Resource Toolkit for State Oversight Agencies Implementing 49 CFR Part 659

Images referenced in this document can be viewed in the PDF version only. If you need an accessible version of the visual content please contact xxxx@dot.gov

Preface

The "Resource Toolkit for State Oversight Agencies Implementing 49 CFR Part 659" has been developed to support states and rail transit agencies in meeting FTA's requirements for its revised State Safety and Security Oversight Rule (49 CFR Part 659), published in the Federal Register on April 29, 2005. Specifically, § 659.39(a) requires "each designated oversight agency with a rail fixed guideway system that is in passenger operations as of April 29, 2005 or will begin passenger operations by May 1, 2006, to make its initial submission to FTA by May 1, 2006." § 659.39(b) explains that "an initial submission must include the following: (1) oversight agency program standard and referenced procedures; and (2) certification that the System Safety Program Plan and the System Security Plan have been developed, reviewed, and approved."

This Resource Toolkit contains a sample "oversight agency program standard and referenced procedures" document that can be tailored by each affected state oversight agency to develop a compliant initial submission. The Resource Toolkit also includes sample program requirements that can be adopted by the state oversight agency to support the development of compliant System Safety Program Plans and System Security Plans at rail transit agencies. A sample "certification that the system safety program plan and the system security plan have been developed, reviewed, and approved" is also provided, as well as sample checklists for use by state oversight agencies in reviewing and approving the rail transit agency plans and other submissions.

The Resource Toolkit begins with the sample "Program Standard and Referenced Procedures," which has nine sections including:

  1. Introduction and Overview
  2. System Safety Program Plan Standard
  3. System Security Plan Standard
  4. Rail Transit Agency Internal Safety and Security Audit Program
  5. Hazard Management Process
  6. Accident Notification, Investigation and Reporting
  7. Three-Year On-site Safety and Security Review
  8. Corrective Action Plans
  9. Reporting to FTA

Additional references and procedures are provided as appendices. These include the following:


This Resource Toolkit is a companion document to FTA's Implementation Guidelines for 49 CFR Part 659. It is provided in electronic form on the CD-ROM contained with the Implementation Guidelines for 49 CFR Part 659. References are made to this Resource Toolkit throughout the Implementation Guidelines for 49 CFR Part 659.

Preparation of this Resource Toolkit was greatly aided by the generous contribution of materials and advice from safety and security professionals at state oversight and rail transit agencies and industry associations. Specifically, FTA's State Safety and Security Oversight Team would like to thank:

FTA's State Safety and Security Oversight Team would also like to thank Mr. Mike Taborn, Director of FTA's Safety and Security Office, and Mr. Jerry Fisher, FTA's State Safety Oversight Program Manager, for their guidance and assistance in preparing the Resource Toolkit. Mr. Roy Field, of FTA's Office of Safety and Security, also supported preparation of these materials.

Disclaimer

It should be noted that the materials presented in this DRAFT Resource Toolkit are only samples, intended for review and consideration by state oversight agencies in developing the Initial Submissions required in 49 CFR Part 659.39. Some of the sections in the revised 49 CFR Part 659 require the oversight agency (1) to establish time-frames for review and approval of rail transit agency materials and (2) to develop, review and approve joint processes with the rail transit agency which ensure on-going oversight. Neither these time-frames nor the details of the joint processes are specified in the revised 49 CFR Part 659. Instead, they are left to the discretion of the oversight agency and, in some cases, the rail transit agency.

The sample materials provided in this Resource Toolkit offer examples of time frames and joint processes that could be adopted by the state oversight agency and rail transit agency to address 49 CFR Part 659 requirements. However, there are many approaches that could be taken to meeting these requirements. In providing these sample materials FTA is not mandating their use nor implying that the approach documented in the sample materials is the only acceptable alternative. In evaluating Initial Submissions from state oversight agencies, FTA will focus only on the state's compliance with the Rule's minimum requirements. FTA will show no favor to agencies using either these sample materials or modified versions thereof.

Reading this Document

To support the efforts of state oversight agencies to evaluate these sample materials within the context of the revised Rule's requirements, each section of the sample "Program Standard and Referenced Procedures" begins with a brief description of the section and the citation of excerpts from the revised Rule relevant to that section. Items to be inserted, considered, or determined by the oversight agency are highlighted in gray. Gray highlighting is also applied to those processes and procedures which address areas of Rule implementation left to the discretion of state oversight agencies. In addition to the gray highlighting, these text items to be inserted or considered by the oversight agency are enclosed by square bracket's .

Table of Contents

Preface
Disclaimer
Reading this Document

Table of Contents

Cross-Walk Matrix

Program Standard and Referenced Procedures
1. Introduction and Overview
1.1 Purpose
1.2 Authority
1.3 SOA Point of Contact
1.4 Affected Rail Transit Agency(s)
1.5 Conflict of Interest 15
1.6 Distribution of Program Standard and Procedures
1.7 Revisions and Updates
1.8 Definitions

2. System Safety Program Plan Standard
2.1 Objective
2.2 SSPP Minimum Requirements
2.3 Initial Review and Approval of SSPP
2.4 Subsequent Reviews of RTA SSPP
2.5 SSPP Submittals from New Starts Projects
2.6 SSPP Readiness Review

3. System Security Plan Standard
3.1 Objective
3.2 Security Program Plan Minimum Requirements
3.3 Initial Review and Approval of System Security Plan
3.4 Subsequent Reviews of RTA System Security Plan
3.5 System Security Plan Submittals from New Starts Projects
3.6 System Security Plan Readiness Review

4. Internal Safety and Security Audit Program
4.1 Objectives
4.2 Minimum Requirements for Audits
4.3 Minimum Requirements for Annual Report on the Internal Safety and Security Audit Process

5. Hazard Management Process
5.1 Objective
5.2 Minimum Requirements
5.3 Hazard Tracking Log
5.4 Quarterly Meetings on the Hazard Management Process
5.5 Notification of Unacceptable Hazards
5.6 Investigation of Unacceptable Hazards
5.6.1 Initial Investigation Report
5.6.2 Status Investigation Reports
5.6.3 Final Investigation Report
5.6.4 Corrective Action Plans (CAP)
5.6.5 SOA Investigation of Hazards

6. Accident Notification, Investigation and Reporting
6.1 Objective
6.2 Minimum Requirements
6.2.1 Initial Notification
6.3 Investigations of Reportable Events
6.3.1 Authorization of the RTA to Conduct Investigations on Behalf of SOA
6.3.2 Independent SOA Investigations
6.6.3 NTSB Investigations

7. Three-Year On-site Safety and Security Review
7.1 Objective
7.2 Minimum Requirements
7.3 Process and Procedure
7.3.1 Pre-Review Preparations

8. Corrective Action Plans
8.1 Objectives
8.2 Minimum Requirements
8.3 Notification
8.4 Corrective Action Plan Review and Approval
8.5 Monitoring and Tracking

9. Reporting to FTA
9.1 Objective
9.2 Reporting Requirements to FTA

Cross-Walk Matrix

49 CFR Part 659 (April 29, 2005) Where it is addressed in Sample "Section of Sample Program Standards"
§ 659.5 Definitions
Section 1
§ 659.11 Confidentiality of investigation reports and security plans
Section 2
§ 659.13 Overview
Section 1
§ 659.15 System safety program standard
(a) General Requirement
Section 1
(b) Contents
(1) Program management section
Section 1
(2) Program standard development section
Section 1
(3) Oversight of rail transit agency internal safety and security audits
Section 4
(4) Oversight agency safety and security review section
Section 7
(5) Accident notification section
Section 6
(6) Investigations section
Section 6
(7) Corrective actions section
Section 8
(8) System safety program plan section
Section 2
(9) System security plan section
Section 3
§ 659.17 System safety program plan: general requirements
Section 2
§ 659.19 System safety program plan: contents
Section 2
§ 659.21 System security plan: general requirements
Section 3
§ 659.23 System security plan: contents
Section 3
§ 659.25 Annual review of system safety program and system security plans
Section 2 and Section 3
§ 659.27 Internal safety and security audits
Section 4
§ 659.29 Oversight agency safety and security reviews
Section 7
§ 659.31 Hazard management process
Section 5
§ 659.33 Accident notification
Section 6
§ 659.35 Investigations
Section 6
§ 659.37 Corrective action plans
Section 8
§ 659.39 Oversight agency reporting to the Federal Transit Administration
Section 9
§ 659.41 Conflict of interest
Section 1
§ 659.43 Certification of compliance Section 9

Program Standard and Referenced Procedures

1. Introduction and Overview

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency, its authority, organization, and designated point-of-contact, as well as the rail transit agencies overseen by the program, the oversight agency's provisions regarding conflict of interest, and the definitions used by the oversight agency in managing its program. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section, are listed:
*Start of Citation excerpt from the revised Rule*

§ 659.13 Overview.

The state oversight agency is responsible for establishing standards for rail safety and security practices and procedures to be used by rail transit agencies within its purview. In addition, the state oversight agency must oversee the execution of these practices and procedures, to ensure compliance with the provisions of this part.

§ 659.15 System safety program standard.

(a) General requirement. Each state oversight agency shall develop and distribute a program standard. The program standard is a compilation of processes and procedures that governs the conduct of the oversight program at the state oversight agency level, and provides guidance to the regulated rail transit properties concerning processes and procedures they must have in place to be in compliance with the state safety oversight program. The program standard and any referenced program procedures must be submitted to FTA as part of the initial submission. Subsequent revisions and updates must be submitted to FTA as part of the oversight agency's annual submission.

§ 659.15(b)(1) and (2). System safety program standard: contents.

Each oversight agency shall develop a written program standard that meets the requirements specified in this part and includes, at a minimum, the areas identified in this section.

(1) Program management section. This section shall include an explanation of the oversight agency's authority, policies, and roles and responsibilities for providing safety and security oversight of the rail transit agencies within its jurisdiction. This section shall provide an overview of planned activities to ensure on-going communication with each affected rail transit agency relating to safety and security information, as well as FTA reporting requirements, including initial, annual and periodic submissions.

(2) Program standard development section. This section shall include a description of the oversight agency's process for the development, review, and adoption of the program standard, the modification and/or update of the program standard, and the process by which the program standard and any subsequent revisions are distributed to each affected rail transit agency.

§ 659.41 Conflict of interest.

The oversight agency shall prohibit a party or entity from providing services to both the oversight agency and rail transit agency when there is a conflict of interest, as defined by the state.

§ 659.5 Definitions.

Contractor means an entity that performs tasks required by this part on behalf of the oversight or rail transit agency. The rail transit agency may not be a contractor for the oversight agency.
Corrective action plan means a plan developed by the rail transit agency that describes the actions the rail transit agency will take to minimize, control, correct, or eliminate hazards, and the schedule for implementing for those actions.
FRA means the Federal Railroad Administration, an agency within the U.S. Department of Transportation.
FTA means the Federal Transit Administration, an agency within the U.S. Department of Transportation.
Hazard means any real or potential condition (as defined in the rail transit agency's hazard management process) that can cause injury, illness, or death; damage to or loss of a system, equipment or property; or damage to the environment.
Individual means a passenger; employee; contractor; other rail transit facility worker; pedestrian; trespasser; or any person on rail transit-controlled property.
Investigation means the process used to determine the causal and contributing factors of an accident or hazard, so that actions can be identified to prevent recurrence.
New Starts Project means any rail fixed guideway system funded under FTA's 49 U.S.C. 5309 discretionary construction program.
Oversight Agency means the entity, other than the rail transit agency, designated by the state or several states to implement this part.
Passenger means a person who is on board, boarding, or alighting from a rail transit vehicle for the purpose of travel.
Passenger operations means the period of time when any aspect of rail transit agency operations are initiated with the intent to carry passengers.
Program standard means a written document developed and adopted by the oversight agency, that describes the policies, objectives, responsibilities, and procedures used to provide rail transit agency safety and security oversight.
Rail fixed guideway system means, as determined by FTA, any light, heavy, or rapid rail system, monorail, inclined plane, funicular, trolley, or automated guideway that:

  1. Is not regulated by the Federal Railroad Administration; and
  2. Is included in FTA's calculation of fixed guideway route miles or receives funding under FTA's formula program for urbanized areas (49 U.S.C. 5336); or
  3. Has submitted documentation to FTA indicating its intent to be included in FTA's calculation of fixed guideway route miles to receive funding under FTA's formula program for urbanized areas (49 U.S.C. 5336).

Rail transit agency means an entity that operates a rail fixed guideway system.
Rail transit-controlled property means property that is used by the rail transit agency and may be owned, leased, or maintained by the rail transit agency.
Rail transit vehicle means the rail transit agency's rolling stock, including, but not limited to passenger and maintenance vehicles.
Safety means freedom from harm resulting from unintentional acts or circumstances.
Security means freedom from harm resulting from intentional acts or circumstances.
State means a State of the United States, the District of Columbia, Puerto Rico, the Northern Mariana Islands, Guam, American Samoa and the Virgin Islands.
System safety program plan means a document developed by the rail transit agency, describing its safety policies, objectives, responsibilities, and procedures.
System security plan means a document developed by the rail transit agency describing its security policies, objectives, responsibilities, and procedures.
*End of Citation excerpt from the revised Rule*

1.1 Purpose

This document describes the state of insert name of state's program for addressing regulations promulgated by the Federal Transit Administration (FTA). These regulations establish minimum requirements for safety and security programs at each rail transit agency (RTA) within the state's jurisdiction. The purpose of this document is to provide standards, procedures, and technical direction to RTAs in order to implement the program specified by the state.

1.2 Authority

Through insert Executive Order/Enabling Legislation/Other, the insert Governor/ Legislature/Other of the state has assigned the insert name of agency - will be referred to State Oversight Agency (SOA) throughout this document as the agency responsible for rail transit safety and security oversight in the state. Appendix A contains a copy of the insert Executive Order/Enabling Legislation/Other Provision that grants authority to the SOA to develop, manage, and carry out FTA's safety and security program requirements in the state. To implement the insert Executive Order/Enabling Legislation/Other Provision, this document establishes the system safety and security requirements for each RTA in the state to implement the provisions of the SSO program.

FTA's authority to require this program derives from its authority to condition the receipt of FTA grant funds on compliance with FTA guidance (49 U.S.C. § 4324(c)). The Intermodal Surface Transportation Efficiency Act (ISTEA), recently reauthorized by the Safe, Accountable, Flexible, and Efficient Transportation Equity Act: A Legacy for Users (SAFTEA-LU), directed FTA to issue regulations requiring states to oversee the safety and security of rail transit agencies (49 USC
§ 5330). FTA promulgated its regulations through the adoption of a rule in 1995, entitled "Rail Fixed Guideway Systems; State Safety Oversight" (49 CFR Part 659). FTA recently revised 49 CFR Part 659, publishing its new final Rule on April 29, 2005, hereinafter referred to as "the Rule" or Part 659. Appendix B contains a copy of the Rule.
insert Executive Order/Enabling Legislation/Other and Part 659 establish authority for the SOA's program and the standards, procedures, and technical direction to be provided to each RTA operating within the state's jurisdiction. This document combines the SOA's program standard and procedures and comprises the state's Initial Submission to FTA. It documents both RTA and SOA required activities to implement insert Executive Order/Enabling Legislation/Other and Part 659. It also specifies the program in place to ensure on-going communication between the SOA and each affected RTA regarding safety and security information, and to address SOA communication with the FTA, including initial, annual, and periodic submissions.

1.3 SOA Point of Contact

The program administered by the SOA is managed by insert name and title of SOA SSO Program Manager.

[Start of Sample Point of Contact form...

Oversight Agency: Name of SOA
Program Manager:
Mr./Ms. First Name/Last Name
Title
Address Line 1
Address Line 2
City, State and Zip Code
Phone: (XXX) - XXX - XXXX
Fax: (XXX) - XXX - XXXX
E-mail: name@soa.st.gov

…end of Sample Point of Contact form

SOA's oversight program is located within the insert name of department, i.e., Department of Transportation Safety within the insert name of agency, i.e., state Department of Transportation. Organization charts for both the insert name of agency, i.e., state Department of Transportation and the insert name of department, i.e., Office of Transportation Safety are provided in Appendix C. The SOA Program Manager administers the state safety and security oversight program full-time. The SOA Program Manager reports to the insert name of supervisor, who reports to the insert name of supervisor, i.e., Deputy Administrator for Transportation, who reports information on the oversight program to the insert name of agency's chief executive. In the event that additional personnel, technical or staff support is required from insert name of agency, insert name of supervisor is authorized dedicate these resources to the program. insert name of supervisor is also authorized to arrange a meeting with the insert name of agency's chief executive in the event that agency-wide attention should be focused on a specific RTA safety or security issue. The SOA retains the authority to use contractors as required to support the performance of safety and security oversight activities. Procurement activities for the contractor are managed by the SOA Program Manager in conjunction with the insert name of agency's procurement department.

1.4 Affected Rail Transit Agency(s)

RTAs affected by this program include any light, heavy, or rapid rail system, monorail, inclined plane, funicular, trolley, or automated guideway operating within the state's jurisdiction that:

RTA's subject to the provisions of the state's program include:

[Start of Sample RTA Contact form...

RTA Number 1:
Name of RTA
Address Line 1
Address Line 2
City, State and Zip Code

…end of Sample RTA Contact form

Affected RTAs shall supply, and update as necessary, points-of-contact for their safety and security programs to SOA. This information is attached as Appendix D.

1.5 Conflict of Interest

No individual or entity may provide services to both SOA and an RTA when there is a conflict of interest or an appearance of a conflict. A conflict of interest occurs when an individual or entity performing work for an RTA or the SOA is unable, or potentially unable, to render impartial assistance or advice on the development or implementation of the standards and provisions of this SSO manual, or to objectively perform such work without bias. A third party contractor to the SOA or an RTA may not have an unfair competitive advantage over other contractors. Each contractor is subject to full disclosure on all present and potential conflicts of interest in its activities or relationships prior to being awarded a contract with SOA or an RTA.

1.6 Distribution of Program Standard and Procedures

This document is distributed through the SOA's insert name of office. Copies can be obtained from:
Name of Office
Address Line 1
Address Line 2
City, State and Zip Code

This document can also be obtained directly from the SOA point-of-contact. In addition, copies of this document have been distributed directly to the designated safety and security points-of-contact established by each affected RTA.

1.7 Revisions and Updates

To ensure currency, this document will be reviewed on a biennial schedule to determine if updates are necessary. The first biennial review will be performed beginning on the first working day in January 2008. After a 30-day review period, during which SOA will develop its proposed revisions, the revised document will be circulated for review in draft form to the affected RTAs. At least 30 days will be provided for the RTAs to submit comments to the SOA point-of-contact.

Following this review and comment period, draft changes will be approved by the insert name of approving party and incorporated into the next version of the document. After every update, final versions of the revised document will be submitted to the RTA safety and security points-of-contact. Final versions of the revised document will also be submitted to FTA's Office of Safety and Security as part of the SOA's Annual Submission. Final versions of this document will also be available for distribution in the manner described in Section 1.6.

In addition to the biennial update, changes may be requested to this document based on reviews or audits from internal or external sources, such as FTA, or based on policy changes, statewide meetings, and/or organizational changes. Each request for change will be reviewed by appropriate SOA staff in a timely manner. Proposed changes to this document will be circulated for review in draft form to the affected RTAs in the manner described for the biennial reviews. As with the biennial updates, final copies of the revised version of this document will be submitted to the RTA safety and security points-of-contact and to the FTA as part of the SOA's Annual Submission. Final versions of this document will also be available for distribution in the manner described in Section 1.6.

1.8 Definitions

Definitions used in this document include the following:

2. System Safety Program Plan Standard

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's requirements for the System Safety Program Plan (SSPP), which must be developed by the rail transit agency, and formally reviewed and approved by the oversight agency. The state oversight agency must also require the rail transit agency to conduct an annual review to determine whether the SSPP should be updated, and must explain its process for receiving, reviewing and formally approving updated SSPPs. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section, are listed:

*Start of Citation excerpt from the revised Rule*

§ 659.15(b)(8). System safety program standard: contents.

(8) System safety program plan section. This section shall specify the minimum requirements to be contained in the rail transit agency's system safety program plan. The contents of the system safety plan are discussed in more detail in § 659.19 of this part. This section shall also specify information to be included in the affected rail transit agency's system safety program plan relating to the hazard management process, including requirements for ongoing communication and coordination relating to the identification, categorization, resolution, and reporting of hazards to the oversight agency. More details on the hazard management process are contained in § 659.31 of this part. This section shall also describe the process and timeframe through which the oversight agency must receive, review, and approve the rail transit agency system safety program plan.

§ 659.39(a) and (b) Oversight agency reporting to the Federal Transit Administration.

(a) Initial submission. Each designated oversight agency with a rail fixed guideway system that is in passenger operations as of April 29, 2005 or will begin passenger operations by
May 1, 2006, must make its initial submission to FTA by May 1, 2006. In states with rail fixed guideway systems initiating passenger operations after May 1, 2006, the designated oversight agency must make its initial submission within the time frame specified by the state in its designation submission, but not later than at least sixty (60) days prior to initiation of passenger operations. Any time a state changes its designated oversight agency to carry out the requirements identified in this part, the new oversight agency must make a new initial submission to FTA within thirty (30) days of the designation.

(b) An initial submission must include the following:

  1. Oversight agency program standard and referenced procedures; and
  2. Certification that the system safety program plan and the system security plan have been developed, reviewed, and approved.

§ 659.17 System safety program plan: general requirements.

(a) The oversight agency shall require the rail transit agency to develop and implement a written system safety program plan that complies with requirements in this part and the oversight agency's program standard.

(b) The oversight agency shall review and approve the rail transit agency system safety program plan.

(c) After approval, the oversight agency shall issue a formal letter of approval to the rail transit agency, including the checklist used to conduct the review.

§ 659.25(a) and (b). Annual review of system safety program plan.

(a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan.

(b) In the event the rail transit agency's system safety program plan is modified, the rail transit agency must submit the modified plan and any subsequently modified procedures to the oversight agency for review and approval. After the plan is approved, the oversight agency must issue a formal letter of approval to the rail transit agency.

§ 659.19 System safety program plan: contents.

The system safety plan shall include, at a minimum:

(a) A policy statement signed by the agency's chief executive that endorses the safety program and describes the authority that establishes the system safety program plan.

