Home' RTCA Documents for Review : DO-230H FRAC Contents 286
© 2017, RTCA, Inc.
Although these standards were developed with automated access control in mind, they do allow for non-
automated systems, methods, or procedures. 49 CFR Part 1542.207(b) provides for TSA approval of
alternatives that provide an overall level of security equal to that which would be provided by the systems,
measures, or procedures described in 49 CFR Part 1542.207(a). The determination of when and where
alternatives are acceptable is often based on the throughput, or amount of traffic, at an access point.
In special emergency situations, the TSA also issues Security Directives (SDs) to rapidly require additional
security procedures or actions (often in response to incidents or imminent threats). These SDs have the
same legal strength as the regulations.
Federal Security Guidelines
The following documents have been promulgated by component agencies of the Department of Homeland
Security (DHS) to provide guidance for aviation and airport security programs. Some of the documents are
available through the Government Printing Office as well as on agency Internet sites.
Recommended Security Guidelines for Airport Planning, Design and Construction (TSA May
Guidance Package – Biometrics for Airport Access Control Systems (TSA, October 2005).
Technical Standards for Customs Passenger Processing at Airports (CBP Oct 2012, as amended).
This document is defined as SSI and is only available on request from CBP.
Policy & Guidance Handbook for 49 CFR Part 1540 & 1542, Airport Security (2002, as amended)
Security Guidelines for General Aviation Airports (TSA 2004).
Airport Security Improvement Act of 2000, P.L. 106-528, for guidance on domiciled and non-
domiciled user requirements.
The documents which are not mandated by regulations include valuable information on “best security
practices” and should be reviewed for applicability during the Integrated Airport Security System design
and specification processes.
Disclosure of Security Sensitive Information (SSI)
Regulations for the maintenance, safeguarding, and disclosure of records and information identified as
Sensitive Security Information (SSI) are set forth in 49 Code of Federal Regulations (CFR) Part 1520. TSA
has defined SSI in § 1520.5. This part does not apply to the maintenance, safeguarding, or disclosure of
classified national security information, as defined by Executive Order 12968, or to other sensitive
unclassified information that is not SSI, but that nonetheless may be exempt from public disclosure under
the Freedom of Information Act.
The TSA SSI Program Office is responsible for specific TSA procedures to meet the requirements of Part
1520. A partial list of documents considered by TSA to be SSI includes: Airport Security Programs (ASPs)
and the Aircraft Operator Standard Security Program (AOSSP); vulnerability assessments; unclassified
operational (screener or access control) test results and training assessments; lists of critical aviation or
maritime infrastructure assets; information technology system security plans and inspection results, if the
system has been deemed critical by DHS; and related design documentation.
Contractors should be advised to mark SSI that which they generate substantially in accordance with the
following legend, having first checked to determine if TSA has mandated alternative text under its SSI
Links Archive Navigation Previous Page Next Page