“We are doing a lot of testing out there; we are serious about this. I have not seen an effort like this regarding NextGen in my entire career in aviation,” remarks Ballough.
GA facility security
It only takes one incident to really drive policy and regulation, whether it’s reasonable or not, relates Lindsey McFarren, president of McFarren Aviation Consulting and former NATA manager of regulatory affairs.
“That’s one thing I’ll say about the Austin incident,” adds McFarren. “So far, TSA has been quick to react as far as responding to the Hill, but slow to react as far as implementing a policy or regulation; which I think is a change from what we have seen in the past.”
According to McFarren, there are three steps to developing an effective facility security program:
1) Vulnerability and threat assessment. There is an obviously different threat scenario at Van Nuys Airport than at Yoder Airport in Louisville, OH, explains McFarren. Van Nuys has fences, key card access, and a fairly controlled environment; the same is not appropriate for Yoder Field. The point is to take a hard look at the operation.
2) Gap Analysis. Take a look at what other people are doing. This can be done through NBAA’s best practices for GA security, or via TSA’s GA security guidelines, among other sources.
3) Develop and implement a security plan.
Basic security measures include employee badging, visitor sign-in, key control, and basic security training for all staff, relates McFarren. With regard to fencing and gates, “TSA will say fences are the answer; I disagree wholeheartedly,” she says. “All it would take is to back up a soccer mom’s minivan to the fence and I could be up and over in a matter of seconds. I’m not concerned that some terrorist is going to do that; frankly what I’m concerned about is that some reporter is going to do that. Gates are not the answer, controls are not the answer; it’s common sense.”
McFarren also gave a regulatory update and commended the industry on how it responded to TSA’s proposed Large Aircraft Security Program (LASP). “Industry responded in a very responsible way; there were numerous chances to go out with guns blazing against TSA — that probably would not have brought us to where we are now,” says McFarren.
“I think what we are going to see will be very different from what the proposed rule was.”
Regarding TSA’s foreign repair station security proposal requiring all Part 145 repair stations regardless of location to have a security program, McFarren says, “The program would require TSA inspections, access control, and security training.
“According to the proposed rule, TSA is able to say that a repair station poses an immediate risk to security, and it can tell FAA to revoke or suspend its certificate. There is not a very clear connection between the agencies in terms of how they will work it out; it will probably be awhile before we see a final rule.”
SMS: One operator’s experience
Key Gray, director of operations for Executive Flightways, relates that in building a safety management system (SMS) from scratch, the first step his company took was to develop an administration manual where it took every job function in the company, and listed all of the tasks involved with that job, and how those tasks are carried out. A secondary value of doing this, says Gray, is that the company came up with a good set of job descriptions, which it now uses to train staff.
“Next we developed an internal audit system,” says Gray. “This resulted in monthly audits by supervisors, quarterly audits by department heads, and trimester audits by the safety manager.” An annual audit is also conducted by the president.
“We found that it’s really important that employees know there will be no punitive action taken against honest self-reported mistakes,” remarks Gray. “It’s also important they know that their mistakes will lead only to additional testing, training, and guidance. Most importantly, they have to feel there will be some change as a result of their report.”