(b) A clear definition of the goals and objectives for the safety program and stated management responsibilities to ensure they are achieved.

(c) An overview of the management structure of the rail transit agency, including:

  1. An organization chart;
  2. A description of how the safety function is integrated into the rest of the rail transit organization; and
  3. Clear identification of the lines of authority used by the rail transit agency to manage safety issues.

(d) The process used to control changes to the system safety program plan, including:

  1. Specifying an annual assessment of whether the system safety program plan should be updated; and
  2. Required coordination with the oversight agency, including timeframes for submission, revision, and approval.

(e) A description of the specific activities required to implement the system safety program, including:

  1. Tasks to be performed by the rail transit safety function, by position and management accountability, specified in matrices and/or narrative format; and
  2. Safety-related tasks to be performed by other rail transit departments, by position and management accountability, specified in matrices and/or narrative format.

(f) A description of the process used by the rail transit agency to implement its hazard management program, including activities for:

  1. Hazard identification;
  2. Hazard investigation, evaluation and analysis;
  3. Hazard control and elimination;
  4. Hazard tracking; and
  5. Requirements for on-going reporting to the oversight agency relating to hazard management activities and status.

(g) A description of the process used by the rail transit agency to ensure that safety concerns are addressed in modifications to existing systems, vehicles, and equipment, which do not require formal safety certification but which may have safety impacts.

(h) A description of the safety certification process required by the rail transit agency to ensure that safety concerns and hazards are adequately addressed prior to the initiation of passenger operations for New Starts and subsequent major projects to extend, rehabilitate, or modify an existing system, or to replace vehicles and equipment.

(i) A description of the process used to collect, maintain, analyze, and distribute safety data, to ensure that the safety function within the rail transit organization receives the necessary information to support implementation of the system safety program.

(j) A description of the process used by the rail transit agency to perform accident notification, investigation and reporting, including:

(1) Notification thresholds for internal and external organizations;
(2) Accident investigation process and references to procedures;
(3) The process used to develop, implement, and track corrective actions that address investigation findings;
(4) Reporting to internal and external organizations; and
(5) Coordination with the oversight agency.

(k) A description of the process used by the rail transit agency to develop an approved, coordinated schedule for all emergency management program activities, which include:

  1. Meetings with external agencies;
  2. Emergency planning responsibilities and requirements;
  3. Process used to evaluate emergency preparedness, such as annual emergency field exercises;
  4. After action reports and implementation of findings;
  5. Revision and distribution of emergency response procedures;
  6. Familiarization training for public safety organizations; and
  7. Employee training.

(l) A description of the process used by the rail transit agency to ensure that planned and scheduled internal safety reviews are performed to evaluate compliance with the system safety program plan, including:

  1. Identification of departments and functions subject to review;
  2. Responsibility for scheduling reviews;
  3. Process for conducting reviews, including the development of checklists and procedures and the issuing of findings;
  4. Review of reporting requirements;
  5. Tracking the status of implemented recommendations; and
  6. Coordination with the oversight agency.

(m) A description of the process used by the rail transit agency to develop, maintain, and ensure compliance with rules and procedures having a safety impact, including:

  1. Identification of operating and maintenance rules and procedures subject to review;
  2. Techniques used to assess the implementation of operating and maintenance rules and procedures by employees, such as performance testing;
  3. Techniques used to assess the effectiveness of supervision relating to the implementation of operating and maintenance rules; and
  4. Process for documenting results and incorporating them into the hazard management program.

(n) A description of the process used for facilities and equipment safety inspections, including:

  1. Identification of the facilities and equipment subject to regular safety-related inspection and testing;
  2. Techniques used to conduct inspections and testing;
  3. Inspection schedules and procedures; and
  4. Description of how results are entered into the hazard management process.

(o) A description of the maintenance audits and inspections program, including identification of the affected facilities and equipment, maintenance cycles, documentation required, and the process for integrating identified problems into the hazard management process.

(p) A description of the training and certification program for employees and contractors, including:

  1. Categories of safety-related work requiring training and certification;
  2. A description of the training and certification program for employees and contractors in safety-related positions;
  3. Process used to maintain and access employee and contractor training records; and
  4. Process used to assess compliance with training and certification requirements.

(q) A description of the configuration management control process, including:

  1. The authority to make configuration changes;
  2. Process for making changes; and
  3. Assurances necessary for formally notifying all involved departments.

(r) A description of the safety program for employees and contractors that incorporates the applicable local, state, and federal requirements, including:

  1. Safety requirements that employees and contractors must follow when working on, or in close proximity to, rail transit agency property; and
  2. Processes for ensuring the employees and contractors know and follow the requirements.

(s) A description of the hazardous materials program, including the process used to ensure knowledge of and compliance with program requirements.

(t) A description of the drug and alcohol program and the process used to ensure knowledge of and compliance with program requirements.

(u) A description of the measures, controls, and assurances in place to ensure that safety principles, requirements and representatives are included in the rail transit agency's procurement process.

§ 659.31 Hazard management process.

(a) The oversight agency must require the rail transit agency to develop and document in its system safety program plan a process to identify and resolve hazards during its operation, including any hazards resulting from subsequent system extensions or modifications, operational changes, or other changes within the rail transit environment.

(b) The hazard management process must, at a minimum:

  1. Define the rail transit agency's approach to hazard management and the implementation of an integrated system-wide hazard resolution process;
  2. Specify the sources of, and the mechanisms to support, the on-going identification of hazards;
  3. Define the process by which identified hazards will be evaluated and prioritized for elimination or control;
  4. Identify the mechanism used to track through resolution the identified hazard(s);
  5. Define minimum thresholds for the notification and reporting of hazard(s) to oversight agencies; and
  6. Specify the process by which the rail transit agency will provide on-going reporting of hazard resolution activities to the oversight agency.

*End of Citation excerpt from the Revised Rule*

2.1 Objective

This section identifies the minimum requirements for the System Safety Program Plan (SSPP) to be developed, approved, adopted and implemented by the each RTA in the SOA program.

2.2 SSPP Minimum Requirements

SOA has adopted a minimum system safety program standard in order to comply with requirements specified by FTA in 49 CFR 659.17 and 49 CFR 659.19 of the revised Rule. SOA encourages the RTAs to exceed this standard in their revenue service operations and to further enhance safety by applying system safety principles throughout all life cycle phases of the transit system's activities.

Each RTA must develop, implement, and maintain a written SSPP that complies with the SSPP Program Requirements specified in Appendix E of this document. This SSPP must:

Based on the requirements specified in Appendix E, an outline for the minimum content for the RTA SSPP is illustrated in Figure 1 (Figure 1 is actually a text listing in outline format.)

Figure 1: Outline for SSPP

1. Executive Approval (Policy Statement)

2. Purpose, Goals and Objectives

4. Plan Review and Modification

5. SSPP Implementation - Tasks and Activities

6. Hazard Management Process

7. Safety Certification

8. Managing Safety in System Modifications

9. Safety Data Acquisition

10. Accident/Incident Notification, Investigation and Reporting

11. Emergency Response Planning/Coordination/Training

12. Internal Safety Audit Process

13. Rules Compliance/Procedures Review

14. Facilities and Equipment Inspections

15. Maintenance Audits/Inspections

16. Training and Certification Review/Audit

17. Configuration Management

18. Compliance with local, state and federal Requirements

19. Hazardous Materials

20. Drug & Alcohol Abuse

21. Procurement

2.3 Initial Review and Approval of SSPP

In carrying out its oversight responsibilities under FTA's SSO Program (49 CFR 659.17), SOA will receive, review, and approve in writing each RTA SSPP. With the SSPP, the RTA should also submit any referenced materials, including procedures, checklists and training materials for accident investigation, the internal safety audit program, the hazard management process, the emergency response planning, coordination and training program, and the rules compliance program.

To ensure compliance with FTA's initial submission requirements, each RTA must submit an SSPP, in compliance with the program requirements specified in Appendix E and all referenced procedures/materials by April 1, 2006. The SSPP should be submitted in electronic format via email
to the SOA point-of-contact. Supporting procedures may be submitted in hard copy via mail or fax. SOA will review the submitted SSPP, using the checklist provided in Appendix F. Upon approval, SOA will provide a written letter of approval and a copy of the completed checklist to the RTA.

While conducting its review, SOA may request additional information, clarifications or revisions from the RTA safety point-of-contact. A meeting or teleconference may also be conducted to address any issues identified by SOA during its review of the SSPP. Any additional requirements will be conveyed by the SOA point-of-contact. Pending any major deficiencies in the RTA SSPP, SOA will approve the initial SSPP submission by April 30, 2006.

2.4 Subsequent Reviews of RTA SSPP

Each RTA shall conduct an annual review of its SSPP and update it as necessary to ensure that the SSPP is current at all times. The RTA shall complete the review for the previous calendar year and submit a revised SSPP to the SOA point-of-contact by March 1. As appropriate, referenced materials affected by the revision(s) should also be submitted with the SSPP.

Each revised SSPP submitted to the SOA by an RTA shall include a text or tabular summary that identifies and explains proposed changes and includes a time frame for completion of the associated activities. Following the process specified in Figure 2 below, SOA will review subsequent SSPP submissions from RTAs. Upon approval of modifications, SOA will issue to the RTA written approval of its SSPP within 30 calendar days of submission and the completed SSPP checklist.

In the event that an RTA conducts its annual SSPP review and determines that no update is necessary for that year, it must prepare and submit by March 1 formal correspondence notifying SOA of this determination. If SOA wishes to object to this determination, the SOA point-of-contact will notify the RTA within 30 days.

Additional reviews of the RTA SSPP may be required to address specific issues based on revisions to the SOA's program standard or procedures, revisions to FTA 49 CFR 659, audit results, on-site reviews, investigations, or changing trends in incident data. Upon receipt of a written notification from the SOA for SSPP modifications, the RTA shall submit a revised SSPP to SOA within 30 calendar days. SOA will review and approve the revised SSPP, providing a formal approval letter and a completed review checklist (if appropriate for the change) within 30 days of receipt of the revised RTA SSPP.

In the event that the RTA initiates updates outside of the annual review cycle, the RTA shall submit the modified SSPP, and any subsequently modified procedures, to the SOA for review and approval within 30 calendar days of the effective date of the change.

Figure 2: SSPP Approval Process

[D]

2.5 SSPP Submittals from New Starts Projects

An RTA New Starts project shall make an initial submittal of an SSPP and all referenced procedures/materials to SOA at least 180 calendar days before beginning passenger service operations. The initial SSPP will be approved and adopted by the RTA as part of the New Starts project safety certification process.

SOA will review and approve the initial SSPP using its review checklist, and will transmit a formal letter of approval and the completed checklist to the RTA point-of-contact. While conducting its review, SOA may request additional information, clarifications or revisions from the RTA safety point-of-contact. A meeting or teleconference may also be conducted to address any issues identified by SOA during its review of the SSPP. Any additional requirements will be conveyed by the SOA point-of-contact.

2.6 SSPP Readiness Review

SOA reserves the right to conduct an on-site SSPP Readiness Review of any New Starts project. This review would be conducted after receipt of the RTA's initial SSPP submission but prior to its entry into passenger operations. This assessment would focus on the capabilities of the RTA to implement its SSPP during passenger operations. This assessment may be conducted in conjunction with SOA review and approval of the initial SSPP submission.

This assessment may be conducted formally, following the procedures specified for the Three-Year Safety and Security Review, identified in Section 7 of this document. Or this assessment may be conducted less formally, as an on-site walk-through of the RTA's safety program with the RTA's safety point-of-contact and other RTA personnel to ensure both the accuracy of its initial SSPP submission and the capacity of the RTA to implement its SSPP.

Based on the type of review conducted, SOA may issue an official report with required corrective actions (see Section 7 of this document), or may address any findings through the review and approval process used for the RTA's SSPP.

3. System Security Plan Standard

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's requirements for the System Security Plan, which must be developed by the rail transit agency, and formally reviewed and approved by the oversight agency. The state oversight agency must also require the rail transit agency to conduct an annual review to determine whether the System Security Plan should be updated, and must explain its process for receiving, reviewing and formally approving updated System Security Plans. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section, are listed:
*Start of Citation from the revised Rule*

§ 659.15(b)(9). System safety program standard: contents.

(9) System security plan section. This section shall specify the minimum requirements to be included in the rail transit agency's system security plan. More details about the system security plan are contained in §§ 659.21 through 659.23 of this part. This section shall also describe the process by which the oversight agency will review and approve the rail transit agency system security program plan. This section also shall identify how the state will prevent the system security plan from public disclosure.

§ 659.11 Confidentiality of investigation reports and security plans.

(a) A state may withhold an investigation report that may have been prepared or adopted by the oversight agency from being admitted as evidence or used in a civil action for damages resulting from a matter mentioned in the report.

(b) This part does not require public availability of the rail transit agency's security plan and any referenced procedures.

§ 659.21 System security plan: general requirements.

(a) The oversight agency shall require the rail transit agency to implement a system security plan that, at a minimum, complies with requirements in this part and the oversight agency's program standard. The system security plan must be developed and maintained as a separate document and may not be part of the rail transit agency's system safety program plan.

(b) The oversight agency may prohibit a rail transit agency from publicly disclosing the system security plan.

(c) After approving the system security plan, the oversight agency shall issue a formal letter of approval, including the checklist used to conduct the review, to the rail transit agency.

§ 659.23 System security plan: contents.

The system security plan must, at a minimum address the following:

(a) Identify the policies, goals, and objectives for the security program endorsed by the agency's chief executive;

(b) Document the rail transit agency's process for managing threats and vulnerabilities during operations, and for major projects, extensions, new vehicles and equipment, including integration with the safety certification process;

(c) Identify controls in place that address the personal security of passengers and employees;

(d) Document the rail transit agency's process for conducting internal security reviews to evaluate compliance and measure the effectiveness of the system security plan; and

(e) Document the rail transit agency's process for making its system security plan and accompanying procedures available to the oversight agency for review and approval.

§ 659.25(b) and (c). Annual review of system security plan.

(b) The oversight agency shall require the rail transit agency to conduct an annual review of its system security plan.

(c) In the event the rail transit agency's system security plan is modified, the rail transit agency must make the modified system security plan and accompanying procedures available to the oversight agency for review, consistent with requirements specified in § 659.23(e) of this part. After the plan is approved, the oversight agency shall issue a formal letter of approval to the rail transit agency.
*End of Citation from the revised Rule*

3.1 Objective

This section identifies the minimum requirements for the System Security Plan to be developed, approved, adopted and implemented by the each RTA in the SOA program.

3.2 Security Program Plan Minimum Requirements

SOA has adopted a minimum system security program standard in order to comply with requirements specified by FTA in 49 CFR 659.21 and 49 CFR 659.23 of the revised Rule. Each RTA must develop, implement, and maintain a written System Security Plan that complies with the program requirements specified in Appendix G of this document. This appendix is based on FTA's System Security and Emergency Preparedness Planning Guide, issued in January 2003. FTA's guide addresses all of the activities specified in 49 CFR Part 659.23. In addition, compliance with this FTA guide is required for RTAs participating in the Transit Security Grant Program (TSGP), administered by the Department of Homeland Security, Preparedness Directorate, Office of Grants and Training (G&T), formerly the Office for Domestic Preparedness (ODP). The program requirements in Appendix G also affirm the authority of the Transportation Security Administration (TSA) in the areas of rail transit security and terrorism preparedness.

At a minimum, the System Security Plan developed by the RTA must:

In addressing this last item, the SOA has authority in place to protect against the public disclosure of RTA security documents. To ensure the further protection of these documents, the SOA requests that all security submissions are either delivered to the SOA point-of-contact in person, via email, or delivered via overnight mail with a signature required.

Based on the requirements specified in Appendix G, an outline for the minimum content for the RTA System Security Plan is illustrated in Figure 3 (Figure 3 is actually a text listing in outline format.)

Figure 3: Outline for System Security and Emergency Preparedness Plan (SEPP)

SEPP Memorandum of Executive Approval/System Security Policy

1.0 System Security and Emergency Preparedness Program Introduction

2.0 System Description

3.0 SEPP Management Activities

4.0 SEPP Program Description

5.0 Threat and Vulnerability Identification, Assessment, and Resolution

6.0 Implementation and Evaluation of SEPP

7.0 Modification of System Security Plan

3.3 Initial Review and Approval of System Security Plan

In carrying out its oversight responsibilities under FTA's SSO Program (49 CFR 659.21), the SOA will receive, review, and approve in writing each RTA System Security Plan. With the System Security Plan, the RTA should also submit any referenced materials, including procedures and checklists for the threat and vulnerability identification/assessment/resolution process, the internal security audit program, and the controls in place that address the personal security of passengers and employees. For RTAs participating in the DHS/GT TSGP, SOA also requests copies of the RTA's Regional Transit Security Strategy.

To ensure compliance with FTA's initial submission requirements, each RTA must submit a System Security Plan, in compliance with the program requirements specified in Appendix G and all referenced procedures/materials by April 1, 2006] to the SOA point-of-contact. SOA will review the submitted SSPP, using the checklist provided in Appendix H. Upon approval, SOA will provide a written letter of approval and a copy of the completed checklist to the RTA. Pending any major deficiencies in the initial System Security Plan submission, SOA will approve this plan by April 30, 2006.

3.4 Subsequent Reviews of RTA System Security Plan

Each RTA shall conduct an annual review of its System Security Plan and update it as necessary to ensure that the System Security Plan is current at all times. The RTA shall complete the review for the previous calendar year and submit a revised System Security Plan to the SOA point-of-contact by March 1. As appropriate, referenced materials affected by the revision(s) should also be submitted with the System Security Plan.

Each revised System Security Plan submitted to SOA by an RTA shall include a text or tabular summary that identifies and explains proposed changes and includes a time frame for completion of the associated activities. SOA will review subsequent System Security Plan submissions from RTAs. Upon approval of modifications, the SOA will issue to the RTA written approval of its System Security Plan within 30 calendar days and a copy of the completed System Security Plan review checklist.

In the event that an RTA conducts its annual System Security Plan review and determines that no update is necessary for that year, it must prepare and submit by March 1 formal correspondence notifying SOA of this determination. If SOA wishes to object to this determination, the SOA point-of-contact will notify the RTA within 30 days.

Additional reviews of the RTA System Security Plan may be required to address specific issues based on revisions to the SOA's program standard or procedures, revisions to FTA 49 CFR 659, audit results, on-site reviews, investigations, or changing trends in crime data or terrorism threat levels. Upon receipt of a written notification from the SOA for System Security Plan modifications, the RTA shall submit a revised System Security Plan to the SOA within 30 calendar days. SOA will review and approve the revised System Security Plan, providing a formal approval letter and a completed review checklist (if appropriate for the change). This review and approval process will be completed 30 days after receipt of the modified System Security Plan.

In the event that the RTA initiates updates outside of the annual review cycle, the RTA shall submit the modified System Security Plan, and any subsequently modified procedures, to the SOA for review and approval within 30 calendar days of the effective date of the change.

SOA encourages the RTA to ensure that submissions of updated System Security Plans are also made to DHS/G&T and TSA, following the conditions specified in grant program, directives or other requirements and regulations administered by these agencies.

Figure 4 provides a visual depiction of the SOA System Security Plan review and approval process.

Figure 4: System Security Plan Approval Process

[D]

3.5 System Security Plan Submittals from New Starts Projects

An RTA New Starts project shall make an initial submittal of a System Security Plan and all referenced procedures/materials to SOA at least 180 calendar days before beginning passenger service operations. This submission shall be made following any restrictions placed on these materials by either the RTA or SOA to ensure their protection from public release. The initial System Security Plan shall be approved and adopted by the RTA as part of the New Starts project safety certification process.

SOA will review and approve the initial System Security Plan using its review checklist, and will transmit a formal letter of approval and the completed checklist to the RTA point-of-contact. During its review, SOA may make requests for additional information, revisions or modifications. Any additional requirements will be conveyed by the SOA point-of-contact.

3.6 System Security Plan Readiness Review

SOA reserves the right to conduct an on-site System Security Plan Readiness Review of any New Starts project. This review would be conducted after receipt of the RTA's initial System Security Plan submission but prior to its entry into passenger operations. This assessment would focus on the capabilities of the RTA to implement its System Security Plan during passenger operations. This assessment may be conducted in conjunction with SOA review and approval of the initial System Security Plan submission.

This assessment may be conducted formally, following the procedures specified for the Three-Year Safety and Security Review, identified in Section 7 of this document. Or this assessment may be conducted less formally, as an on-site walk-through of the RTA's security and emergency preparedness program with the RTA's security point-of-contact and other RTA personnel to ensure both the accuracy of its initial System Security Plan submission and the capacity of the RTA to implement its System Security Plan.

Based on the type of review conducted, SOA may issue an official report with required corrective actions (see Section 7 of this document), or may address any findings through the review and approval process used for the RTA's System Security Plan.

4. Internal Safety and Security Audit Program

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's requirements for the internal safety and security audit program, which must be performed by the rail transit agency, and formally reviewed and approved by the oversight agency. The state oversight agency must also require the rail transit agency chief executive officer to certify on annual basis that, based on the results of this process, the rail transit agency is in compliance with its SSPP and System Security Plan. In the event that the chief executive officer cannot make this certification, an action plan must be submitted to the state oversight agency for review and approval. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section, are listed:

*Start of Citation from the revised Rule*

§ 659.15(b)(3). System safety program standard: contents.

(3) Oversight of rail transit agency internal safety and security reviews. This section shall specify the role of the oversight agency in overseeing the rail transit agency internal safety and security review process. This includes a description of the process used by the oversight agency to receive rail transit agency checklists and procedures and approve the rail transit agency's annual reports on findings, which must be submitted under the signature of the rail transit agency's top management.

§ 659.27 Internal safety and security reviews.

(a) The oversight agency shall require the rail transit agency to develop and document a process for the performance of on-going internal safety and security reviews in its system safety program plan.

(b) The internal safety and security review process must, at a minimum:

  1. Describe the process used by the rail transit agency to determine if all identified elements of its system safety program plan and system security plan are performing as intended; and
  2. Ensure that all elements of the system safety program plan and system security plan are reviewed in an ongoing manner and completed over a three-year cycle.

