Aviation security has changed over the past ten years and new threats have emerged and existing threats have evolved, including chemicals, drones and cybersecurity. The approach to security, however, has hardly changed at all.
New measures around security have included automated screening checkpoints to increase efficiency, and better machines have improved x-ray capability but, in many cases, the focus has primarily been on protection of the aircraft.
These technological changes have created challenges for the screeners and other security staff as well. They must deal with the pressure of queues and crowds, while trying to focus on detection of prohibited items, recognize suspicious behaviour, identify unattended articles, spot liquids and powders, screen bottles, shoes, and apply explosive detection on an increasing basis.
And that’s just at the checkpoint. Security is also expanding into landside areas to protect entire airport properties.
The airport industry is currently dealing with the enormous operational challenges posed by the COVID-19 pandemic and its impact and effect on aviation. But a safe and secure airport system will be a crucial component of the recovery of the global economy from this pandemic.
As the industry prepares for restart and recovery, what should its approach be to manage these challenges? Should we go back to basics on how to manage security?
ACI’s Airport Excellence (APEX) programme in security brings together experts from around the world, to review an airport ‘s security arrangements and offer advice based on experience and expert knowledge.
Since its inception, ACI has been able to compile the findings of reviews and identify patterns of areas where airports typically need assistance. One of the key findings is that many airports, security authorities and civil aviation authorities take a piecemeal approach to security.
Some key elements are still not well understood, such as risk management, security culture, and quality management.
The effective management of security requires that airports manage it in a systematic, business-like manner. The following different components are critical for a proactive approach to security.
Management commitment and organization: managing security effectively should start from the top with an executive commitment to security.
Senior management should formally acknowledge the importance of security and provide their support for it. This is the critical building block for security culture so that security is seen as an asset rather than just a cost center; senior management need to be proud of their security standing.
Threat and risk assessment: the way airport security is resourced, organized and delivered should be based on a thorough threat and risk assessment. Focusing on higher risk scenarios can help to make the most of resources and take some of the pressure of the security system.
For example, an airport may be situated in an area that is not vulnerable to man-portable air-defense systems (MANPADS) attack but may be in close proximity to water that might facilitate unauthorized access. Working with the local authority to define those risks and prioritize will help to focus security measures, resources, and spend.
People and performance: people are critical to good security, so providing the right human resources should be a cornerstone of security management. This includes recruiting the right resources, training them, certifying them (where appropriate) and making sure they are motivated to stay in the organization.
Once hired, performance should be monitored and measured to make sure it meets the airport’s security objectives. Security performance indicators depend on the airport operator but typically fall into the three categories of security: performance, efficiency, and passenger experience.
Targets, data measurement tools, and reporting systems such as scorecards and dashboards should be in place to monitor the performance of the overall airport security system and improve the situation where necessary.
Quality control and emergency response: security compliance should be reviewed by conducting quality control activities on a regular basis. The airport security team should have a Quality Control Programme in place, describing the types of quality control activities in place for security – whether it includes audits, inspections, tests and/or exercises. Managing security includes being prepared to respond to security incidents when they occur.
Airports should have airport emergency response plans in place that cover roles, responsibilities and procedures to adopt in case of a security incident. After their closure, incidents should be subject to a detailed debrief to identify lessons learnt. The priority should be on resuming operations as soon as it is safe to do so, communicating and maintaining staff and passengers’ confidence throughout.
A management systems approach: each component listed should interact with each other to help the airport respond dynamically to changing situations. For instance, new data from quality control activities could lead to a review of the airport’s risk assessment. This would then lead to a change in the Airport Security Programme, with new mitigations being adopted.
Airports may wish to focus on continuous improvement as part of their Security Programme, or they may wish to adopt a dedicated Security Management Systems (SeMS) approach, a formalized framework already used by many aviation stakeholders.
This approach to security may not be new, but it is certainly something that many airports can consider as a way of improving not only their security standing, but their costs, efficiency, customer experience and staff satisfaction.