response activities taken;

the Department will be notified of any security breaches on case by case OR monthly basis.
Where appropriate, an aviation security breach that relates to the Organisation will also be reported to:

the Secretary;

the relevant State or Territory [specify] police force;

the Australian Federal Police;

any regulated business that is impacted;

any airport operator that is impacted; and

any aircraft operator that is impacted.
Contact numbers and email addresses for incident reporting are available to all staff via:

our induction training;

our procedures manual; and

are prominently displayed in all offices.
Reports made by phone will be followed up in writing within 24 hours.
Evacuation and emergency management [r2.57(2)(c)]
The following actions apply to a threat to or breach of security including:

a bomb threat;

a failure of critical security equipment;

[specify further as relevant].
Any of these incidents may result in the Organisation doing some or all of the following:
Insert your measures and procedures. For example:

securing and evacuating the affected site/facility;

refusing to receive any further cargo;

[specify further as relevant].
We will also comply with any requests from relevant emergency authorities.
SCT05-06 (September 2015)
Sensitive
Page 32
TSP – [RACA trading name]
Sensitive
Following any of the incidents referred to above, a full internal investigation and report will be made for
review by [specify] and, if required, changes to operating procedures will be implemented and this TSP
updated accordingly.
Special security directions [r2.57(2)(d)]
[Specify position/role] is responsible for implementing and ensuring compliance with any special security
direction (SSD) issued by the Secretary to the Organisation.
Insert your procedures for responding to an SSD given by the Secretary here. For example:
Upon receipt of an SSD, the [position identified above] will determine the most effective way to implement
the SSD in consultation with the Organisation’s senior management.
The Organisation’s senior management will consider which of the various parties who may be affected by
the SSD will need to be informed, including:

employees and staff;

consignors;

relevant regulated businesses;

law enforcement agencies; and

local fire and emergency agencies.
The Organisation’s senior management will also determine the most effective method to communicate the
SSD to the various parties such as through meetings, telephone calls or emails.
Staff security awareness [r2.57(2)(e)]
In the event of a heightened security alert the Organisation will take the following actions to raise the
awareness and alertness of staff to security threats, and their responsibility to report aviation security
incidents and breaches:
Insert your measures and procedures. For example:

Inform staff of the heightened security alert.

Remind staff of reporting responsibilities regarding security incidents and breaches.

Provide staff with details of the approved incident report form.

Ensure all staff are made aware of, and have access to, the Organisation’s operational procedure
manual / security manual [insert the title of the relevant documentation for your organisation].
Contingency Plans [r2.57(2)(f)]
Select from the options below as appropriate for your operations.
The Organisation does not have additional security contingency plans or procedures related to heightened
security alerts.
OR
The Organisation has a number of security contingency plans and procedures related to heightened
security alerts. These plans may also be activated upon:

receipt of an SSD;

a threat to security;

a breach of security;

the occurrence of an aviation security incident; or
SCT05-06 (September 2015)
Sensitive
Page 33
TSP – [RACA trading name]

Sensitive
any time declared by the [specify].
These procedures and plans include, but are not limited to:
Insert your organisation’s contingency plans here. For example:

an increase in security personnel;

requests for assistance from the relevant law enforcement agency;

changes to vehicle access and/or parking arrangements in the vicinity of the site/facility and/or
inspection of vehicles;

increased monitoring or reduction of access points; and

other measures subject to assessment of risk.
SCT05-06 (September 2015)
Sensitive
Page 34
DELETE THIS PAGE PRIOR TO SUBMISSION
Final checks prior to submission
1. All purple text should have been replaced or overwritten in black text by the information relevant to
your operations.
2. All red text (except the security classification) should be deleted.
3. There should be no track changes or comments.
4. The Table of Contents should be updated (at the Home option on the toolbar, go to the Editing tab,
choose Select, then press Select All. This will select the entire document. If you now press the F9
button, section headings and paragraph titles will be updated in the Table of Contents).
5. Ensure the Document Revision Record is completed.
6. Remove any passwords or other protection measures.
7. Ensure that your Statement has been signed and dated by the CEO (or authorised
representative).
8. Ensure your organisation retains identical electronic and hard copies of the document.
9. Send the completed TSP by email to national.coordinator@infrastructure.gov.au for
consideration by the Secretary.
DELETE THIS PAGE PRIOR TO SUBMISSION