(c) The rail transit agency must notify the oversight agency at least thirty (30) days before the conduct of scheduled internal safety and security reviews.

(d) The rail transit agency shall submit to the oversight agency any checklists or procedures it will use during the safety portion of its review.

(e) The rail transit agency shall make available to the oversight agency any checklists or procedures subject to the security portion of its review, consistent with § 659.23(e).

(f) The oversight agency shall require the rail transit agency to annually submit a report documenting internal safety and security review activities and the status of subsequent findings and corrective actions. The security part of this report must be made available for oversight agency review, consistent with § 659.23(e).

(g) The annual report must be accompanied by a formal letter of certification signed by the rail transit agency's chief executive, indicating that the rail transit agency is in compliance with its system safety program plan and system security plan.

(h) If the rail transit agency determines that findings from its internal safety and security reviews indicate that the rail transit agency is not in compliance with its system safety program plan or system security plan, the chief executive must identify the activities the rail transit agency will take to achieve compliance.

(i) The oversight agency must formally review and approve the annual report.

*End of Citation from the revised Rule*

4.1 Objectives

The section describes SOA requirements for the internal safety and security audit program to be implemented by the RTA.

4.2 Minimum Requirements for Audits

As described in the SSPP and System Security Plan, the RTA must implement a process for the performance of on-going internal safety and security audits to ensure the implementation of the
RTA SSPP and System Security Plan, and to evaluate the effectiveness of these plans. To ensure compliance with FTA's 49 CFR Part 659.27, the RTA must:

4.3 Minimum Requirements for Annual Report on the Internal Safety and Security Audit Process

By March 1 of each year, SOA requires the RTA to submit an annual report to the SOA point-of-contact that documents the internal audits conducted for the previous year. This report may be submitted in electronic copy via email or in hard copy via mail or fax. For sections devoted to the results of security audits, any special provisions established by the RTA or SOA to ensure the protection of these materials must be followed.

This annual report must include:

The SOA will review and approve this report within 30 days. While conducting its review, SOA staff may request additional information, clarifications or revisions from the RTA safety or security point-of-contact. A meeting or teleconference may also be conducted to address any issues identified by SOA during its review of the annual report. Any additional requirements will be conveyed to the RTA by the SOA point-of-contact.

In addition to the annual report, also by March 1, SOA requires that the RTA submit a formal letter of certification, signed by the rail transit agency's chief executive, stating that, based on the evaluation performed during the internal safety and security audit process during the previous year, the RTA is in compliance with its SSPP and System Security Plan.

If the RTA determines that findings from its internal safety and security audits indicate that the RTA is not in compliance with its SSPP, the chief executive must then identify the activities that the RTA will take to achieve compliance. SOA must review and approve this action plan using the procedures specified in Section 8 of this document.

Figure 5 shows the internal safety and security audit process specified by SOA.

Figure 5: Internal Safety and Security Review Process

[D]

5. Hazard Management Process

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's requirements for the Hazard Management Process, which must be developed by the rail transit agency in its SSPP, and formally reviewed and approved by the oversight agency. The state oversight agency must also ensure on-going participation in the rail transit agency's Hazard Management Process. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section of the sample "Program Standard and Referenced Procedures" are provided:

*Start of Citation from the revised Rule*

§ 659.19(f) System safety program plan: contents.

(f) A description of the process used by the rail transit agency to implement its hazard management program, including activities for:

  1. Hazard identification;
  2. Hazard investigation, evaluation and analysis;
  3. Hazard control and elimination;
  4. Hazard tracking; and
  5. Requirements for on-going reporting to the oversight agency relating to hazard management activities and status.

§ 659.31 Hazard management process.

(a) The oversight agency must require the rail transit agency to develop and document in its system safety program plan a process to identify and resolve hazards during its operation, including any hazards resulting from subsequent system extensions or modifications, operational changes, or other changes within the rail transit environment.

(b) The hazard management process must, at a minimum:

  1. Define the rail transit agency's approach to hazard management and the implementation of an integrated system-wide hazard resolution process;
  2. Specify the sources of, and the mechanisms to support, the on-going identification of hazards;
  3. Define the process by which identified hazards will be evaluated and prioritized for elimination or control;
  4. Identify the mechanism used to track through resolution the identified hazard(s);
  5. Define minimum thresholds for the notification and reporting of hazard(s) to oversight agencies; and
  6. Specify the process by which the rail transit agency will provide on-going reporting of hazard resolution activities to the oversight agency.

§ 659.37 Corrective action plans.

(a) The oversight agency must, at a minimum, require the development of a corrective action plan for the following:

  1. Results from investigations, in which identified causal and contributing factors are determined by the rail transit agency or oversight agency as requiring corrective actions; and
  2. Findings from safety and security reviews performed by the oversight agency.

(b) Each corrective action plan should identify the action to be taken by the rail transit agency, an implementation schedule, and the individual or department responsible for the implementation.

(c) The corrective action plan must be reviewed and formally approved by the oversight agency.

(d) The oversight agency must establish a process to resolve disputes between itself and the rail transit agency resulting from the development or enforcement of a corrective action plan.

(e) The oversight agency must identify the process by which findings from an NTSB accident investigation will be evaluated to determine whether or not a corrective action plan should be developed by either the oversight agency or rail transit agency to address NTSB findings.

(f) The rail transit agency must provide the oversight agency:

  1. Verification that the corrective action(s) has been implemented as described in the corrective action plan, or that a proposed alternate action(s) has been implemented subject to oversight agency review and approval; and
  2. Periodic reports requested by the oversight agency, describing the status of each corrective action(s) not completely implemented, as described in the corrective
    action plan.

(g) The oversight agency must monitor and track the implementation of each approved corrective action plan.

*End of Citation from the revised Rule*

5.1 Objective

This section describes SOA requirements for the RTA Hazard Management Process. The objective of this process is to provide SOA with an on-going role in overseeing the RTA's identification, assessment and resolution of hazards.

5.2 Minimum Requirements

SOA requires each RTA to develop and document in its SSPP a process to identify and resolve hazards for New Starts projects, extensions, or modifications of existing systems, operational or environmental changes, or from hazards discovered during reviews, audits, inspections, and investigations.

The hazard management process must, at a minimum:

5.3 Hazard Tracking Log

In its SSPP, the RTA must specify is approach to identifying and assessing hazards. Each RTA may use a variety of methodologies, including informal processes, such as reports from operations and maintenance personnel, results from rules compliance checks and employee evaluations, the mining of maintenance data, results from facilities and vehicles inspections, findings from internal safety and security audits, and daily review of the RTA's unusual occurrences log, as well as more formal approaches, such as trend analysis, hazard classification and resolution using the Mil-Std 882 process, hazard analyses using inductive processes (Preliminary Hazard Analysis, Failure Modes and Effects Analysis, Job Hazard Analysis, etc.) and hazard analysis using deductive processes (Fault Tree Analysis).

Based on its selected methods, the RTA must identify its process for consolidating all hazard information into a single, coordinated process. This process may use worksheets, forms, databases and other tools to support standardization and organization of hazard information. Based on this process, SOA requires the RTA to establish a Hazard Tracking Log which reflects the consolidation of information in the hazard management process. The Hazard Tracking Log must contain all hazards identified through the various methods applied by the RTA. The Hazard Tracking Log may be organized by the hazard number assigned by the RTA, or by the type of hazard, the source from which it was identified, or the element of the RTA's operation affected by the hazard (i.e., facilities, vehicles, track and signal, communications/SCADA, tunnel ventilation, personnel training and procedures, etc.). A sample log appears in Figure 6.

Figure 6: Sample Monthly Hazard Tracking Log

[D]

The proposed Hazard Tracking Log must be submitted by the RTA to the SOA in its SSPP for review and approval. Once the log is approved, it must be submitted monthly to the SOA point-of-contact in electronic copy via email or in hard copy via mail or fax. The SOA will review the Monthly Hazard Tracking Log and forward any questions or requests for information to the RTA safety point-of-contact.

5.4 Quarterly Meetings on the Hazard Management Process

To ensure an on-going involvement in the RTA's hazard management process, as specified in 49 CFR Part 659. 31, SOA is requiring quarterly meetings with the RTA to review the Hazard Tracking Log and the other RTA activities associated with the hazard management process. These meetings should occur no later than the third week after the calendar year quarters ending on March 31, June 30, September 30, and December 31. By the first week after each calendar year quarter has ended, the RTA must submit to SOA a proposed date and location for the quarterly meeting and a proposed agenda. SOA will review and approve the agenda, making any modifications as appropriate, and schedule the quarterly meeting with the RTA.

During the quarterly meetings, SOA retains the authority to request and review any records maintained by the RTA documenting the results of its hazard management process. If these records are not available at the meetings, they will be transmitted to the SOA point-of-contact in electronic copy via email or in hard copy via mail or fax after the conclusion of the quarterly meeting.

The RTA should prepare meeting minutes from each quarterly meeting, being sure to document any identified action items or required activities. The meeting minutes should be prepared and submitted to SOA no later than two weeks after each quarterly meeting.

5.5 Notification of Unacceptable Hazards

During application of its hazard management process, should the RTA determine that the final risk assessment of the hazard identified is "unacceptable" using the criteria and assessment process specified in its SSPP, the RTA shall notify the SOA point-of-contact within 24 hours or by 5:00 p.m. on the next regular working day following the determination of the unsafe condition as "unacceptable". The RTA shall transmit an electronic copy via email or a hard copy via fax of the appropriately completed worksheets, forms or other materials documenting the unacceptable hazard.

5.6 Investigation of Unacceptable Hazards

The RTA or its contractor must investigate a hazard reported to the SOA as unacceptable in accordance with the provisions specified by the RTA in its SSPP and the Accident Investigation Procedure submitted to and approved by SOA. The RTA shall maintain a file of hazards reported to the SOA and make these files available to the SOA for review and evaluation.

5.6.1 Initial Investigation Report

The RTA shall submit to the SOA the initial report of its investigation of the unacceptable hazard within 7 calendar days of the hazard being reported to the SOA point-of-contact. The RTA may transmit an electronic copy via email or a hard copy via mail or fax.

5.6.2 Status Investigation Reports

The RTA shall submit to the SOA point-of-contact status reports of the unacceptable hazard investigation at least monthly until the investigation is completed. The RTA may transmit these status reports as an electronic copy via email or as hard copy via mail or fax.

5.6.3 Final Investigation Report

Upon completing the investigation of the unacceptable hazard, the RTA shall prepare and submit to the SOA for review and approval a final report that includes a description of activities, findings, identified causal factors, and a corrective action plan. The RTA shall transmit an electronic copy of the final investigation report to the SOA point-of-contact via email. Within 30 calendar days of receiving a report designated as final, the SOA will review the report, using the process specified in Section 6 of this document. Within 30 calendar days of acceptance of the RTA investigation report, the SOA will issue to the RTA written approval of the report. In the event that SOA does not accept the RTA report, SOA will communicate in writing the area(s) of disagreement or concern. The report shall not be considered final until all conditions are met and the report is approved by SOA.

5.6.4 Corrective Action Plans (CAP)

The RTA shall develop a corrective action plan to correct those elements or activities identified as deficient. In addition, the SOA may, during the course of an investigation, identify corrective actions to avoid or minimize the reoccurrence of the unsafe condition or address a related, systemic problem. Procedures associated with development, submission, review and approval of corrective action plans are the subject of Section 8 of this document. At any time during an investigation, SOA reserves the right to request a full briefing from the RTA on the known circumstances of the investigation, including corrective actions.

5.6.5 SOA Investigation of Hazards

SOA reserves the right to conduct independent investigations of identified unacceptable hazards. A description of the SOA investigation process is provided Section 6.3.2 of this document.

Upon its determination to conduct an independent investigation, SOA will inform the RTA in writing of its intention to conduct an investigation of a reported hazard no later than 7 calendar days following receipt of the RTA initial report. SOA will advise the RTA of the following:

The RTA shall assist the SOA investigators by providing required information and resources necessary for conducting the investigation. The SOA or its contractor will complete an investigation report that includes a description of activities, findings, identified causal factors, and a corrective action plan. The report will be finished within 30 calendar days after completion of the investigation, and will be delivered to the RTA for review. The RTA will have 15 days to prepare a correction action plan and submit it to the SOA point-of-contact.

6. Accident Notification, Investigation and Reporting

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's requirements for accident notification, investigation and reporting. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section of the sample "Program Standard and Referenced Procedures" are provided:

*Start of Citation from the revised Rule*

§ 659.15(b)(5), (6) and (7). System safety program standard: contents.

(5) Accident notification section. This section shall include the specific requirements for the rail transit agency to notify the oversight agency of accidents. This section shall also include required timeframes, methods of notification, and the information to be submitted by the rail transit agency. Additional detail on this portion is included in §659.33 of this part.

(6) Investigations section. This section contains the oversight agency identification of the thresholds for incidents that require an oversight agency investigation. The roles and responsibilities for conducting investigations shall include: coordination with the rail transit agency investigation process, the role of the oversight agency in supporting investigations and findings conducted by the NTSB, review and concurrence of investigation report findings, and procedures for protecting the confidentiality of investigation reports.

(7) Corrective actions section. This section shall specify oversight agency criteria for the development of corrective action plan(s) and the process for the review and approval of a corrective action plan developed by the rail transit agency. This section shall also identify the oversight agency's policies for the verification and tracking of corrective action plan implementation, and its process for managing conflicts with the rail transit agency relating to investigation findings and corrective action plan development.

§ 659.19(j) System safety program plan: contents.

(j) A description of the process used by the rail transit agency to perform accident notification, investigation and reporting, including:

  1. Notification thresholds for internal and external organizations;
  2. Accident investigation process and references to procedures;
  3. The process used to develop, implement, and track corrective actions that address investigation findings;
  4. Reporting to internal and external organizations; and
  5. Coordination with the oversight agency.

§ 659.33 Accident notification.

(a) The oversight agency must require the rail transit agency to notify the oversight agency within two (2) hours of any incident involving a rail transit vehicle or taking place on rail transit-controlled property where one or more of the following occurs:

  1. A fatality at the scene; or where an individual is confirmed dead within thirty (30) days of a rail transit-related incident;
  2. Injuries requiring immediate medical attention away from the scene for two or more individuals;
  3. Property damage to rail transit vehicles, non-rail transit vehicles, other rail transit property or facilities and non-transit property that equals or exceeds $25,000;
  4. An evacuation due to life safety reasons;
  5. A collision at a grade crossing;
  6. A main-line derailment;
  7. A collision with an individual on a rail right of way; or
  8. A collision between a rail transit vehicle and a second rail transit vehicle, or a rail transit non-revenue vehicle.

(b) The oversight agency shall require rail transit agencies that share track with the general railroad system and are subject to the Federal Railroad Administration notification requirements, to notify the oversight agency within two (2) hours of an incident for which the rail transit agency must also notify the Federal Railroad Administration.

(c) The oversight agency shall identify in its program standard the method of notification and the information to be provided by the rail transit agency.

§ 659.35 Investigations.

(a) The oversight agency must investigate, or cause to be investigated, at a minimum, any incident involving a rail transit vehicle or taking place on rail transit-controlled property meeting the notification thresholds identified in § 659.33(a).

(b) The oversight agency must use its own investigation procedures or those that have been formally adopted from the rail transit agency and that have been submitted to FTA.

(c) In the event the oversight agency authorizes the rail transit agency to conduct investigations on its behalf, it must do so formally and require the rail transit agency to use investigation procedures that have been formally approved by the oversight agency.

(d) Each investigation must be documented in a final report that includes a description of investigation activities, identified causal and contributing factors, and a corrective action plan.

(e) A final investigation report must be formally adopted by the oversight agency for each accident investigation.

  1. If the oversight agency has conducted the investigation, it must formally transmit its final investigation report to the rail transit agency.
  2. If the oversight agency has authorized an entity other than itself (including the rail transit agency) to conduct the accident investigation on its behalf, the oversight agency must review and formally adopt the final investigation report.
  3. If the oversight agency does not concur with the findings of the rail transit agency investigation report, it must either:
    (i) Conduct its own investigation according to paragraphs (b), (d) and (e)(1) of this section; or
    (ii) Formally transmit its dissent to the findings of the accident investigation, report its dissent to the rail transit agency, and negotiate with the rail transit agency until a resolution on the findings is reached.

(f) The oversight agency shall have the authority to require periodic status reports that document investigation activities and findings in a time frame determined by the oversight agency.

§ 659.37 Corrective action plans.

(a) The oversight agency must, at a minimum, require the development of a corrective action plan for the following:

  1. Results from investigations, in which identified causal and contributing factors are determined by the rail transit agency or oversight agency as requiring corrective actions; and
  2. Findings from safety and security reviews performed by the oversight agency.

(b) Each corrective action plan should identify the action to be taken by the rail transit agency, an implementation schedule, and the individual or department responsible for the implementation.

(c) The corrective action plan must be reviewed and formally approved by the oversight agency.

(d) The oversight agency must establish a process to resolve disputes between itself and the rail transit agency resulting from the development or enforcement of a corrective action plan.

(e) The oversight agency must identify the process by which findings from an NTSB accident investigation will be evaluated to determine whether or not a corrective action plan should be developed by either the oversight agency or rail transit agency to address NTSB findings.

(f) The rail transit agency must provide the oversight agency:

  1. Verification that the corrective action(s) has been implemented as described in the corrective action plan, or that a proposed alternate action(s) has been implemented subject to oversight agency review and approval; and
  2. Periodic reports requested by the oversight agency, describing the status of each corrective action(s) not completely implemented, as described in the corrective action plan.

(g) The oversight agency must monitor and track the implementation of each approved corrective action plan.

*End of Citation from the revised Rule*

6.1 Objective

This section addresses the requirements in place for the notification, investigation and reporting of accidents meeting the thresholds specified in FTA's 49 CFR Part 659.33.

6.2 Minimum Requirements

The RTA shall notify the SOA within 2 hours of any safety or security event involving a rail transit vehicle or taking place on RTA controlled property where one or more of the following occur:

Each RTA that shares track with a general railroad system and is subject to the Federal Railroad Administration (FRA) notification requirements shall notify the SOA within 2 hours of an incident for which the RTA must notify the FRA.

6.2.1 Initial Notification

The RTA shall provide initial notification to the SOA point-of-contact in electronic copy via email. The following information shall be provided by the RTA in the initial notification of the event. If the information is not pertinent to the event, the item should be identified on the Initial Notification as "non applicable" (N/A).

The RTA shall provide additional information at SOA's request. The RTA shall maintain a current list of contact information for all primary and alternate SOA contact personnel, including delivery street addresses, email addresses, and fax, telephone, cell phone, and pager numbers.

6.3 Investigations of Reportable Events

49 CFR Part 659.35 requires SOA to investigate, or cause to be investigated, at a minimum, any incident involving a rail transit vehicle or taking place on rail transit-controlled property meeting the notification thresholds identified in Section 6.2. In conducting these investigations, SOA may authorize the RTA to conduct an investigation on its behalf, conduct its own independent investigation, or, if the NTSB is investigating the accident, join in the investigation through NTSB's Party System.

6.3.1 Authorization of the RTA to Conduct Investigations on Behalf of SOA

After receiving notification of the accident as specified in Section 6.2.1, the SOA must formally authorize the RTA in writing, via an email submitted to the RTA safety point-of-contact, to conduct the investigation on its behalf. For all investigations conducted by the RTA on behalf of the SOA, the RTA must use investigation procedures that have been approved by the SOA.

The RTA must submit these procedures to SOA with the SSPP by April 1, 2006. Subsequent updates and revisions to these procedures should be submitted to SOA as they are completed and implemented by the RTA or with the annual update of the SSPP. These procedures should be treated as part of the SSPP. These procedures will be submitted to FTA as part of the SOA Initial Submission. Subsequent updates to these procedures will be submitted to FTA as part of the SOA Annual Submission.

In the event that authorization is conferred upon the RTA to conduct the investigation, SOA may participate in the investigation process. The terms of participation are specified in the RTA SSPP and in the RTA accident investigation procedures.

Each RTA investigation conducted on behalf of the SOA must be documented in a final report that includes a description of investigation activities, findings, identified causal factors, and a corrective action plan. At its discretion, and as specified in its accident investigation procedures, the RTA may separate its investigation report into two parts: (1) description of investigation activities, investigation findings, and determination of the most probable cause and additional contributing causes; and (2) recommendations to prevent recurrence, including a corrective action plan.

The investigation report prepared by the RTA shall be submitted to the SOA within 30 calendar days following completion of the investigation. Until the investigation is completed, the RTA shall prepare and submit monthly status investigation reports. The status investigation reports at a minimum shall include:

At any time during an investigation, the RTA shall be prepared to provide a full briefing on the known circumstances of the event, status of the RTA or NTSB investigation, and investigation activities.

Upon receipt of the RTA accident investigation report, the SOA will review the report in accordance with its Checklist for Reviewing RTA Investigation Reports, specified in Appendix I of this document. In the event that the SOA does not agree with the description of the investigation, the identification of primary and contributing causes, or the findings of the RTA report, the SOA shall communicate in writing to the RTA safety-point-of-contact the area(s) of disagreement or concern. SOA will work with the RTA to address these issues in the RTA's accident investigation report. In the event that agreement cannot be reached on these issues, the SOA will issue its own accident investigation report, which may be no more than the RTA report and the SOA dissent.

SOA approval must be obtained on the corrective action plan portion of the RTA accident investigation report. In the event that SOA takes issue with the RTA's proposed corrective action plan, SOA and the RTA must work together until SOA approval can be obtained.

To reduce the potential for conflict, SOA encourages each RTA to submit a draft version of the accident investigation report to the SOA point-of-contact so that agreement may be obtained on the most probable cause, additional contributing causes, corrective action plan, and an implementation schedule before the report is finalized and formally issued by the RTA.

Reports and records of accident investigations submitted to the SOA by the RTA, as well as related reports and records produced by both SOA and the RTA, will be treated as confidential information, and will not be released without concurrence by both SOA and the RTA.

6.3.2 Independent SOA Investigations

SOA at its discretion may choose to conduct an independent investigation of any accident meeting the thresholds specified in Section 6.2 utilizing its own personnel or an authorized contractor. Any investigation conducted by the SOA or its contractor must be in accordance with the approved RTA investigation procedures. SOA investigations may also follow the American Public Transportation Association (APTA) Standard for Rail Transit Accident/Incident Investigation (Volume 4 - Operating Practices APTA RT-S-OP-002-02 dated 7/26/04). This referenced standard, along with the RTA accident investigation procedures, has been submitted to FTA as part of the SOA Initial Submission.

The SOA will inform the RTA of its intention to conduct an investigation or participate in an RTA investigation of a reported event no later than 7 calendar days following receipt of the RTA initial report. SOA will advise the RTA as to the personnel who will be conducting the independent investigation, and provide a preliminary schedule as to the investigation process.

All SOA authorized accident investigation personnel are granted authority under the state safety oversight program to conduct an investigation and evaluate records, materials, data, analysis, and other information which is pertinent to the investigation. It is expected that the RTA will provide to the SOA investigation team the resources and information necessary to conduct the investigation in an effective and efficient fashion.

SOA accident investigation personnel may conduct field analysis, operational surveys, interviews, record checks, data analysis, and other on-site and off-site tasks which may be necessary for a comprehensive investigation. If SOA accident investigation personnel require information or analysis which is not readily available, or which may require additional resources by the RTA, it will request this data in a written request to the RTA safety point-of-contact via email or letter.

In conducting its investigation, SOA will, at a minimum, perform the following activities:

The RTA will be required to review the final SOA accident investigation report, and within 10 days after receiving it, either (1) provide concurrence to implement the SOA-proposed corrective action plan or (2) submit an alternate corrective action plan to SOA for review and approval.

6.6.3 NTSB Investigations

The NTSB may investigate a reportable event to achieve its primary function to promote safety in transportation. In such case, the NTSB is responsible for the investigation; the determination of facts, conditions, and circumstances; the cause or probable cause or causes; and recommendations to
reduce the likelihood of recurrence. SOA will support the NTSB as a member of its Party System.

In the event of an NTSB investigation, the RTA shall be responsible for timely briefing the SOA on NTSB activities including meetings, interviews, requests for data, functional testing, examination of equipment, and the results of drug and alcohol tests. The RTA shall provide the SOA with a copy of all written correspondence to the NTSB concerning a reportable event or investigation, and also shall provide the SOA a copy of all NTSB reports and any recommendations concerning the event or its investigation, upon receipt by the RTA. The SOA will assist the NTSB by providing information requested about the RTA critical practices and other matters as appropriate.

If the NTSB releases preliminary findings and recommendations, the SOA is authorized to participate in any discussions and reviews with the RTA and NTSB. The SOA and the RTA will review the NTSB findings, draft, and final reports and make a determination of whether or not to adopt the NTSB recommendations. Should the NTSB recommendations be adopted, the RTA shall implement the findings.

7. Three-Year On-site Safety and Security Review

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's process for conducting on-site reviews of the rail transit agency's implementation of its SSPP and System Security Plan at least once every three years. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section of the sample "Program Standard and Referenced Procedures" are provided:

*Start of Citation from the revised Rule*

§ 659.15(b)(4) System safety program standard: contents.

(4) Oversight agency safety and security review section. This section shall lay out the process and criteria to be used at least every three years in conducting a complete review of each affected rail transit agency's implementation of its system safety program plan and system security plan. This section includes the process to be used by the affected rail transit agency and the oversight agency to manage findings and recommendations from this review. This also includes procedures for notifying the oversight agency before the rail transit agency conducts an internal review.
§ 659.29 Oversight agency safety and security reviews.

At least every three (3) years, beginning with the initiation of rail transit agency passenger operations, the oversight agency must conduct an on-site review of the rail transit agency's implementation of its system safety program plan and system security plan. Alternatively, the on-site review may be conducted in an on-going manner over the three year timeframe. At the conclusion of the review cycle, the oversight agency must prepare and issue a report containing findings and recommendations resulting from that review, which, at a minimum, must include an analysis of the effectiveness of the system safety program plan and the security plan and a determination of whether either should be updated.

*End of Citation from the revised Rule*

7.1 Objective

This section addresses SOA's procedures for the Three-Year Safety and Security Review to be performed on-site at the RTA. This review will determine the extent to which the RTA is meeting its SSPP and System Security Plan requirements, the effectiveness of the SSPP and System Security Plan, and whether the SSPP and System Security Plan should be updated.

7.2 Minimum Requirements

As specified in 49 CFR Part 659.29 at least every three (3) years, SOA must conduct an on-site review of the RTA's implementation of its SSPP and System Security Plan. Alternatively, this on-site review may be conducted in an on-going manner over the three-year timeframe.

In conducting the three-year review, SOA will establish a review team and prepare a schedule, procedures and a checklist to guide the review process. Criteria will be established through which SOA can evaluate the RTA's implementation of its SSPP and System Security Plan.

As the conclusion of the review, SOA will prepare and issue a report containing findings and recommendations resulting from the review, which will analyze the effectiveness of the SSPP and System Security Plan and whether either should be updated. Corrective actions required as a result of this review will be managed through the process described in Section 8 of this document.

SOA will submit its completed report for the three-year safety and security review to FTA as part of its Annual Submission.

Figure 7 shows the Three-Year Safety and Security Review process.

Figure 7: Three-Year Safety and Security Review Process

[D]

7.3 Process and Procedure

7.3.1 Pre-Review Preparations

The SOA point-of-contact will establish a schedule for conducting the review at each RTA operating within the state's jurisdiction. This schedule will include milestones for the development of checklists to guide the review, notification of the RTA regarding the review, conduct of a pre-review meeting with the RTA, conducting the review, preparation of a draft report, delivery of the draft report to the RTA, issuance of a final report, and the receipt, review, approval and tracking through to implementation of RTA corrective action plans.

The SOA point-of-contact will determine whether the review will be conducted by SOA personnel, a contractor, or a combination of both. If a contractor is to be used, required activities to ensure that contractor services are available in time to plan for and conduct the review will be added to the milestone schedule.

Based on the milestone schedule, the SOA point-of-contact will assign a team of SOA and/or contractor personnel to conduct the review. Each team shall have a designated Lead Reviewer and supporting Team Members.

Once assigned, the team will begin its work by reviewing in detail the RTA's SSPP, System Security Plan, and referenced and supporting procedures and materials. These materials will form the basis of SOA's review checklist. As necessary, while preparing this checklist, the SOA point-of-contact may contact the RTA's safety or security point-of-contact and request additional information, procedures, or documentation. These requests may be transmitted via email, letter or fax. For example, the team may request and review the RTA's operating rule book, bulletins, orders, instructions, and procedures; maintenance manuals and procedures for vehicles, track and signals; design criteria and project engineering procedures for extensions or modifications; internal safety and security audit checklists and reports; the results of the hazard management process; and the status of all corrective action plans.

Utilizing these materials, the team will complete its checklist development. This checklist will identify:

Space shall also be provided on the checklists to record the results of the review. Once the checklists are completed, SOA will formally notify the RTA safety and security points-of-contact of the upcoming review, no less than 60 days before the review is schedule. This notification will occur via letter.

Shortly after notification, SOA will schedule a pre-review meeting with the RTA for clarification of any questions and concerns, and coordination of daily schedules with the RTA. Either during this meeting or via email or hard copy mail, SOA's point-of-contact will also transmit its review checklists to the RTA safety and security points-of-contact. The checklists will be delivered to RTA at least 30 calendar days prior to the start date of the review.

7.3.2 On-Site Review

To begin the review, the SOA team will conduct an entrance meeting with the RTA to resolve any outstanding issues and verify the schedule previously agreed to during the pre-review meeting. The SOA team will then conduct the on-site safety and security review using checklists developed during the pre-review period and transmitted to the RTA.

In performing this review, the SOA team will administer the checklists as specified, through interviews, document and record reviews, first-hand observations of operations and maintenance activities, spot checks, and visual examinations and measurements. Results will be recorded in the checklists. When the results indicate a deficiency or discrepancy with the acceptance criteria specified in the checklist, it will be noted and a supplemental form may be completed. At the conclusion of the on-site review, the SOA team will conduct an exit meeting with the RTA, providing an overview of the major findings, observations and concerns.

7.3.3 Draft and Final Three-Year Safety and Security Review Reports

Following the completion of the on-site review, the SOA team shall prepare a draft report with the completed review checklists and supplemental forms included as attachments. A sample review checklist and supplemental form are provided in Appendix J.

This draft report will provide:

The draft report will be delivered to the RTA safety and security points-of-contact via email no later than 30 working days after the conclusion of the on-site review. The RTA will have 30 days to respond to the draft report and to prepare corrective actions as requested by the SOA in the draft report to address any identified findings, recommendation or concerns. Upon receipt of the RTA's response, SOA will make any required revisions to the draft and issue the final report. The final report shall be issued no later than 90 days after the conclusion of the on-site review.

While individual reports may vary, the basic outline used for the SOA Three-Year Safety and Security Review Report is presented in Figure 8 (Figure 8 has been converted from a two column graphic to textual display of a bulleted outline.)

The SOA will transmit the completed three-year on-site safety and security review reports to FTA as part of its Annual Submission.

Corrective action plans submitted by the RTA to address review findings will be reviewed, approved and tracked through to implementation following the process specified in Section 8 of this document.

Figure 8: Sample Three-Year Safety and Security Review Final Report Outline

8. Corrective Action Plans

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's process for requiring, reviewing, approving and tracking to close-out corrective action plans prepared by the rail transit agency. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section of the sample "Program Standard and Referenced Procedures" are provided:

*Start of Citation from the revised Rule*

§ 659.15(b)(7) System safety program standard: contents.

(7) Corrective actions section. This section shall specify oversight agency criteria for the development of corrective action plan(s) and the process for the review and approval of a corrective action plan developed by the rail transit agency. This section shall also identify the oversight agency's policies for the verification and tracking of corrective action plan implementation, and its process for managing conflicts with the rail transit agency relating to investigation findings and corrective action plan development.

§ 659.37 Corrective action plans.

(a) The oversight agency must, at a minimum, require the development of a corrective action plan for the following:

  1. Results from investigations, in which identified causal and contributing factors are determined by the rail transit agency or oversight agency as requiring corrective actions; and
  2. Findings from safety and security reviews performed by the oversight agency.

(b) Each corrective action plan should identify the action to be taken by the rail transit agency, an implementation schedule, and the individual or department responsible for the implementation.

(c) The corrective action plan must be reviewed and formally approved by the oversight agency.

(d) The oversight agency must establish a process to resolve disputes between itself and the rail transit agency resulting from the development or enforcement of a corrective action plan.

(e) The oversight agency must identify the process by which findings from an NTSB accident investigation will be evaluated to determine whether or not a corrective action plan should be developed by either the oversight agency or rail transit agency to address NTSB findings.

(f) The rail transit agency must provide the oversight agency:

  1. Verification that the corrective action(s) has been implemented as described in the corrective action plan, or that a proposed alternate action(s) has been implemented subject to oversight agency review and approval; and
  2. Periodic reports requested by the oversight agency, describing the status of each corrective action(s) not completely implemented, as described in the corrective action plan.

(g) The oversight agency must monitor and track the implementation of each approved corrective action plan.

*End of Citation from the revised Rule*

8.1 Objectives

This section addresses SOA's procedure to ensure that corrective action plans are developed and implemented by the RTA to address hazardous conditions identified through accident investigations, the hazard management process, deficiencies in the RTA's implementation of its SSPP or System Security Plan, or recommendations specified by SOA.

8.2 Minimum Requirements

The RTA must develop corrective action plans for the following:

Each corrective action plan shall identify:

The corrective action plan shall be submitted to the SOA for review and approval. In the event that the SOA and the RTA dispute the need, findings, or enforcement of a corrective action plan, SOA will allow the RTA 30 calendar days to submit its case. SOA will then issue final direction to the RTA regarding the corrective action plan.

In the event that the NTSB conducts an investigation, the RTA and SOA shall review the NTSB findings and recommendations to determine whether or not a corrective action plan should be developed by the RTA. If a corrective action plan is required either by the NTSB or SOA, the RTA shall develop it.

The RTA shall develop and maintain a Corrective Action Monitoring Log, which identifies all corrective action plans approved by SOA and presents their status. This log shall be submitted monthly to the SOA point-of-contact in electronic form via email or in hard copy via mail or fax. As corrective action plans are closed out, the RTA must submit verification that the corrective action(s) has been implemented as described in the corrective action plan or that a proposed alternative action(s) has been implemented. This verification should be submitted with the monthly Corrective Action Plan Tracking Log in electronic or hard copy format. In the monthly log, the RTA must also inform SOA concerning any alternative actions for implementing a corrective action plan.

8.3 Notification

The RTA shall develop a corrective action plan with the intent of addressing the hazard or deficiency identified as a result of an accident investigation, the hazard management process, or the internal and external safety and security audits/reviews performed by the RTA or SOA. The RTA shall submit the corrective action plan to the SOA for approval within 30 calendar days after the need for the corrective action plan been identified by either the RTA or SOA. Depending on the complexity of the issue requiring corrective action, and at SOA's discretion, additional time may be granted to the RTA to prepare the corrective action plan.

8.4 Corrective Action Plan Review and Approval

SOA will notify the RTA of its approval or rejection of a corrective action plan within 15 calendar days of receiving the corrective action plan. In the event SOA rejects a corrective action plan, SOA will state its reasons in writing and recommend revisions. The RTA shall submit a revised corrective action plan to SOA no later than 15 calendar days following the rejection.

8.5 Monitoring and Tracking

The RTA shall maintain a Corrective Action Monitoring Log and provide the SOA with monthly corrective action implementation updates. The RTA shall verify to SOA in writing when a corrective action has been fully implemented. The RTA corrective action is subject to independent SOA verification.

Figure 9 identifies the corrective action plan process.

Figure 9: Corrective Action Plan Process

[D]

9. Reporting to FTA

This section of the "Program Standard and Referenced Procedures" introduces the state oversight agency's process for reporting to FTA. Below, the relevant citations of the revised 49 CFR Part 659, which are addressed in this section of the sample "Program Standard and Referenced Procedures" are provided:

*Start of Citation from the revised Rule*

§ 659.39 Oversight agency reporting to the Federal Transit Administration.

(a) Initial submission. Each designated oversight agency with a rail fixed guideway system that is in passenger operations as of April 29, 2005 or will begin passenger operations by May 1, 2006, must make its initial submission to FTA by May 1, 2006. In states with rail fixed guideway systems initiating passenger operations after May 1, 2006, the designated oversight agency must make its initial submission within the time frame specified by the state in its designation submission, but not later than at least sixty (60) days prior to initiation of passenger operations. Any time a state changes its designated oversight agency to carry out the requirements identified in this part, the new oversight agency must make a new initial submission to FTA within thirty (30) days of the designation.

(b) An initial submission must include the following:

  1. Oversight agency program standard and referenced procedures; and
  2. Certification that the system safety program plan and the system security plan have been developed, reviewed, and approved.

(c) Annual submission. Before March 15 of each year, the oversight agency must submit the following to FTA:

  1. A publicly available annual report summarizing its oversight activities for the preceding twelve months, including a description of the causal factors of investigated accidents, status of corrective actions, updates and modifications to rail transit agency program documentation, and the level of effort used by the oversight agency to carry out its oversight activities.
  2. A report documenting and tracking findings from three-year safety review activities, and whether a three-year safety review has been completed since the last annual report was submitted.
  3. Program standard and supporting procedures that have changed during the preceding year.
  4. Certification that any changes or modifications to the rail transit agency system safety program plan or system security plan have been reviewed and approved by the oversight agency.

(d) Periodic submission. FTA retains the authority to periodically request program information.

(e) Electronic reporting. All submissions to FTA required in this part must be submitted electronically using a reporting system specified by FTA.

§ 659.43 Certification of compliance.

(a) Annually, the oversight agency must certify to the FTA that it has complied with the requirements of this part.

(b) The oversight agency must submit each certification electronically to FTA using a reporting system specified by FTA.

(c) The oversight agency must maintain a signed copy of each annual certification to FTA, subject to audit by FTA.

*End of Citation from the revised Rule*

9.1 Objective

This section addresses SOA's procedures for making initial, annual and periodic submissions to FTA's Office of Safety and Security, in compliance with 49 CFR Part 659.39 and Part 659.43.

9.2 Reporting Requirements to FTA

Initial Submission. SOA will make its Initial Submission to FTA's Office of Safety and Security by May 1, 2006. This submission will be delivered to FTA's Office of Safety and Security in the format and method specified by FTA and communicated to the SOA point-of-contact. The Initial Submission includes:

A sample certification that the system safety program plan and the system security plan have been developed, reviewed, and approved is located in Appendix K.

In the event that the state should ever determine that oversight authority should be transferred to another agency of the state, SOA will work with this agency to ensure that a new Initial Submission is delivered to FTA within thirty (30) days of the determination to make change. SOA will also work with this agency to ensure that at no point are the RTAs affected by 49 CFR Part 659 left without a duly authorized oversight agency.

Annual Submission. Before March 15 of each year, SOA must submit the following to FTA:

Annual Certification. With its Annual Submission, SOA must certify to the FTA that it has complied with the requirements of 49 CFR Part 659. SOA will submit this certification electronically to FTA using a reporting system specified by FTA. SOA will maintain a signed copy of each annual certification to FTA, subject to audit by FTA.

Periodic Submissions. Status reports of accidents/incidents, hazardous conditions, and corrective action plans or other program information must be forwarded to the FTA upon request.

SOA will ensure that all submissions to FTA are submitted electronically using the reporting system specified by FTA.

Figure (Graphic) Descriptions in this HTML Document

Figure 2

This is flowchart depicting the "SSPP Approval Process" as described in the text of Chapter 2 of this document.

Return to Figure 2

Figure 4

This is flowchart depicting the "System Security Plan Approval Process" as described in the text of Chapter 3 of this document.

Return to Figure 4

Figure 5

This is flowchart depicting the "Internal Safety and Security Review Process" as described in the text of Chapter 4 of this document.

Return to Figure 5

Figure 6

This is an image of an actual form. The form is titled, "Hazard Tracking Matrix". The top half consists of a table, 7 columns wide by 17 rows. The column headers are (in order): No., Description, Date Identified, Source, Assessment Results, Recommendations, and Status. The bottom half of the form notes the definitions for each header as:

Return to Figure 6

Figure 7

This is flowchart depicting the "Three-Year Safety and Security Review Process " as described in the text of Chapter 7 of this document.

Return to Figure 7

Figure 9

This is flowchart depicting the "Corrective Action Plan Process" as described in the text of Chapter 8 of this document.

Return to Figure 9

Appendix A: Authority for the State Oversight Agency

[In this Appendix, the designated state oversight agency should insert the Executive Order, enabling legislation or other source of authority for the State Safety and Security Oversight program.]

Appendix B

49 CFR Part 659 “Rail Fixed Guideway Systems; State Safety Oversight; Final Rule”

April 29, 2005

Subpart A – General Provisions

§ 659.1 Purpose

This part implements 49 U.S.C. 5330 by requiring a state to oversee the safety and security of rail fixed guideway systems through a designated oversight agency.

§ 659.3 Scope

This part applies to a state that has within its boundaries a rail fixed guideway system, as defined in this part.

§ 659.5 Definitions

Contractor means an entity that performs tasks required by this part on behalf of the oversight or rail transit agency. The rail transit agency may not be a contractor for the oversight agency.

Corrective action plan means a plan developed by the rail transit agency that describes the actions the rail transit agency will take to minimize, control, correct, or eliminate hazards, and the schedule for implementing for those actions.

FRA means the Federal Railroad Administration, an agency within the U.S. Department of Transportation.

FTA means the Federal Transit Administration, an agency within the U.S. Department of Transportation. >

Hazard means any real or potential condition (as defined in the rail transit agency’s hazard management process) that can cause injury, illness, or death; damage to or loss of a system, equipment or property; or damage to the environment.

Individual means a passenger; employee; contractor; other rail transit facility worker; pedestrian; trespasser; or any person on rail transit-controlled property.

Investigation means the process used to determine the causal and contributing factors of an accident or hazard, so that actions can be identified to prevent recurrence.

New Starts Project means any rail fixed guideway system funded under FTA’s 49 U.S.C. 5309 discretionary construction program.

Oversight Agency means the entity, other than the rail transit agency, designated by the state or several states to implement this part.

Passenger means a person who is on board, boarding, or alighting from a rail transit vehicle for the purpose of travel.

Passenger operations means the period of time when any aspect of rail transit agency operations are initiated with the intent to carry passengers.

Program standard means a written document developed and adopted by the oversight agency, that describes the policies, objectives, responsibilities, and procedures used to provide rail transit agency safety and security oversight.

Rail fixed guideway system means, as determined by FTA, any light, heavy, or rapid rail system, monorail, inclined plane, funicular, trolley, or automated guideway that:

(1) Is not regulated by the Federal Railroad Administration; and

(2) Is included in FTA’s calculation of fixed guideway route miles or receives funding under FTA’s formula program for urbanized areas (49 U.S.C. 5336); or

(3) Has submitted documentation to FTA indicating its intent to be included in FTA’s calculation of fixed guideway route miles to receive funding under FTA’s formula program for urbanized areas (49 U.S.C. 5336).

Rail transit agency means an entity that operates a rail fixed guideway system.

Rail transit-controlled property means property that is used by the rail transit agency and may be owned, leased, or maintained by the rail transit agency.

Rail transit vehicle means the rail transit agency’s rolling stock, including, but not limited to passenger and maintenance vehicles.

Safety means freedom from harm resulting from unintentional acts or circumstances.

Security means freedom from harm resulting from intentional acts or circumstances.

State means a state of the United States, the District of Columbia, Puerto Rico, the Northern Mariana Islands, Guam, American Samoa and the Virgin Islands.

System safety program plan means a document developed by the rail transit agency, describing its safety policies, objectives, responsibilities, and procedures.

System security plan means a document developed by the rail transit agency describing its security policies, objectives, responsibilities, and procedures.

Subpart B – Role of the State

§ 659.7 Withholding of funds for noncompliance

(a) The Administrator of the FTA may withhold up to five percent of the amount required to be distributed to any state or affected urbanized area in such state under FTA’s formula program for urbanized areas, if:

(1) The state in the previous fiscal year has not met the requirements of this part; and

(2) The Administrator determines that the state is not making adequate efforts to comply with this part.

(b) The Administrator may agree to restore withheld formula funds, if compliance is achieved within two years (See 49 U.S.C. 5330).

§ 659.9 Designation of oversight agency

(a) General requirement. Each state with an existing or anticipated rail fixed guideway system regulated by this part shall designate an oversight agency consistent with the provisions of this section. For a rail fixed guideway system that will operate in only one state, the state must designate an agency of the state, other than the rail transit agency, as the oversight agency to implement the requirements in this part. The state’s designation or re-designation of its oversight agency and submission of required information as specified in this section, are subject to review by FTA.

(b) Exception. States which have designated oversight agencies for purposes of this part before May 31, 2005 are not required to re-designate to FTA.

(c) Timing. The state designation of the oversight agency shall:

(1) Coincide with the execution of any grant agreement for a New Starts project between FTA and a rail transit agency within the state’s jurisdiction; or

(2) Occur before the application by a rail transit agency for funding under FTA’s formula program for urbanized areas (49 U.S.C. 5336).

(d) Notification to FTA. Within (60) days of designation of the oversight agency, the state must submit to FTA the following:

(1) The name of the oversight agency designated to implement requirements in this part;

(2) Documentation of the oversight agency’s authority to provide state oversight;

(3) Contact information for the representative identified by the designated oversight agency with responsibility for oversight activities;

(4) A description of the organizational and financial relationship between the designated oversight agency and the rail transit agency; and

(5) A schedule for the designated agency’s development of its State Safety Oversight Program, including the projected date of its initial submission, as required in § 659.39(a).

(e) Multiple states. In cases of a rail fixed guideway system that will operate in more than one state, each affected state must designate an agency of the state, other than the rail transit agency, as the oversight agency to implement the requirements in this part. To fulfill this requirement, the affected states:

(1) May agree to designate one agency of one state, or an agency representative of all states, to implement the requirements in this part; and

(2) In the event multiple states share oversight responsibility for a rail fixed guideway system, the states must ensure that the rail fixed guideway system is subject to a single program standard, adopted by all affected states.

(f) Change of designation. Should a state change its designated oversight agency, it shall submit the information required under paragraph (d) of this section to FTA within (30) days of its change. In addition, the new oversight agency must submit a new initial submission, consistent with § 659.39(b), within (30) days of its designation.

§ 659.11 Confidentiality of investigation reports and security plans

(a) A state may withhold an investigation report that may have been prepared or adopted by the oversight agency from being admitted as evidence or used in a civil action for damages resulting from a matter mentioned in the report.

(b) This part does not require public availability of the rail transit agency’s security plan and any referenced procedures.

Subpart C – Role of the State Oversight Agency

§ 659.13 Overview

The state oversight agency is responsible for establishing standards for rail safety and security practices and procedures to be used by rail transit agencies within its purview. In addition, the state oversight agency must oversee the execution of these practices and procedures, to ensure compliance with the provisions of this part. This subpart identifies and describes the various requirements for the state oversight agency.

§ 659.15 System safety program standard

(a) General requirement. Each state oversight agency shall develop and distribute a program standard. The program standard is a compilation of processes and procedures that governs the conduct of the oversight program at the state oversight agency level, and provides guidance to the regulated rail transit properties concerning processes and procedures they must have in place to be in compliance with the state safety oversight program. The program standard and any referenced program procedures must be submitted to FTA as part of the initial submission. Subsequent revisions and updates must be submitted to FTA as part of the oversight agency’s annual submission.

(b) Contents. Each oversight agency shall develop a written program standard that meets the requirements specified in this part and includes, at a minimum, the areas identified in this section. >

(1) Program management section. This section shall include an explanation of the oversight agency’s authority, policies, and roles and responsibilities for providing safety and security oversight of the rail transit agencies within its jurisdiction. This section shall provide an overview of planned activities to ensure on-going communication with each affected rail transit agency relating to safety and security information, as well as FTA reporting requirements, including initial, annual and periodic submissions.

(2) Program standard development section. This section shall include a description of the oversight agency’s process for the development, review, and adoption of the program standard, the modification and/or update of the program standard, and the process by which the program standard and any subsequent revisions are distributed to each affected rail transit agency.

(3) Oversight of rail transit agency internal safety and security reviews. This section shall specify the role of the oversight agency in overseeing the rail transit agency internal safety and security review process. This includes a description of the process used by the oversight agency to receive rail transit agency checklists and procedures and approve the rail transit agency’s annual reports on findings, which must be submitted under the signature of the rail transit agency’s top management.

(4) Oversight agency safety and security review section. This section shall lay out the process and criteria to be used at least every three years in conducting a complete review of each affected rail transit agency’s implementation of its system safety program plan and system security plan. This section includes the process to be used by the affected rail transit agency and the oversight agency to manage findings and recommendations from this review. This also includes procedures for notifying the oversight agency before the rail transit agency conducts an internal review.

(5) Accident notification section. This section shall include the specific requirements for the rail transit agency to notify the oversight agency of accidents. This section shall also include required timeframes, methods of notification, and the information to be submitted by the rail transit agency. Additional detail on this portion is included in §659.33 of this part.

(6) Investigations section. This section contains the oversight agency identification of the thresholds for incidents that require an oversight agency investigation. The roles and responsibilities for conducting investigations shall include: coordination with the rail transit agency investigation process, the role of the oversight agency in supporting investigations and findings conducted by the NTSB, review and concurrence of investigation report findings, and procedures for protecting the confidentiality of investigation reports.

(7) Corrective actions section. This section shall specify oversight agency criteria for the development of corrective action plan(s) and the process for the review and approval of a corrective action plan developed by the rail transit agency. This section shall also identify the oversight agency’s policies for the verification and tracking of corrective action plan implementation, and its process for managing conflicts with the rail transit agency relating to investigation findings and corrective action plan development.

(8) System safety program plan section. This section shall specify the minimum requirements to be contained in the rail transit agency’s system safety program plan. The contents of the system safety plan are discussed in more detail in § 659.19 of this part. This section shall also specify information to be included in the affected rail transit agency’s system safety program plan relating to the hazard management process, including requirements for ongoing communication and coordination relating to the identification, categorization, resolution, and reporting of hazards to the oversight agency. More details on the hazard management process are contained in § 659.31 of this part. This section shall also describe the process and timeframe through which the oversight agency must receive, review, and approve the rail transit agency system safety program plan.

(9) System security plan section. This section shall specify the minimum requirements to be included in the rail transit agency’s system security plan. More details about the system security plan are contained in §§ 659.21 through 659.23 of this part. This section shall also describe the process by which the oversight agency will review and approve the rail transit agency system security program plan. This section also shall identify how the state will prevent the system security plan from public disclosure.

§ 659.17 System safety program plan: general requirements

(a) The oversight agency shall require the rail transit agency to develop and implement a written system safety program plan that complies with requirements in this part and the oversight agency’s program standard.

(b) The oversight agency shall review and approve the rail transit agency system safety program plan.

(c) After approval, the oversight agency shall issue a formal letter of approval to the rail transit agency, including the checklist used to conduct the review.

§ 659.19 System safety program plan: contents

The system safety plan shall include, at a minimum:

(a) A policy statement signed by the agency’s chief executive that endorses the safety program and describes the authority that establishes the system safety program plan.

(b) A clear definition of the goals and objectives for the safety program and stated management responsibilities to ensure they are achieved.

(c) An overview of the management structure of the rail transit agency, including:

(1) An organization chart;

(2) A description of how the safety function is integrated into the rest of the rail transit organization; and

(3) Clear identification of the lines of authority used by the rail transit agency to manage safety issues.

d) The process used to control changes to the system safety program plan, including:

(1) Specifying an annual assessment of whether the system safety program plan should be updated; and

(2) Required coordination with the oversight agency, including timeframes for submission, revision, and approval.

(e) A description of the specific activities required to implement the system safety program, including:

(1) Tasks to be performed by the rail transit safety function, by position and management accountability, specified in matrices and/or narrative format; and

(2) Safety-related tasks to be performed by other rail transit departments, by position and management accountability, specified in matrices and/or narrative format.

(f) A description of the process used by the rail transit agency to implement its hazard management program, including activities for:

(1) Hazard identification;

(2) Hazard investigation, evaluation and analysis;

(3) Hazard control and elimination;

(4) Hazard tracking; and

(5) Requirements for on-going reporting to the oversight agency relating to hazard management activities and status.

(g) A description of the process used by the rail transit agency to ensure that safety concerns are addressed in modifications to existing systems, vehicles, and equipment, which do not require formal safety certification but which may have safety impacts.

(h) A description of the safety certification process required by the rail transit agency to ensure that safety concerns and hazards are adequately addressed prior to the initiation of passenger operations for New Starts and subsequent major projects to extend, rehabilitate, or modify an existing system, or to replace vehicles and equipment.

(i) A description of the process used to collect, maintain, analyze, and distribute safety data, to ensure that the safety function within the rail transit organization receives the necessary information to support implementation of the system safety program.

(j) A description of the process used by the rail transit agency to perform accident notification, investigation and reporting, including:

(1) Notification thresholds for internal and external organizations;

(2) Accident investigation process and references to procedures;

(3) The process used to develop, implement, and track corrective actions that address investigation findings;

(4) Reporting to internal and external organizations; and

(5) Coordination with the oversight agency.

(k) A description of the process used by the rail transit agency to develop an approved, coordinated schedule for all emergency management program activities, which include:

(1) Meetings with external agencies;

(2) Emergency planning responsibilities and requirements;

(3) Process used to evaluate emergency preparedness, such as annual emergency field exercises;

(4) After action reports and implementation of findings;

(5) Revision and distribution of emergency response procedures;

(6) Familiarization training for public safety organizations; and

(7) Employee training.

(l) A description of the process used by the rail transit agency to ensure that planned and scheduled internal safety reviews are performed to evaluate compliance with the system safety program plan, including:

(1) Identification of departments and functions subject to review;

(2) Responsibility for scheduling audits;

(3) Process for conducting reviews, including the development of checklists and procedures and the issuing of findings;

(4) Review of reporting requirements;

(5) Tracking the status of implemented recommendations; and

(6) Coordination with the oversight agency.

(m) A description of the process used by the rail

(1) Identification of operating and maintenance rules and procedures subject to review;

(2) Techniques used to assess the implementation of operating and maintenance rules and procedures by employees, such as performance testing;

(3) Techniques used to assess the effectiveness of supervision relating to the implementation of operating and maintenance rules; and

(4) Process for documenting results and incorporating them into the hazard management program.

(n) A description of the process used for facilities and equipment safety inspections, including:

(1) Identification of the facilities and equipment subject to regular safety-related inspection and testing;

(2) Techniques used to conduct inspections and testing;

(3) Inspection schedules and procedures; and

(4) Description of how results are entered into the hazard management process.

(o) A description of the maintenance audits and inspections program, including identification of the affected facilities and equipment, maintenance cycles, documentation required, and the process for integrating identified problems into the hazard management process.

(p) A description of the training and certification program for employees and contractors, including:

(1) Categories of safety-related work requiring training and certification;

(2) A description of the training and certification program for employees and contractors in safety-related positions;

(3) Process used to maintain and access employee and contractor training records; and

(4) Process used to assess compliance with training and certification requirements.

(q) A description of the configuration management control process, including:

(1) The authority to make configuration changes;

(2) Process for making changes; and

(3) Assurances necessary for formally notifying all involved departments.

(r) A description of the safety program for employees and contractors that incorporates the applicable local, state, and federal requirements, including:

(1) Safety requirements that employees and contractors must follow when working on, or in close proximity to, rail transit agency property; and

(2) Processes for ensuring the employees and contractors know and follow the requirements.

(s) A description of the hazardous materials program, including the process used to ensure knowledge of and compliance with program requirements.

(t) A description of the drug and alcohol program and the process used to ensure knowledge of and compliance with program requirements.

(u) A description of the measures, controls, and assurances in place to ensure that safety principles, requirements and representatives are included in the rail transit agency’s procurement process.

§ 659.21 System security plan: general requirements

(a) The oversight agency shall require the rail transit agency to implement a system security plan that, at a minimum, complies with requirements in this part and the oversight agency’s program standard. The system security plan must be developed and maintained as a separate document and may not be part of the rail transit agency’s system safety program plan.

(b) The oversight agency may prohibit a rail transit agency from publicly disclosing the system security plan.

(c) After approving the system security plan, the oversight agency shall issue a formal letter of approval, including the checklist used to conduct the review, to the rail transit agency.

§ 659.23 System security plan: contents

The system security plan must, at a minimum address the following:

(a) Identify the policies, goals, and objectives for the security program endorsed by the agency’s chief executive;

(b) Document the rail transit agency’s process for managing threats and vulnerabilities during operations, and for major projects, extensions, new vehicles and equipment, including integration with the safety certification process;

(c) Identify controls in place that address the personal security of passengers and employees;

(d) Document the rail transit agency’s process for conducting internal security reviews to evaluate compliance and measure the effectiveness of the system security plan; and

(e) Document the rail transit agency’s process for making its system security plan and accompanying procedures available to the oversight agency for review and approval.

§ 659.25 Annual review of system safety program plan and system security plan

(a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan and system security plan.

(b) In the event the rail transit agency’s system safety program plan is modified, the rail transit agency must submit the modified plan and any subsequently modified procedures to the oversight agency for review and approval. After the plan is approved, the oversight agency must issue a formal letter of approval to the rail transit agency.

(c) In the event the rail transit agency’s system security plan is modified, the rail transit agency must make the modified system security plan and accompanying procedures available to the oversight agency for review, consistent with requirements specified in § 659.23(e) of this part. After the plan is approved, the oversight agency shall issue a formal letter of approval to the rail transit agency.

§ 659.27 Internal safety and security reviews

(a) The oversight agency shall require the rail transit agency to develop and document a process for the performance of on-going internal safety and security reviews in its system safety program plan.

(b) The internal safety and security review process must, at a minimum:

(1) Describe the process used by the rail transit agency to determine if all identified elements of its system safety program plan and system security plan are performing as intended; and

(2) Ensure that all elements of the system safety program plan and system security plan are reviewed in an ongoing manner and completed over a three-year cycle.

(c) The rail transit agency must notify the oversight agency at least thirty (30) days before the conduct of scheduled internal safety and security reviews.

(d) The rail transit agency shall submit to the oversight agency any checklists or procedures it will use during the safety portion of its review.

e) The rail transit agency shall make available to the oversight agency any checklists or procedures subject to the security portion of its review, consistent with § 659.23(e).

(f) The oversight agency shall require the rail transit agency to annually submit a report documenting internal safety and security review activities and the status of subsequent findings and corrective actions. The security part of this report must be made available for oversight agency review, consistent with § 659.23(e).

(g) The annual report must be accompanied by a formal letter of certification signed by the rail transit agency’s chief executive, indicating that the rail transit agency is in compliance with its system safety program plan and system security plan.

(h) If the rail transit agency determines that findings from its internal safety and security reviews indicate that the rail transit agency is not in compliance with its system safety program plan or system security plan, the chief executive must identify the activities the rail transit agency will take to achieve compliance.

(i) The oversight agency must formally review and approve the annual report.

§ 659.29 Oversight agency safety and security reviews

At least every three (3) years, beginning with the initiation of rail transit agency passenger operations, the oversight agency must conduct an on-site review of the rail transit agency’s implementation of its system safety program plan and system security plan. Alternatively, the on-site review may be conducted in an on-going manner over the three year timeframe. At the conclusion of the review cycle, the oversight agency must prepare and issue a report containing findings and recommendations resulting from that review, which, at a minimum, must include an analysis of the effectiveness of the system safety program plan and the security plan and a determination of whether either should be updated.

§ 659.31 Hazard management process

(a) The oversight agency must require the rail transit agency to develop and document in its system safety program plan a process to identify and resolve hazards during its operation, including any hazards resulting from subsequent system extensions or modifications, operational changes, or other changes within the rail transit environment.

(b) The hazard management process must, at a minimum:

(1) Define the rail transit agency’s approach to hazard management and the implementation of an integrated system-wide hazard resolution process;

(2) Specify the sources of, and the mechanisms to support, the on-going identification of hazards;

(3) Define the process by which identified hazards will be evaluated and prioritized for elimination or control;

(4) Identify the mechanism used to track through resolution the identified hazard(s);

(5) Define minimum thresholds for the notification and reporting of hazard(s) to oversight agencies; and

(6) Specify the process by which the rail transit agency will provide on-going reporting of hazard resolution activities to the oversight agency.

§ 659.33 Accident notification

(a) The oversight agency must require the rail transit agency to notify the oversight agency within two (2) hours of any incident involving a rail transit vehicle or taking place on rail transit-controlled property where one or more of the following occurs:

(1) A fatality at the scene; or where an individual is confirmed dead within thirty (30) days of a rail transit-related incident;

(2) Injuries requiring immediate medical attention away from the scene for two or more individuals;

(3) Property damage to rail transit vehicles, non-rail transit vehicles, other rail transit property or facilities and non-transit property that equals or exceeds $25,000;

(4) An evacuation due to life safety reasons;

(5) A collision at a grade crossing;

(6) A main-line derailment;

(7) A collision with an individual on a rail right of way; or

(8) A collision between a rail transit vehicle and a second rail transit vehicle, or a rail transit non-revenue vehicle.

(b) The oversight agency shall require rail transit agencies that share track with the general railroad system and are subject to the Federal Railroad Administration notification requirements, to notify the oversight agency within two (2) hours of an incident for which the rail transit agency must also notify the Federal Railroad Administration.

(c) The oversight agency shall identify in its program standard the method of notification and the information to be provided by the rail transit agency

§ 659.35 Investigations

(a) The oversight agency must investigate, or cause to be investigated, at a minimum, any incident involving a rail transit vehicle or taking place on rail transit-controlled property meeting the notification thresholds identified in § 659.33(a).

(b) The oversight agency must use its own investigation procedures or those that have been formally adopted from the rail transit agency and that have been submitted to FTA.

(c) In the event the oversight agency authorizes the rail transit agency to conduct investigations on its behalf, it must do so formally and require the rail transit agency to use investigation procedures that have been formally approved by the oversight agency.

(d) Each investigation must be documented in a final report that includes a description of investigation activities, identified causal and contributing factors, and a corrective action plan.

(e) A final investigation report must be formally adopted by the oversight agency for each accident investigation:

(1) If the oversight agency has conducted the investigation, it must formally transmit its final investigation report to the rail transit agency.

(2) If the oversight agency has authorized an entity other than itself (including the rail transit agency) to conduct the accident investigation on its behalf, the oversight agency must review and formally adopt the final investigation report.

(3) If the oversight agency does not concur with the findings of the rail transit agency investigation report, it must either:

(i) Conduct its own investigation according to paragraphs (b), (d) and (e)(1) of this section; or

(ii) Formally transmit its dissent to the findings of the accident investigation, report its dissent to the rail transit agency, and negotiate with the rail transit agency until a resolution on the findings is reached.

(f) The oversight agency shall have the authority to require periodic status reports that document investigation activities and findings in a time frame determined by the oversight agency.

§ 659.37 Corrective action plans

(a) The oversight agency must, at a minimum, require the development of a corrective action plan for the following:

(1) Results from investigations, in which identified causal and contributing factors are determined by the rail transit agency or oversight agency as requiring corrective actions; and

(2) Findings from safety and security reviews performed by the oversight agency.

(b) Each corrective action plan should identify the action to be taken by the rail transit agency, an implementation schedule, and the individual or department responsible for the implementation.

(c) The corrective action plan must be reviewed and formally approved by the oversight agency.

(d) The oversight agency must establish a process to resolve disputes between itself and the rail transit agency resulting from the development or enforcement of a corrective action plan.

(e) The oversight agency must identify the process by which findings from an NTSB accident investigation will be evaluated to determine whether or not a corrective action plan should be developed by either the oversight agency or rail transit agency to address NTSB findings.

(f) The rail transit agency must provide the oversight agency:

(1) Verification that the corrective action(s) has been implemented as described in the corrective action plan, or that a proposed alternate action(s) has been implemented subject to oversight agency review and approval; and

(2) Periodic reports requested by the oversight agency, describing the status of each corrective action(s) not completely implemented, as described in the corrective action plan.

(g) The oversight agency must monitor and track the implementation of each approved corrective action plan.

§ 659.39 Oversight agency reporting to the Federal Transit Administration

(a) Initial submission. Each designated oversight agency with a rail fixed guideway system that is in passenger operations as of April 29, 2005 or will begin passenger operations by May 1, 2006, must make its initial submission to FTA by May 1, 2006. In states with rail fixed guideway systems initiating passenger operations after May 1, 2006, the designated oversight agency must make its initial submission within the time frame specified by the state in its designation submission, but not later than at least sixty (60) days prior to initiation of passenger operations. Any time a state changes its designated oversight agency to carry out the requirements identified in this part, the new oversight agency must make a new initial submission to FTA within thirty (30) days of the designation.

 

b) An initial submission must include the following:

(1) Oversight agency program standard and referenced procedures; and

(2) Certification that the system safety program plan and the system security plan have been developed, reviewed, and approved.

(c) Annual submission. Before March 15 of each year, the oversight agency must submit the following to FTA:

(1) A publicly available annual report summarizing its oversight activities for the preceding twelve months, including a description of the causal factors of investigated accidents, status of corrective actions, updates and modifications to rail transit agency program documentation, and the level of effort used by the oversight agency to carry out its oversight activities.

(2) A report documenting and tracking findings from three-year safety review activities, and whether a three-year safety review has been completed since the last annual report was submitted.

(3) Program standard and supporting procedures that have changed during the preceding year.

(4) Certification that any changes or modifications to the rail transit agency system safety program plan or system security plan have been reviewed and approved by the oversight agency.

(d) Periodic submission. FTA retains the authority to periodically request program information.

(e) Electronic reporting. All submissions to FTA required in this part must be submitted electronically using a reporting system specified by FTA.

§ 659.41 Conflict of interest

The oversight agency shall prohibit a party or entity from providing services to both the oversight agency and rail transit agency when there is a conflict of interest, as defined by the state.

§ 659.43 Certification of compliance

(a) Annually, the oversight agency must certify to the FTA that it has complied with the requirements of this part.

(b) The oversight agency must submit each certification electronically to FTA using a reporting system specified by FTA.

(c) The oversight agency must maintain a signed copy of each annual certification to FTA, subject to audit by FTA.

Appendix C: Organization Charts

Figure 1: Sample State Department of Transportation

Organization Chart



 

Figure 2: Sample State Safety Oversight Department

Organization Chart

Appendix D: Rail Transit Agency Safety and Security Points-of-Contact

Rail Transit Agency Point-of-Contact Information

(Continue for as many contacts as needed)

Appendix E: Program Requirements for Development of a Rail Transit Agency System Safety Program Plan (SSPP)

 

SAMPLE

State Oversight Agency Program Requirements for the Development of Rail Transit Agency System Safety Program Plans

This document has been developed to serve as a template for use by state oversight agencies in specifying the requirements established in 49 CFR Part 659 for the development of a rail transit agency System Safety Program Plan (SSPP). State oversight agencies can adopt or tailor this document to establish the requirements to be addressed by rail transit agencies in developing or revising their SSPP to address the 21 elements specified in 49 CFR Part 659.17.

NOTE: Complete samples for each of the 21 required SSPP sections are available on the CD-ROM that is provided with the FTA’s Implementation Guidelines for 49 CFR Part 659.

Table of Contents

1. Executive Approval (Policy Statement)
2. Purpose, Goals and Objectives
2.1 Purpose
2.2 Goals
2.3 Objectives
3. Management Structure
3.1 Overview
3.2 Integration of Safety Function
3.3 Lines of Authority for Safety
4. Plan Review and Modification
4.1 Annual SSPP Review
4.2 SSPP Control and Update Procedures
4.3 SSPP Review and Approval by the State Oversight Agency
4.4 SSPP Change Management
5. SSPP Implementation – Tasks and Activities
5.1 Overview
5.2 System Safety Function
5.3 Safety Responsibilities of Other Departments
5.4 Safety Task Responsibility Matrix (Or Narrative Description)
6. Hazard Management
6.1 Overview
6.2 Hazard Management Process – Activities and Methodologies
6.3 Coordinating with the State Oversight Agency
7. Safety Certification
8. Managing Safety in System Modifications
9. Safety Data Acquisition
9.1 Data Acquisition Process
9.2 Access to Data
10. Accident/Incident Notification, Investigation and Reporting
10.1 Overview
10.2 Accident/Incident Investigation Criteria
10.3 Accident/Incident Investigation Procedures
10.4 Internal Notification Procedure
10.5 External Notification Procedure
10.6 Accident/Incident Reporting and Documentation
10.7 Corrective Action Resulting from Accident Investigation
10.8 Coordination with State Oversight Agency
11. Emergency Response Planning/Coordination/Training
11.1 Responsibilities for Emergency Preparedness
11.2 Coordinated Schedule
11.3 Emergency Exercises
11.4 Emergency Procedures
11.5 Emergency Training
11.6 Familiarization Training
12. Internal Safety Audit Process
12.1 Overview
12.2 Scope of Activities
12.3 Audit Process
13. Rules Compliance/Procedures Review
13.1 Overview
13.2 Review of Rules and Procedures
13.3 Process for Ensuring Rules Complianc
13.4 Compliance Techniques – Operations and Maintenance Personnel
13.5 Compliance Techniques – Supervisory Personnel
13.6 Documentation
14. Facilities and Equipment Inspections
14.1 Facilities and Equipment Subject to Inspection
14.2 Regular Inspection and Testing
14.3 Checklists
14.4 Coordination with Hazard Management Process
15. Maintenance Audits/Inspections
15.1 Systems and Facilities Subject to Maintenance Program
15.2 Resolution of Audit/Inspection Findings
15.3 Checklists
16. Training and Certification Review/Audit
16.1 Overview
16.2 Employee Safety
16.3 Contractor Safety
16.4 Record Keeping
16.5 Compliance with Training Requirements
17. Configuration Management
17.1 Overview
17.2 Process for Changes
17.3 Authority for Change
18. Compliance with Local, State and Federal Requirements
18.1 Employee Safety Program
18.2 Working on or near Rail Transit Controlled Property
18.3 Compliance with Required Safety Programs
19. Hazardous Materials
20. Drug & Alcohol Abuse
21. Procurement

1. Executive Approval (Policy Statement)

A policy statement must be provided which establishes the System Safety Program Plan (SSPP) as an operating document that has been prepared for, and approved by, rail transit agency top management.

The policy statement should define, as clearly as possible, the authority for the establishment and implementation of the SSPP. As appropriate, reference should be made to the authority provided by state and local statues to develop and safely operate the rail transit system. The role of the oversight agency in requiring the SSPP and monitoring its establishment and implementation should be clearly described.

Reference should be made to management's approval, either by referencing the enabling signature on the title page or by other means.

2. Purpose, Goals and Objectives

2.1 Purpose

This section must explain the purpose of the SSPP. The SSPP establishes the activities that must be performed by all departments within the rail transit agency to ensure safe operations and work practices. The SSPP establishes the safety philosophy of the rail transit agency and provides the means and authority for implementing that philosophy.

2.2 Goals

This section of the SSPP should identify the goals developed by the rail transit agency to meet the purpose established for the SSPP. Goals are broad statements of ideal future conditions for the safety program that are desired by the rail transit agency, endorsed by top management, and are supported by specific objectives to aid in their attainment. Goals must be realistic and generally are presented in qualitative terms. Sample goals may include the following:

2.3 Objectives

Objectives are the working elements of the SSPP, the means by which the identified goals are achieved. Unlike goals, objectives must be easily quantifiable. They must provide a framework for guiding the day-to-day activities that provide for a safe rail transit operation.

Sample objectives may include the following:

The SSPP should identify the titles and departments of persons responsible for developing and monitoring these goals and objectives. Quarterly, semi-annual, or annual reporting on the performance of the rail transit agency in meeting its goals and objectives should also be specified. Reports should be provided to the rail transit agency’s executive leadership.

3. Management Structure

The primary purpose of this section is to provide organizational information and operating parameters for both those outside the organization that need to understand the rail transit system, and those inside the organization to have clearly defined lines of report and responsibility delineation. The information presented should be sufficient to allow non-technical and non-transit persons to understand the system and its basic operations.

3.1 Overview

This section should provide a narrative description of the organization of the rail transit agency and include an organization chart. All major departments/functions should be introduced.

3.1.1 General Overview and History of Transit Agency

This section should describe when and how the rail transit agency was established, a brief history of service delivery, and major milestones in the rail transit agency’s history.

3.1.2 Scope of Transit Services

This section should describe the various modes of transportation provided by the transit organization, including the number of passengers, the number of routes, the day and hours of service provided, and operational characteristics that could affect safety and security.

3.1.3 Physical Plant

This section should describe the size, location, and function of the transit agency’s physical assets including: maintenance facilities, offices, stations, vehicles, signals, and structures for all modes.

3.1.4 Operations

The section should include a description of the role, the responsibilities and the organization of the operating departments.

3.1.5 Maintenance

This section should describe the role, the responsibilities, and the organization of the various maintenance departments. The type of maintenance required by each of the major systems and facilities should be briefly described.

3.2 Integration of Safety Function

This section of the SSPP should describe the organization of the rail transit safety function, and its relationship to the rail transit agency organization. An organizational chart of the system safety function should be provided as well as an organizational chart(s) demonstrating the relationship of the system safety function to the other rail transit agency departments/functions.

3.3 Lines of Authority for Safety

This section of the SSPP should describe the authority of the safety function to work with rail transit departments and executive leadership to receive information, identify safety concerns, conduct internal audits and inspections, develop recommendations and corrective action plans to address safety concerns, track and verify the implementation of recommendations and corrective action plans, and report, on a regular basis, to executive management.

4. Plan Review and Modification

4.1 Annual SSPP Review

Once developed, the SSPP is vulnerable to becoming out-of-date if it is not revised to:

On-going review and revision ensures the status of the SSPP as a “living document” at the rail transit agency.

As specified in 49 CFR Part 659 (§ 659.25), state oversight agencies must now require an annual review of the rail transit agency’s SSPP to determine if it should be updated. This section of the SSPP should clarify that the rail transit agency will conduct a complete and thorough review of its SSPP annually. If an established schedule is in place to manage this annual review process, it should also be mentioned in this section. Any time-frames specified by the state oversight agency for this review should also be addressed.

4.2 SSPP Control and Update Procedures

This section of the SSPP should describe the rail transit agency’s process for updating the SSPP. For many rail transit agencies, revision of the SSPP is conducted through a committee devoted to safety issues. The revision process istypically led by a designated member of the system safety function. Inputs for revisions are solicited from all rail transit agency staff, contractors, and the state oversight agency. At some rail transit agencies, the SSPP may be classified as a controlled document. As such, it is subject to formal document control procedures, including designation of control copies which are issued to individuals within rail transit agency by name and/or job title.

Whatever process is used by the rail transit agency to prepare revisions, once the revised version of the SSPP is complete, it typically must be reviewed and accepted by a designated committee or set of departments/functions. The accepted version of the SSPP is then usually forwarded on to the General Manager for approval and signature.

4.3 SSPP Review and Approval by the State Oversight Agency

This section should explain how the rail transit agency will interface with the state oversight agency regarding the review and approval of the SSPP. Requirements should be detailed regarding how the rail transit agency will notify the state oversight agency regarding its performance of the annual review to determine whether the SSPP should be updated. In the event that an update is necessary, the rail transit agency will conform to its SSPP update process, and the timeframes and requirements specified by the state oversight agency in its Program Standard. In the event that an update is not needed for that year, the rail transit agency will notify the state oversight using the method and timeframe specified in the oversight agency’s Program Standard.

This section should also explain how the rail transit agency will respond to requests from the state oversight agency for revisions, additional information or other items, and how conflicts will be resolved regarding differences in opinion between the rail transit agency and the state oversight agency. Finally, this section should also explain how the rail transit agency will receive the completed SSPP review checklist and formal correspondence letter from the state oversight agency, and adopt as final the SSPP that is approved by the state oversight agency.

4.4 SSPP Change Management

This section should identify the departments and persons responsible for each of the steps in reviewing, revising, approving and issuing changes to the SSPP. In addition, designated personnel within the system safety function should be identified with responsibility for coordinating with the state oversight agency.

5. SSPP Implementation – Tasks and Activities

5.1 Overview

This section of the SSPP should provide an overview of the approach followed by the rail transit agency in managing the specific activities performed to implement the SSPP and provide on-going safety in rail transit operations and maintenance activities. To ensure that rail operations are conducted in the safest manner possible,all transit system personnel will have been assigned safety responsibilities. In addition, within the rail transit agency, each department/function provides distinct roles and carries out specific responsibilities to ensure the protection of passengers, employees, local responders, the community served by the system, and the agency’s property. These responsibilities and roles should be summarized in this section of the SSPP.

5.2 System Safety Function

The responsibilities and tasks of each position in the system safety function should be described. Tasks may include activities required to: establish the organization of safety activities and outline employee responsibilities with respect to those activities; promote and maintain safety and training programs as mandated by federal, state, and local regulatory agencies; set and implement established safety goals, objectives, and practices; provide the mechanisms for identifying and assessing safety hazards during the operation and maintenance of the system; provide the methods to eliminate, minimize, or control the identified hazards and/or other concerns; define the formal requirements necessary for maintaining insurance coverage; define the requirements and procedures for conducting standard safety audits; and coordinate with the state oversight agency.

5.2.1 Methodology Used by the System Safety Unit

This section should describe the different methodologies used by the system safety function to ensure a proactive approach to safety. Examples include data collection and analysis, hazard management and resolution, periodic inspections, compliance checks, and internal audits.

5.3 Safety Responsibilities of Other Departments

The safety responsibilities and tasks of other rail transit departments should be described. For example, the role of operating departments, human resources, planning, customer services, etc. in the creation of a safe rail transit agency should be described. This description should include a brief overview of the department and a discussion of the department’s safety responsibilities. As appropriate, and if not already addressed in Section 3, organizational charts showing the relationship of those units with major safety responsibilities to the rail transit agency and system safety should be provided.

5.4 Safety Task Responsibility Matrix (or Narrative Description)

A safety task responsibility matrix (or a narrative equivalent) showing interfaces among the system safety unit and other rail transit units for identified safety responsibilities and the key reports or actions required, should be provided in the SSPP. An example of an integrated safety task matrix is displayed in Figure 1. This matrix depicts the roles and responsibilities of both the rail transit agency safety function and the other rail transit departments. As used in this figure:

P Primary Task Responsibility. The identified participant(s) is (are) responsible for the preparation of the specified documentation.

S Secondary or Support Responsibility. The identified participant(s) is (are) to provide the necessary support to accomplish and document the task.

R Review/Comment Responsibility. The identified participant(s) may review and provide comment on the task or requirement.

A Approval Responsibility. The identified participant is to review, comment and subsequently approve the task or requirement.

Figure 1: Sample Integrated Safety Task Matrix

Figure 1 continued

6.0 Hazard Management Process

6.1 Overview

This section of the SSPP should provide an overview of the hazard management process developed by the rail transit agency. The hazard management process must, at a minimum:

  1. Define the rail transit agency’s approach to hazard management and the implementation of an integrated system-wide hazard resolution process.
  2. Specify the sources of, and the mechanisms to support, the on-going identification of hazards.
  3. Define the process by which identified hazards will be evaluated and prioritized for elimination or control.
  4. Identify the mechanism used to track through resolution the identified hazard(s).
  5. Define minimum thresholds for the notification and reporting of hazard(s) to oversight agencies.
  6. Specify the process by which the rail transit agency will provide on-going reporting of hazard resolution activities to the oversight agency. This activity may include weekly, monthly or quarterly meetings with the rail transit agency to discuss hazard management issues.

6.2 Hazard Management Process – Activities and Methodologies

In this section of the SSPP, the rail transit agency should provide a detailed description of its approach to addressing each required element of the hazard management process. Each rail transit agency may use a variety of methodologies, including informal processes, such as review of reports from operations and maintenance personnel, results from rules compliance checks and employee evaluations, the mining of maintenance data, results from facilities and vehicles inspections, findings from internal safety and security audits, and daily review of the rail transit agency’s unusual occurrences log, as well as more formal approaches, such as trend analysis, hazard classification and resolution using the Mil-Std 882 process, hazard analyses using inductive processes (Preliminary Hazard Analysis, Failure Modes and Effects Analysis, Job Hazard Analysis, etc.) and hazard analysis using deductive processes (Fault Tree Analysis). These methods should be identified and described in this section of the SSPP.

For example, the rail transit agency may state the following:

The hazard management process is the primary tool used by the rail transit agency to ensure the safety of rail transit agency activities, passengers, employees, facilities and vehicles. This process is accessible to all levels of the organization and is the means by which hazards are identified, analyzed for potential impacts on the transit system and resolved in a manner acceptable to management. This process will follow the guidelines listed in the five sub-sections below.

I. Hazard identification is a process whereby an attempt is made to discover conditions in the system that, if not altered, has the potential to cause accidents, injuries, or other losses. Where reasonably feasible, all employees are charged with the responsibility of identifying and reporting conditions that have the potential to cause accidents, injuries, or other losses. These conditions may be found in the form of physical hazards, unsafe actions, and policies that create or fail to recognize hazards. There may also be certain employees who, through periodic field observations, review of incident data, performance and complaint records, are identified as needing counseling, re-training, termination or other action as deemed appropriate.

Potentially hazardous conditions may also be identified through other means, including those listed below:

II. Hazard classification for severity ensures that hazards are rated in terms of their effects on employees, passengers and/or the transit system. Severity categories are defined below.

III. Hazard classification for probability ensures that the probability that a hazard will occur can be described in potential occurrences per unit of time, events, population items or activity. A qualitative hazard probability may be derived from research, analysis, and evaluation of safety data from the operating experience of the rail transit agency or other similar transit authorities. A depiction of a hazard probability rating system is described below.

DESCRIPTION LEVEL SPECIFIC ITEM FLEET OR INVENTORY
Frequent A Likely to occur frequently Continuously experienced
Reasonably Probable B Will occur several times in life of an item Will occur frequently
Occasional C Likely to occur sometime in life of an item Will occur several times
Remote D Unlikely, but possible to occur in life of an item Unlikely, but can reasonably be expected to occur
Improbable E So unlikely, it can be assumed occurrence may not be experienced Unlikely to occur, but possible

IV. Risk assessment determines the acceptability of assuming a risk associated with a hazard, the necessity of implementing corrective measures to eliminate or reduce the hazard, or a combination of both. Hazard risk assessment involves categorization of hazard severity and probability of occurrence. A Risk Assessment Index, or Hazard Rating Table, is shown below.

Hazard Severity
HAZARD FREQUENCY CATEGORY I CATEGORY II CATEGORY III CATEGORY IV
Frequent (A) 1A 2A 3A 4A
Probable (B) 1B 2B 3B 4B
Occasional (C) 1C 2C 3C 4C
Remote (D) 1D 2D 3D 4D
Improbable (E) 1E 2E 3E 4E

Hazard Risk Index Criteria by Index
1A, 1B, 1C, 2A, 2B, 3A Unacceptable
1D, 2C, 2D, 3B, 3C Undesirable
1E, 2E, 3D, 3E, 4A, 4B Acceptable with review
4C, 4D, 4E Acceptable without review

After assessment of the severity and probability of a hazard, and where reasonably feasible, the key departments, safety committee, and the system safety function will make a standard analysis. A determination will be made regarding acceptance of the risk or taking corrective action. Risk assessment issues of significant impact or those where there is a lack of consensus will be submitted to the executive leadership for resolution.

Executive leadership will reach a consensus to accept, modify, or reject the recommendation. If modified or rejected, the safety committee is called into session for further review and recommendation. Upon final approval by executive leadership, the resolution is placed into the hands of the responsible department(s) for implementation.

V. Hazard Resolution refers to activities taken to eliminate or mitigate the hazard. Where reasonably feasible, a hazard that has been submitted by an individual for resolution shall be handled as follows:

When the risks are assessed, a plan is developed for resolution. There are four choices in the hazard resolution process:

6.3 Coordinating with the State Oversight Agency

In this section of the SSPP, the rail transit agency should document its approach for providing on-going hazard management information to the state oversight agency. Examples of these activities include: submission of monthly or weekly logs and reports documenting the implementation of the rail transit agency’s hazard management process and the conduct of monthly or quarterly meetings with the oversight agency to review results from the hazard management process. In addition, the role of the oversight agency in coordinating with the rail transit agency regarding the investigation of certain categories of hazardous conditions and the development, review and approval of corrective actions plans (as appropriate) should be specified.

To complete this section of the SSPP, the rail transit agency may state the following:

To ensure an on-going role in the oversight of the rail transit agency’s hazard management process, the rail transit agency will establish a Hazard Tracking Log which reflects the consolidation of information in the hazard management process. The Hazard Tracking Log will contain all hazards identified through the various methods applied by the rail transit agency. The Hazard Tracking Log may be organized by the hazard number assigned by the rail transit agency, or by the type of hazard, the source from which it was identified, or the element of the rail transit agency’s operation affected by the hazard (i.e., facilities, vehicles, track and signal, communications/SCADA, tunnel ventilation, personnel training and procedures, etc.). A sample log appears on the next page.

The proposed Hazard Tracking Log will be submitted monthly to the state oversight agency’s designated point-of-contact. The state oversight agency will review the Monthly Hazard Tracking Log and forward any questions or requests for information to the rail transit agency.

In addition, the rail transit agency will conduct quarterly meetings with the oversight agency to review the Hazard Tracking Log and the other rail transit agency activities associated with the hazard management process. The rail transit agency will submit to the state oversight agency a proposed date and location for the quarterly meeting and a proposed agenda. The state oversight agency will review and approve the agenda, making any modifications as appropriate, and schedule the quarterly meeting with the rail transit agency. During the quarterly meetings, the rail transit agency will attempt to provide any documents and to answer any requests that the state oversight agency may have. If these records are not available at the quarterly meetings, they will be transmitted to the state oversight agency after the conclusion of the quarterly meeting.

Hazard Tracking Log
No. Description Date Identified Source Assessment Results Recommendations Status
Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

Blank

 

 

 

 

 

 

No. – refers to the number assigned to the hazard by the RTA
Description – refers to a brief narrative summary of the hazard – what it is; where it is located; what elements it is comprised of; etc.
Date Identified – refers to the date the hazard was identified at the RTA.
Source – indicates the mechanism used to identify the hazard, i.e., operator report, near-miss, accident investigation, results of internal safety or security audit, rules compliance or training program, maintenance failure, facility or vehicle inspection, trend analysis, formal hazard analysis, etc.
Assessment Results – refers to the hazard severity and hazard frequency ratings initially assigned to hazard by the RTA.
Recommendations – refers to the actions recommended by the RTA to address the hazard and to bring it into a level of risk acceptable to management.
Status – refers to the status of the recommendations. Status may be designated as: not started, open, in progress, or closed.

During application of the hazard management process, for any hazard identified as an “unacceptable hazard condition,” as defined in Section 6.2 of this SSPP, the system safety function will notify the state oversight agency designated point-of-contact within 24 hours. In addition, the system safety function will conduct an investigation following the basic procedures identified in Section 10 of this SSPP. At the conclusion of the investigation, the investigation report will be provided to the state oversight agency for review and comment. Any corrective action plans developed as a result of the investigation will be reviewed and approved by the oversight agency. The state oversight agency retains the authority to request a status briefing on any unacceptable hazardous condition investigation.

7.0 Safety Certification

The rail transit agency may undertake major projects and modifications that require safety certification. In this section, the rail transit agency should define those projects which require certification. Examples may include: new rail systems and extensions, the acquisition and integration of new rail vehicles and safety critical technologies into existing service, and major safety critical redesign projects, excluding functionally similar replacements. In addressing these projects, this section of the SSPP should state that the goals of the rail transit agency’s safety certification program are to verify that identified safety and security requirements have been met and to provide evidence that the new operating segments/phases are safe and secure for use in revenue service.

This section should clarify that for each such project, the rail transit agency will develop a Safety and Security Certification Plan (SSCP) during the preliminary design phase of the project. Prior to revenue service, a Safety and Security Verification Report (SCVR) will be developed, documenting the agency’s compliance with its SSCP.

The rail transit agency should briefly describe its process in implementing its safety certification program, including the following:

  1. develop a certifiable items list;
  2. identify safety and security requirements for each certifiable element;
  3. verify compliance;
  4. issue Certificates of Compliance for each certifiable element; and
  5. issue rail transit agency certification.

This section should also identify final authority to approve the certification of rail transit agency major projects, extensions, etc. The role of the system safety function should also be described, including activities to be performed to ensure that:

  1. facilities and equipment have been constructed, manufactured, inspected, installed, and tested, in accordance with safety and security requirements in the design criteria and contract specifications;
  2. operations and maintenance procedures and rules have been developed and implemented to ensure safe and secure operations;
  3. training documents have been developed for the training of operating personnel, and emergency response personnel;
  4. transportation and maintenance personnel have been trained and qualified/certified;
  5. emergency response agency personnel have been prepared to respond to emergency situations in or along the right-of-way;
  6. safety and security-related system integration tests have been conducted; and
  7. security for the segments in operation and the Yard and Shop are addressed.

This section should also clarify that each critical certifiable system element receives a written safety and security certificate of conformance. When all required certifiable system elements are certified, a system safety certification statement, signed by the General Manager, is issued along with a Safety Certification Verification Report. These documents verify the readiness for revenue service for each operational phase of the system in regards to the safety and security requirements of the system. If the state oversight agency has additional authorities, beyond the scope of 49 CFR Part 659, for reviewing or approving this report, they should be stated here.

Finally, the rail transit agency should also identify the major components that form the baseline for certification. These typically include:

  1. manuals of Design Criteria and Standard and Directive drawings which determine the safety and security requirements to be incorporated in the contract specifications;
  2. the Contract Final Design which determines that the safety and security features of facilities, systems, and equipment are in compliance; and
  3. the System Verification Report and Test Plans which form the basis for determining that safety and security-related inspections and tests have been performed in compliance with codes and guidelines, and that all facilities, vehicles, equipment, and procedures can function in a safe and secure manner.

Once the SSCP is adopted, a formal process should specify what happens when a portion of the system will not be available on time, or equipment which will be placed in service is not complete. Issuance of such directives as "work-arounds" or "exceptions" should occur only when top management determines that they are absolutely necessary. If such exceptions prove to be necessary, all departments involved need to sign off on the process to indicate they fully understand the nature of the exception and what temporary measures are in place to mitigate any potential side effects.

The exceptions in place must also be monitored constantly to ensure that neither the procedure nor the spirit of the mitigating factors are bypassed or removed during the life of the respective exception. If any type of coordinating committee or communication process is maintained by a respective rail transit agency, regular reports should be included to ensure all organizational entities are thoroughly familiar with both the procedure and necessity for each exception.

8.0 Managing Safety in System Modifications

This section should clearly specify the rail transit agency’s processes and procedures regarding those maintenance and construction activities that do not require formal safety certification, but that do require safety inspections and sign-offs prior to placement of the facility, equipment, part, or vehicle in service (i.e., replacements or repair in kind, etc.). To avoid confusion and to clarify roles and responsibilities, the rail transit agency system safety function should coordinate with the maintenancefunction to develop a formal procedure, if one does not already exist. This procedure should be referenced in this section.

In addressing this activity, the rail transit agency may require a sign-off prior to the placement of the modification in revenue service. In this case, coordination and compatibility with the existing system, construction efforts under operating conditions, and testing and break-in phases must all be managed as part of the ongoing system safety effort.

The rail transit agency may also include operating and safety department personnel in the design review process for certain modification activities. Sign-off procedures may be established for the appropriate departments.

Finally, the rail transit agency may identify the department and person in the organization with responsibility for ensuring that hazards associated with system modifications are included in the Hazard Management Process. One function of the organization, usually system safety, should be delegated with the responsibility of ensuring that any hazards associated with system modifications of any kind are worked into the Hazard Management Process. In this way any accepted risks associated with such system changes will be documented and tracked from the outset.

9. Safety Data Acquisition

9.1 Data Acquisition Process

This section should clearly describe the process used by the rail transit agency to collect and analyze safety data to support improvements in the agency’s safety performance and to monitor compliance with the agency’s safety goals and objectives. This data can come from multiple sources, such as daily unusual occurrence logs, operator and supervisor reports, mining of maintenance data, analysis of vehicle and personnel records, and procurement contracts.

One of the most important services the safety unit provides for the transit organization is the collection, maintenance, and distribution of safety data relative to system operation. This data includes information gathered from not only within the respective system on various operating characteristics relative to safety, but also from other rail transit agencies, the state oversight agency, and the FTA. This section should describe the sources of this data, ensuring that all required reports from all departments within the agency are identified.

As described in the Hazard Management Process section of this SSPP, analysis of this system specific data can be used to determine trends and patterns in system operation. Used as part of the hazard management process, data collection and analysis can identify hazards before they cause accidents by such techniques as trend analysis. It thus becomes a vital component of efforts to improve system performance, not only in respect to safety, but also in overall delivery of service to the riding public.

9.2 Access to Data

In addition to describing the safety data acquisition process, the SSPP must address the management process used to ensure that other departments within the rail transit agency provide required data to the system safety function. This section of the SSPP should clarify which departments are responsible for reporting what types of data, and also identify management controls in place to ensure that this data is delivered to the safety department in a timely manner and is appropriately validated.

10. Accident/Incident Notification, Investigation and Reporting

10.1 Overview

This section of SSPP should describe the process used by the rail transit agency to conduct accident investigations, and to notify appropriate external agencies, including the state oversight agency, the National Transportation Safety Board (NTSB), and the Federal Railroad Administration (FRA). In addition, there should be clear links specified between the accident/incident notification, investigation and reporting process and the hazard management process. Finally, this section should address the process used by the rail transit agency to develop corrective action plans to prevent recurrences, and to coordinate review and approval of these plans with the state oversight agency.

10.2 Accident/Incident Investigation Criteria

A formal policy needs to exist and be fully understood by all organizational elements on exactly how accidents/incidents will be classified, and how different classifications of accidents/incidents will be investigated, by whom, and to what level of detail. This policy should include a pre-determination regarding such things as thresholds for automatic activation of an investigation, guidelines on whether incidents should be investigated immediately or after the fact, and who is in charge of each specific level of investigation. The SSPP should describe these criteria in detail.

10.3 Accident/Incident Investigation Procedures

Preparation of appropriate procedures, formats, and approaches for performing investigations must be documented and properly implemented. Verification of full understanding and compliance with such procedures by all organizational elements is also required. The SSPP should describe and reference these procedures. The rail transit agency should also submit these procedures to the state oversight agency with the SSPP for review and approval.

10.4 Internal Notification Procedure

Predetermination of appropriate notification of accidents and participation in accident investigations should be understood and available to all involved rail transit personnel. The SSPP should clearly describe the internal notification procedures and the technology or methods used to support internal notification.

10.5 External Notification Procedure

49 CFR Part 659 mandates that each rail transit agency report accidents meeting specific thresholds to the state oversight agency. The rail transit agency system safety function must notify the state oversight agency within two hours of the occurrence of an accident or incident meeting the thresholds specified in FTA’s 49 CFR Part 659. These thresholds include the following:

  1. A fatality (death at the scene or where an individual is confirmed dead within 30 days).
  2. Two or more injuries requiring immediate medical attention away from the scene. Property damage in excess of $25,000.
  3. Any evacuation due to life safety reasons.
  4. Any collision at a grade crossing, regardless of injuries or property damage.
  5. Any main-line derailment.
  6. Any collision with an individual on a rail right of way.
  7. Any collision between a rail transit vehicle and another rail transit vehicle or a rail transit non-revenue vehicle.

Notification must occur through the means specified in the state oversight agency Program Standard. In addition, 49 CFR Part 659 requires that the state oversight agency investigate each accident meeting these thresholds. In the event that the state oversight agency intends to authorize the rail transit agency to conduct investigations upon its behalf, it will formally review, approve and adopt the rail transit agency’s accident investigation procedures and submit them to FTA. In addition, the state oversight agency must formally (in writing) transmit its request to the rail transit agency, which must receive it. In the event that the state oversight agency plans to conduct independent investigations, using its own personnel or contractors, the state oversight agency coordinate this investigation with the rail transit agency.

This section of the SSPP should also identify the criteria utilized to notify other outside agencies. For example, the NTSB must be notified within two hours for any occurrence involving a passenger/employee fatality, two or more injuries to employees or passengers requiring admission to a hospital, an evacuation on the mainline, or a fatality at a rail grade crossing. The NTSB will be notified within 4 hours for any occurrence that totals or exceeds $25,000. The system safety function will make these notifications.

FRA thresholds are more inclusive than the FTA thresholds, and only apply to those rail transit systems with waivers in place for shared track systems or that connect to the general railroad system. In the event the rail transit agency notifies FRA, it should also notify the state oversight agency. In addition, if the information is available, the rail transit agency should also notify the state oversight agency of the NTSB’s intent to investigate the accident. The details for notifying the state oversight agency are described in the agency’s accident investigation procedure.

10.6 Accident/Incident Reporting and Documentation

It is important that the rail transit agency have a procedure in place for the development, review and approval of reports and other materials documenting the results of the accident investigation. This section of the SSPP should reference the appropriate procedure or provide an outline of the required elements of a rail transit agency investigation activities and reports. The state oversight agency may also specify certain accident investigation reporting requirements. These requirements should also be included.

10.7 Corrective Action Resulting from Accident Investigation

The SSPP needs to describe the process used to develop, track, report and verify implementation of all recommendations and identified needs for corrective actions. The agency should have a process in place to ensure all necessary corrective actions are completed. The corrective action process and the parties responsible for the corrective action process should be clearly described and identified in the SSPP.

10.8 Coordination with State Oversight Agency

In this section, the rail transit agency should describe its process for coordinating the conduct of accident investigations with the oversight agency, including the delivery of accident investigation reports and corrective action plans, working with the state oversight agency to receive approvals on corrective action plans, and providing the oversight agency with status updates.

11. Emergency Response Planning/Coordination/Training

11.1 Responsibilities for Emergency Preparedness

In this section of the SSPP, the rail transit agency must identify its responsibilities for ensuring its readiness to respond to an emergency on its system or to support response to an emergency in its service area. Responsibilities typically include:

11.2 Coordinated Schedule

Emergency response is a primary component of any rail transit SSPP. This component must include an approved, coordinated schedule for all emergency response activities. This section of the SSPP must describe the process through which the rail transit agency develops, distributes and maintains this schedule. Specific responsibility should be identified by department and job title.

Meetings with outside agencies, participation in training and emergency exercises sponsored by other agencies, and revision and distribution of the rail transit agency’s Emergency Operations Plans and emergency response procedures can all be scheduled on an annual basis, with necessary approvals and checks for completion built in. The process in place for managing this coordination should be documented in the SSPP. Frequently the system safety function is responsible for coordination of these types of emergency preparedness functions. As part of the regular reports to general management issued by the system safety function, status reports on emergency preparedness items can automatically be included.

11.3 Emergency Exercises

Emergency exercises form the backbone of the process for determining whether emergency response plans are adequate. While no exercise can recreate the urgency of a real emergency, they still provide indispensable training and familiarization opportunities for both emergency response personnel and rail transit agency staff. Flaws in the planned process are also frequently discovered during the conduct of these exercises and their subsequent debriefings. It should be noted that emergency exercises need not always be full blown "mock" disasters, but can also be conducted as simple “walk-throughs” of how employees would respond to a specific set of circumstances, as well as targeted training opportunities.

In this section of the SSPP, the rail transit agency must describe its process for developing, scheduling, conducting and evaluating emergency exercises and drills. Coordination with the DHS, G&T Transit Security Grant Program and the G&T Homeland Security Exercise and Evaluation Program should be documented as appropriate.

The rail transit agency must describe its process for ensuring the preparation and dissemination of after action reports to document the findings and recommendations from the emergency exercise or drill. In addition, the rail transit agency must document its approach to tracking the implementation of recommendations. Integration of relevant findings into the hazard management process should also be discussed. Finally, coordination with the DHS, G&T Transit Security Grant Program and the G&T Homeland Security Exercise and Evaluation Program should be documented as appropriate.

11.4 Emergency Procedures

11.5 Emergency Training

An important consideration for handling of emergency situations is internal staff training. It is imperative that rail transit agency staff have absolute knowledge of both the standard and emergency operating characteristics of their rail transit agency. This can only be accomplished through proper initial and refresher training at all operational levels, as well as specifically targeted training for those staff members who may be involved in handling of emergency situations, while not necessarily involved in day to day operations. This section of the SSPP should provide an overview of the rail transit agency’s training program for ensuring proficiency in the response to the full range of emergencies possible at the system.

11.6 Familiarization Training

Emergency response by its very nature implies significant involvement by outside agencies. Fire department, police, emergency medical services, and those local agencies involved in handling of terrorist activities (e.g., bomb threats) must be coordinated by the rail transit agency in order to ensure the best possible response to emergency situations, as well as realization of maximum benefit from the expertise contained within these external agencies.

12. Internal Safety Audit Process

12.1 Overview

This section of the SSPP must describe the rail transit agency’s approach to developing, implementing and reporting an internal safety audit process or ISAP. The ISAP is a critical component of the rail transit agency’s SSPP. Following the procedures developed for the ISAP, over a three-year period, every one of the 21 elements specified in the rail transit agency’s SSPP will be reviewed and evaluated for its implementation. During this review, the ISAP process will determine if all organizational elements, equipment, procedures, and functions are performing as intended from a safety perspective. In addition, the ISAP measures effectiveness of the SSPP.

The SSPP must document the process and procedures used to plan, schedule, conduct, evaluate, and report on the internal safety audits and to ensure that reports are issued, with recommendations to address any deficiencies or findings. In addition, the revised 49 CFR Part 659 requires additional involvement of the state oversight agency in this process. These requirements must be addressed as well.

12.2 Scope of Activities

The objectives of the internal safety audit process are to provide a mechanism for determining the effectiveness of the rail transit agency SSPP and to assess its level and quality of implementation. Specifically, internal safety audit objectives are to:

Based on a careful review of these objectives and the activities addressed in the SSPP, the rail transit agency should identify the organizational units and functions which are subject to the internal audit process. A list of these organizational units and functions should be included in the SSPP

A thorough ISAP must provide top management with a mechanism for documenting the fact that key elements of the organization are performing specified functions. These organizational elements must include all key elements with identified system safety responsibilities as specified in the SSPP.

12.3 Audit Process

12.3.1 Integrity of Audit Process

This section of the SSPP must identify the rail transit agency personnel responsible for performing the ISAP, and specify requirements to protect against individuals auditing their own work. Required interfaces with the system safety function must also be specified.

In some instances, the system safety function of the rail transit agency will be responsible for implementation and oversight of the ISAP, however, each rail transit agency must be able to tailor such responsibilities to its own unique organizational structure. The overriding philosophy which must be protected regardless of structure is the independent nature of the audit process. The unit in charge of auditing must not be the unit in charge of implementation of the items being audited.

12.3.2 Cycle/Schedule

This section of the SSPP must specify the requirement to develop a three-year schedule depicting all 21 audits to be performed. This schedule must be disseminated within the rail transit agency, and also delivered to the state oversight agency. Responsibility for scheduling audits must be clearly identified, by department and job title. Regular dissemination of the audit schedule will support awareness of the ISAP throughout the rail transit agency. Annual schedule updates of this schedule must be provided to the state oversight agency with the Annual Audit Report (see Section 12.3.5).

Audited departments must know when to expect audits. Audits must be scheduled so that they are as unobtrusive as possible. Unannounced inspections or spot audits must be approved as part of the overall audit process with concurrence of general management.

12.3.3 Checklists and Procedures

To guide the performance of the ISAP, and to ensure its integrity, a set of ISAP procedures and checklists must be developed for all 21 audits. The procedures and checklists must be reviewed and approved by the rail transit agency, and submitted to the state oversight agency. The procedures must include the new requirement, specified in 49 CFR Part 659, that the rail transit agency must notify the oversight agency no less than thirty days prior to the conduct of each internal audit. The oversight agency retains the authority to observe each internal safety audit.

This requirement ensures that a list of items to be audited will be prepared in advance and that the methodology for conducting the audit will be clearly specified. When necessary, audited departments should be given time to produce necessary documentation. This does not preclude spot check of individual records, such as maintenance records or personnel qualification records, however, the cooperative nature of the audit process must be maintained.

12.3.4 Audit Reporting

In order for an internal audit to be effective, the results of the audit must be used for positive, all-encompassing corrective actions. This does not occur if the audit report is not an official document which is automatically provided to all appropriate levels of management. This section of the SSPP must specify that an audit report will be prepared to document the results of each internal audit. At a minimum, this report should contain a brief overview of the activities performed, the completed checklists, and any findings, recommendations or concerns identified. This report may be delivered in draft to the audited department for a period of review and comment prior to finalization.

Each ISAP report, or an executive summary, should be provided to the chief executive officer and the individual, respective departments. To support discussion of results and the development of action plans to address findings, various techniques such as audit coordination meetings and management briefings can be used to make the process as unobtrusive as possible, while still providing valuable input to each respective department being audited as to areas of concern and possible corrective actions.

It is also important to design the process so that it is construed as a positive force in the organization. While the internal audit should be as cooperative as possible, there must also be an administrative process to deal with any problems or disagreements which develop. It should be emphasized that the audit process is only a management tool which provides assistance in discovering possible problem areas. By itself, it should not be considered an internal regulatory or decision making process. Final authority for all decisions always rests within the management structure as prescribed by the individual organization.

The SSPP must specify that a summary of recommended corrective actions, if any, must be included in each audit report. Corrective actions approved by management must then be formally tracked for compliance. In addition, a tracking log must be maintained by the system safety function, documenting the status of all recommended corrective actions.

12.3.5 Annual Audit Report

This section of the SSPP must state that the rail transit agency will prepare an annual audit report documenting its activities and findings over the last year, and submit this report to the state oversight agency for review and approval. To support preparation of this report and its review by the state oversight agency, formal documentation of all aspects of the internal audit process must be maintained. Included in this documentation, should be all necessary reports to general management, respective departments, and the state oversight agency.

As specified by the state oversight agency, the annual report may include the following information:

12.3.6 Coordination with the Oversight Agency

The SSPP must identify the role of the state oversight agency in monitoring and overseeing implementation of the ISAP at the rail transit agency. In this capacity, the state oversight agency may request completed reports and status updates regarding the implementation of recommendations. In addition, results from the ISAP may feed into the hazard management process, which is also overseen by the state oversight agency.

12.3.7 Audit Completeness

The SSPP should identify the types of documentation that may be required to ensure audit completeness: Maintenance Procedures, Training Manuals, Proceedings of Meetings, Equipment Specifications, Rules/Regulations, Management Program Plans, System Safety Program Plan, Standard Operating Procedures, Emergency Procedures, Configuration Management Plan, Hazardous Materials Management Plan, Administrative Procedures, Rule Book, Safety Rules, Fire Codes, and Engineering Design Criteria. While ongoing inspections may be conducted on an unannounced basis, actual audits should be done on a coordinated basis, with full management support. Once schedules are approved by general management, all involved departments must provide absolute cooperation.

13. Rules Compliance/Procedures Review

13.1 Overview

All rail transit systems should have a written expression of their policies and practices. These policies and practices are conveyed in various general and specialized rulebooks, operating bulletins, special orders, standard operating procedures and/or other similar documents, generally referred to as rules and procedures. Operating rules and procedures are created to promote safe, efficient, timely, and customer-oriented transit operations. Adherence to these operating rules is necessary to achieve these objectives. A rules compliance program is needed to verify adherence to operating rules. The SSPP should identify all of the rules and procedures that affect passenger and employee safety, and, as such, are subject to compliance monitoring activities. These rules and procedures may also be reviewed during the ISAP, and/or the rail transit agency’s activity to update its SSPP. This identification should include all safety-critical operating and maintenance rules and procedures.

13.2 Review of Rules and Procedures

The SSPP should describe the process used by the rail transit agency system safety function and supporting committees to review safety-critical operations and maintenance rules and procedures and to make determinations regarding whether they need updating. Procedures for document control and the methods for disseminating updates should also be described. Roles and responsibilities should be identified, by department and job title.

13.3 Process for Ensuring Rules Compliance

The benefits of rules and procedures come from their implementation and use, which can only be assured through periodic review and follow-up. Each rail transit agency shall develop a formal process of observations to evaluate and verify that rules are followed. Each rail transit agency must define its Rule Compliance program to verify and evaluate that its rules are followed. This program must be described in the SSPP.

13.4 Compliance Techniques – Operations and Maintenance Personnel

While each rail transit agency shall develop its own requirements for assessing compliance with rules, the following elements must be included:

  1. Evaluation Process: The rail transit agency must define which job classifications and job functions will be evaluated.
  2. Organizational Responsibility: The rail transit agency must define which part or parts of the organization/departments or areas will administer the rule compliance process. This includes monitoring the compliance program to verify if it is being followed according to established policies and standards. The rail transit agency must establish the minimum level of qualification required to perform the function of an evaluator.
  3. Evaluation Cycle / Definition of the Frequency of Compliance Checks: The rail transit agency must determine the evaluation frequency. The rail transit agency should consider the size and complexity of its operation in establishing the evaluation cycles.
  4. Method of Verification: In determining the method, the rail transit agency must consider characteristics such as various times of the day, days of the week, geographic locations, system features and/or other appropriate practices/conditions. Compliance Checks will be observations of operational personnel performing their jobs/duties. Observations will be performed in a methodical, objective manner. The means of collecting data (i.e., forms, electronic, other) shall be standardized along with specific instructions for conducting the compliance checks. Observers must be trained in the methods of collection and proper documentation of the observations.
  5. Automated Verification: Some rail transit agencies have automated means of monitoring rule compliance. The following elements should be monitored to the extent possible of the rail transit agency’s capabilities: on-time terminal dispatches; unauthorized train operation; improper train operations; proper vehicle speed; signal conformance; and nullification of operating / safety device.

13.5 Compliance Techniques

In the SSPP, the rail transit agency must also describe is process for ensuring the effectiveness of supervisors in implementing operating and maintenance rules. This process may be similar to the one used for operations and maintenance personnel as described above or may be based on other methodologies.

13.6 Documentation

n the SSPP, the rail transit agency must describe its process for maintaining records of compliance observations and corrective actions. The rail transit agency must also determine acceptable levels of compliance and have defined corrective actions or guidelines to address non-compliance.

14. Facilities and Equipment Inspections

14.1 Facilities and Equipment Subject to Inspection

The SSPP must specify the general categories of facilities and equipment with safety-related characteristics and corresponding inspection requirements. In addition the SSPP must describe the process for developing and maintaining a custom list at the rail transit agency.

14.2 Regular Inspection and Testing

The SSPP should describe the rail transit agency’s approach to implementing a regular cycle of inspections for facilities and safety-related equipment along with a list of exactly which items are to be inspected. Observations of defective or missing equipment of course should be reported whenever observed.

For example, the SSPP may specify that all rail transit agency operating and maintenance facilities undergo a complete inspection by the system safety function at least once a year to ensure the safety and health of employees. Individual maintenance shops within the maintenance facilities are formally inspected on a monthly basis. These inspections are conducted using inspection forms, and include inspections to verify OSHA compliance, personal protective protection utilization, inspections of equipment, housekeeping inspections, inspections to verify industrial hygiene practices, etc. However, informal inspections may be conducted at any time. Inspection reports are issued which list the hazards and the safety and health problems found during the inspection. Follow-up inspections and reports are completed within 30 days. The department responsible for the inspected area is required to provide a schedule of corrective actions within 30 days. Follow-up inspections and reports are made 30 to 60 days after the initial inspection.

For equipment inspections, the SSPP may require that equipment inspections are made in accordance with manufacturer guidelines, industry-accepted standards and practices. The SSPP may also specify that track inspections will conform to FRA standards, such as: walking inspections twice a week; riding inspections by track inspectors twice a week; ultrasonic inspection once a year; and gage and other geometry measurements twice each year. Also, a sweep of the alignment will be performed by the first train each morning. The yard & shop areas are inspected monthly. Routine inspections of the structures, bridges, inverts, and aerial guideways are performed at established cycles using approved guidelines.

The system elements such as train control/signaling, grade crossing equipment, traction power, SCADA, and OCS are inspected at established cycles based on the manufacturer guidelines and industry experience. The periodicity of these inspections may be varied based on climatic conditions and corrective maintenance demands.

Rail vehicle inspections are made in accordance with industry-accepted procedures including periodic inspections specified by the Maintenance and Servicing Manual and the Heavy Maintenance Manual. Operators also perform visual inspections and relevant systems checks prior to service-start.

14.3 Checklists

The SSPP should require use of a written checklist when conducting facility inspections. This checklist will ensure a more uniform and complete audit.

14.4 Coordination with Hazard Management Process

The SSPP must require that results from facilities and equipment inspections are closely coordinated with the rail transit agency’s hazard management process. The SSPP should provide a description of how hazards identified during these inspections are integrated into the hazard management process.

15. Maintenance Audits/Inspections

15.1 Systems and Facilities Subject to Maintenance Program

This section of the SSPP needs to list all of the systems and facilities subject to the rail transit agency’s maintenance program. The maintenance cycle, a description of the maintenance to be conducted, and the required documentation of the maintenance to be performed needs to be detailed. The SSPP also needs to include a description of the type of maintenance audits the rail transit agency will conduct. This description should include the audits/inspections conducted by the front line maintenance employees and by the system safety function. The audits conducted should be a comprehensive process and including auditing whether the correct procedures are being followed, and the quality and timeliness of the work performed.

15.2 Resolution of Audit/Inspection Findings

This section of the SSPP must describe the process used to ensure that all issues identified during maintenance audits/inspections are addressed and/or resolved. It is imperative that proper corrective actions be prescribed, implemented, and tracked as part of this process. Such audit records become extremely valuable tools in establishing that the respective management organization is reasonable and prudent in discharging its professional responsibilities. Since accidents are prevented by such preparation and double checking, the audit/inspection process should be considered an excellent way of minimizing costly litigation.

Safety critical systems, such as track, structures, train control, transit vehicles, tunnel ventilation and flood control, elevators, escalators, and communications are inspected/tested and/or serviced on a scheduled, periodic basis. Should such systems be found in a failed or to be in an out-of-tolerance condition, in such a manner that would present a hazard, the SSPP should state that applicable operations will be restricted to maintain safety until such time a appropriate remedial action has been completed. Equipment found to be in a failed or out of tolerance condition are recorded and tracked by the responsible maintenance department. These discrepancies are not to be closed out until repairs are completed. In the case of transit vehicle maintenance, should a vehicle not receive the prescribed preventive maintenance within the required maintenance schedule, the vehicle is to be withheld from revenue service.

15.3 Checklists

A checklist should be used to document the maintenance audits conducted by System Safety and by maintenance employees. This checklist helps ensure a more uniform and complete audit, and will direct maintenance audits/inspections to focus on adherence to schedule, application of standards and procedures, and record keeping.

16. Training and Certification Review/Audit

16.1 Overview

The SSPP should provide a description of the program in place for rail transit agency employees and contractors to ensure their consistent and complete training and their capabilities to perform their job activities safety and in compliance with rail transit agency rules and procedures. Such a program requires employees to have a base knowledge that is consistent across their particular job. The program also ensures that the rail transit agency provides initial certification and refresher training.

Proper qualification of operating and maintenance personnel is a vital part of a safe transit environment. The SSPP should describe the categories of safety-related work that require training and certification.

16.2 Employee Safety

The SSPP should describe each of the agency’s training and certification programs including general course content and grading procedures. For example, each rail transit agency should develop initial qualification and refresher training programs to ensure that employees demonstrate an understanding and proficiency in the application of rules, procedures, and equipment.

Such characteristics as consistency over several classes, and effective and equitable testing of personnel in both initial and recurrent training should be part of the evaluation process. While the training program elements and content will be specific to the rail transit agency, the SSPP should describe the process applied to ensure that training staff, designated by the rail transit agency, are qualified by training and/or experience. Training staff shall be responsible for the preparation, maintenance, and provision of the training program.

As described in the SSPP, the qualification training program should include the following forms of instruction. Refresher and familiarization training/training for change can use any combination of the following forms: classroom instruction; field instruction (e.g., set up a train with a problem to simulate a unique situation); and on-the-job instruction (e.g., in revenue or non-revenue conditions or both).

The rail transit agency should establish durations for its training programs. The rail transit agency should also conduct periodic internal reviews of the complexity and types of its equipment, system characteristics, and performance to verify the adequacy of the time period allocated for training. The length of the training program is flexible. The rail transit agency shall allow adequate time in the training program for daytime and nighttime, and peak hour practice train operation. The SSPP should also specify that employee training is coordinated with the rail transit agency’s Employee Safety Program (discussed in Section 18).

16.3 Contractor Safety

While employees of contractors do not come under the direct jurisdiction of rail transit agencies, when contractors work on transit property, especially under operating conditions, certain requirements must be applied to all members of the contractor work force. This is essential for the safety of passengers, transit employees, contractor employees, and protection of transit property. The contractor and all contractor employees must be clear right from the outset that the rail transit agency is in charge and all necessary rules and procedures will be followed without exception.

The rail transit agency, and the responsible units, must ensure that all contractor personnel: 1) are instructed on the procedures, 2) know the procedures, and 3) follow the procedures. Sanctions which will be imposed must be spelled out from the beginning, and if possible, included in the contract.

16.4 Record Keeping

The SSPP should describe the way in which a permanent file of personnel training records are maintained by the transit agency.

16.5 Compliance with Training Requirements

The SSPP needs to describe the process utilized to assess compliance with training and certification requirements. This process may include reviews of records and observations of training courses to evaluate: familiarization of equipment, operating conditions, procedures and practices, classroom training, performance/practice training, testing with established scores based on the nature, complexity and safety sensitivity of the material, application of standardized criteria for all elements such as length and type of training, locations (e.g., yards, routes, etc.), rail vehicle equipment, and specific topics to be included, (e.g., use of fire extinguishers, yard operations, signal tests, troubleshooting, etc.), post-qualification review of employee performance, including employee records and in-person interviews.

17. Configuration Management

17.1 Overview

Configuration Management is a process which ensures, as much as possible, that all rail transit property, equipment, systems design elements, etc., are documented as to configuration accurately and completely. Any changes to an individual sub-system, or a fleet/inventory wide change should be recorded on as-built drawings in a timely and effective manner.

For most rail transit agencies, configuration management requirements are established in separate Configuration Management Plans (CMP) or procedures. These requirements are included in major contracts to assure that changes to design of equipment and facilities are adequately documented and approved. Contractors are required to submit "as-built" drawings and update manuals and procedures. Changes to designs, after completion of design reviews, are coordinated with the rail transit agency.

The SSPP should reference the CMP or configuration management procedure, and provide a brief description of the process used by the agency. In most cases, rail transit agencies use baseline management to ensure that the technical baseline (as established at the time of Safety Certification for Revenue Service for New Starts or at another time for existing systems) is defined and controlled throughout maintenance and operations, and that the end products satisfy the technical and operational requirements derived from the system needs. At specific points in time, selected documentation is formally designated and approved as part of the technical baseline. The operations and maintenance technical baseline is the final as-built documentation and system performance requirements. In this manner, configuration management includes certain specified contractual documents, operations and maintenance documents, and safety and security documents.

17.2 Process for Changes

The rail transit agency establishes policy, responsibility and procedures for configuration control to ensure the continued design integrity of the system, subsystems, equipment and facilities. Achieving this integrity requires that configuration changes to the defined system elements are properly coordinated, reviewed, approved, documented, and implemented. The SSPP must describe this process.

In general, system changes are changes to the configuration and supporting documentation that are precipitated by need for new or revised: alignment extensions/upgrades, equipment extensions; systems; quality improvement initiatives; unforeseen conditions discovered during operations; and maintenance activities which require a re-design of a system or its component(s) and so on.

System and/or element changes which affect design and/or operations and maintenance of rail transit agency are reviewed and recommendations are made by a designated committee or function within the rail transit agency regarding requests for configuration management changes. System modifications to the operating system or design extensions are controlled by a systematic review and approval process which includes representatives from a variety of committees and functions, including the system safety function. The SSPP should describe this process, including the committees and functions and their roles and responsibilities.

Special processes may be in place for addressing issues such as computer software configuration management. Because of its significance, computer software may be managed and controlled in accordance with a designated software management process or applicable procedures, which may be separate from, or referenced in, the rail transit agency’s CMP. These processes may apply to software and firmware that is developed in-house, licensed or procured from a commercial vendor, obtained from another organization, or otherwise acquired and used in rail transit agency applications. The SSPP should also describe these processes.

17.3 Authority for Changes

The SSPP should describe the process used to make changes using the rail transit agency’s configuration management process. At a minimum, this should include: procedures for the authority to make configuration changes, the process for incorporating these changes into all appropriate documentation, and the process for ensuring that all necessary units, including the system safety function, are formally made aware of such changes. It is also recommended that the process be coordinated or combined with the System Modification Review and Approval Process and the Safety Certification Process, described in Sections 7 and 8 of the SSPP. Notification of changes, especially individual unit changes, cannot always occur in advance. It should be a requirement, however, that all units be informed of such changes as expeditiously as possible.

18. Compliance with Local, State, and Federal Requirements

18.1 Employee Safety Program

The SSPP should describe the rail transit agency’s Employee Safety Program. While it is difficult to develop a generic program, at a minimum, those elements required by local, state or federal law must be incorporated into the Employee Safety Program. These include such elements as Employee Right To Know requirements for hazardous materials and Occupational Safety & Health requirements promulgated by the Occupational Health and Safety Administration (OSHA) or state and local authorities. It is emphasized that these are only minimum programs, and that efforts should be made to maintain a thorough Employee Safety Programabove and beyond these minimums.

The rail transit agency may also conduct regular industrial hygiene studies such as air quality, noise level, hazardous materials, including wastes, and environmental stresses, to evaluate the degree of employee or patron exposure to chemical and physical agents encountered in the work environment, including the office environment. The survey results are utilized to determine the necessary corrective action, including engineering and administrative controls and/or the required use of personal protective equipment. Reports of the industrial hygiene study are submitted to all affected departments.

Industrial hygiene studies may be performed on a hazard priority basis to identify and eliminate exposures that exceed the Threshold Limit Value (TLV) and Permissive Exposure Level (PEL). These priority levels are typically established by the system safety function through an evaluation of the work processes, including type of work performed, types of chemicals or hazardous materials used to which persons are exposed, frequency and duration of exposure, and number of employee (or patrons) exposed. Examples of high priority exposures include: airborne concentrations of lead, silica and other toxic particulates and aerosols, organic solvents and excessive noise levels.

In addition, physical examinations may be coordinated through the system safety function to monitor the health and welfare of employees, and to identify workplace conditions which may jeopardize their safety and health.

Finally, for construction projects, specific procedures are in place to ensure worker protection and public safety by fostering an awareness and concern for safety on the job site. Implementation of these procedures is the responsibility of the rail transit agency. The Construction function, in coordination with the system safety function, administers a program to address these procedures and their use in the field. Referenced documents for this program also contain requirements concerning contractor and subcontractor safety programs and implementation requirements. Manuals and training courses have been developed and include communication requirements including applicable federal, state and local OSHA requirements. Activities include: (i) providing basic E, S&H training to employees, (ii) training in fire prevention, industrial hygiene and environmental compliance, and (iii) administering the Substance Abuse Prevention and Security programs for E, S&H staff. All accident reports are reviewed and processed by appropriate rail transit agency staff and management.

18.2 Working on or near Rail Transit Controlled Property

The SSPP must describe the safety program established for employees and contractors working on, or in close proximity to, rail transit controlled property. Typically, the system safety function, working with the construction function, administers this program. Contractors are required to comply with all applicable OSHA standards for the safety of their own employees as well as to safeguard rail transit agency employees, contractors, passengers and the public. All employees and contractors working on, or interfacing with, the rail transit agency are required to attend safety training while working on the operating system. This training course may be developed jointly by the operating function and the system safety function. The rail transit agency’s Operating and Safety Rules and Procedures are typically included in each construction contract, and these rules and procedures bind contractors and employees performing work on the operating system.

18.3 Compliance with Required Safety Programs

The SSPP must describe the rail transit agency’s process for supporting compliance with the Employee and Contractor Safety Programs. Each rail transit manager and supervisor is typically responsible for having knowledge of, and enforcing compliance with, all applicable federal and state OSHA laws, standards and regulations. Although OSHA stipulates that employees are responsible for complying with OSHAstandards, many rail transit agencies consider that it is responsible for the employees’ compliance. As a result, the rail transit agency may ensure that procedures are established by all departments that facilitate disciplinary action against those individuals who fail to comply with applicable OSHA laws, standards, and regulations. Examples of types of employee actions that require disciplinary action are: failure to use/wear required personal protective equipment, failure to follow appropriate chemical handling procedures, and the unauthorized modification of safety equipment and devices.

19. Hazardous Materials

Transit agencies must have a process to ensure that the appropriate employees are familiar with the Hazardous Material Program and the Employee Safety Program. This process should be described in the SSPP. Most rail transit agencies come under the jurisdiction of either state or federal Environmental Protection Agencies.

It is incumbent on each system to determine which regulations it must follow and then ensure all organizational elements are aware of these requirements and how they must be followed. Fundamental requirements of the Right-To-Know laws/standards are included in basic training and the rail transit agency’s Hazard Communication Program. The system safety function enforces procedures that ensure compliance with the standards by employees of all departments.

Material Safety Data Sheets (MSDS) for all chemicals and other hazardous materials that are being considered for purchase and use are reviewed and evaluated by the system safety function for approval, prior to use. The user will furnish the manufacturer’s MSDS for hazardous products, and information on the planned use and application methods. The rail transit agency procurement department will ensure that the system safety function has submitted written approval of requested materials prior to procurement. The rail transit agency trains its employees in the use of chemicals and hazardous materials. Follow-up are conducted on the field use of approved products to ensure that safe, proper handling methods are utilized. Appropriate personal protective equipment (PPE) is also provided and its use is required, as specified, by the rail transit agency. Rail transit agency management and supervisory personnel are responsible for providing the necessary PPE and enforcing its use by employees.

20. Drug & Alcohol Abuse

The abuse of legal drugs, the misuse of alcohol, and/or the use of illegal drugs by rail transit agency employees poses a serious risk of harm to the health and safety of the public and to other employees. Moreover, the use of illegal drugs, on or off duty, is inconsistent with the law-abiding behavior expected of all citizens, and with the special trust placed in such employees as public servants in the field of transportation.

Since virtually all rail transit agencies require federal funds for continued growth and operation, the Drug Testing Requirements of the FTA now form the basis for the drug and alcohol abuse programs. The SSPP must describe the Drug and Alcohol Abuse Program of the agency and must explain that the Drug and Alcohol Abuse Program includes FTA and US DOT requirements (49 CFR Parts 40, 653, and 654). The Drug and Alcohol Abuse Program of the transit agency must also comply with the Drug Free Workplace Act and the SSPP should acknowledge this compliance.

In addition, in this section of the SSPP, the rail transit agency should describe its Employee Assistance Program (EAP) and/or Substance Abuse Program (SAP). Through these programs, rail transit agencies provide an opportunity for employees to deal with drug and alcohol-related problems. Any employee who voluntarily requests assistance in dealing with a personal drug and/or alcohol problem may do so through the EAP and/or SAP in complete confidence and without jeopardizing his/her employment with rail transit agency solely because of the request for assistance. Other treatment programs for drug and alcohol problems are available through the health and welfare provider selected by rail transit agency. The immediate discontinuation of any involvement with alcohol or drugs is an essential requisite for participation in any treatment program. Although employees are encouraged to receive help for drug or alcohol problems, participation in an EAP and/or SAP will not excuse an employee’s failure to comply with the requirements of the Policy.

21. Procurement

System safety should encompass the routine procurement of supplies, materials, and equipment. Procedures must be in place and enforced to preclude the introduction into the transit environment of unauthorized hazardous materials and supplies, as well as defective or deficient equipment. The SSPP must describe the process that is used to prevent inadvertent acceptance of unauthorized materials or defective items.

In addition, the SSPP must describe the process used by the rail transit agency to ensure that all hazardous materials are procured in a safe and controlled manner. The procurement of hazardous materials must follow all state and federal regulations. The SSPP must describe the measures used to ensure safe procurement these hazardous materials, and where appropriate, reference other procedures or manuals.

The transit agency must also have a quality assurance program in place to assure that new materials used for maintenance or construction activities have been assessed for safety concerns or safety hazards. The SSPP must describe and/or reference this quality assurance program.

Appendix F: State Oversight Agency SSPP Review Checklist

Rail Transit Agency (RTA)__________________________________________________________

State Oversight Agency Reviewer __________________________________ Date __________________

#

CHECKLIST ITEM

PLAN REQUIREMENTS

Does the PLAN contain or provide for the following:

INCLUDED

Yes — No

PAGE REF.

COMMENTS

1. Policy Statement
  • A policy statement is developed for the System Safety Program Plan (SSPP).
  • The policy statement describes the authority that establishes the system safety program plan.
  • The policy statement is signed and endorsed by the rail transit agency’s chief executive.

 

 

 

2. Purpose, Goals and Objectives
  • The purpose of the SSPP is defined.
  • Goals are identified to ensure that the SSPP fulfills its purpose.
  • Objectives are identified to monitor and assess the achievement of goals.
  • Stated management responsibilities are identified for the safety program to ensure that the goals and objectives are achieved.

 

 

 

3. Management Structure
  • An overview of the management structure of the rail transit agency is provided including an organization chart.
  • Organizational structure is clearly defined and includes:
    • History and scope of service,
    • Physical characteristics, and
    • Operations and Maintenance.
  • A description of how the safety function is integrated into the rest of the rail transit organization is provided.
  • Clear identification of the lines of authority used by the rail transit agency to manage safety issues is provided.

 

 

 

4. Plan Review and Modification
  • An annual assessment of whether the system safety program plan should be updated is specified.
  • The process used to control changes to the system safety program plan is described.
  • Specific departments and persons responsible for initiating, developing, approving, and issuing changes to the SSPP are identified.
  • Required coordination with the oversight agency regarding plan modification, including timeframes for submission, revision, and approval, is addressed.

 

 

 

5. Plan Implementation
  • A description of the specific activities required to implement the system safety program plan is included.
  • Tasks to be performed by the rail transit safety function, by position and management accountability, are identified and described.
  • A description of the methodologies used by the system safety function to achieve their safety responsibilities should be provided.
  • Safety-related tasks to be performed by other rail transit departments, by position and management accountability, are identified and described.
  • A task matrix (or an equivalent narrative description) showing: all identified safety responsibilities, interfaces among all rail transit units responsible for each task, and the key reports or actions required, should be provided.

 

 

 

6. Hazard Management Process
  • The process used by the rail transit agency to implement its hazard management program, including the role of the oversight agency in providing on-going communication, is described.
  • The hazard management process includes activities for: hazard identification, hazard investigation, evaluation, and analysis, hazard control and elimination, hazard tracking.
  • Requirements for on-going reporting to the oversight agency relating to hazard management activities and status are specified.

 

 

 

7. Safety Certification Process
  • A description of the safety certification process required by the rail transit agency to ensure that safety concerns and hazards are adequately addressed prior to the initiation of passenger operations for New Starts and subsequent major projects to extend, rehabilitate, or modify an existing system, or to replace vehicles and equipment.

 

 

 

8. System Modifications
  • The process used by the rail transit agency to ensure that safety concerns are addressed in modifications to existing systems, vehicles, and equipment, which do not require formal safety certification, but which may have safety impacts, is described.

 

 

 

9. Safety Data Acquisition
  • The process used to collect, maintain, analyze, and distribute safety data is clearly defined.
  • The management process for ensuring that the safety function within the rail transit organization receives the necessary information to support implementation of the system safety program is clarified.

 

 

 

10. Incident Notification, Investigation, and Reporting
  • A description is provided regarding the process used by the rail transit agency to perform accident notification, investigation and reporting.
  • Criteria for determining what accidents/incidents require investigation, and who is responsible to conduct specific investigations are developed.
  • A description of the procedures for performing investigations, including proper documentation and reporting of findings, conclusions reached, use of hazard resolution process to develop corrective action recommendations, and follow-up to verify corrective action implementation is provided.
  • Notification thresholds for internal departments/functions are defined.
  • Criteria are specified for notifying external agencies (NTSB, state oversight agency) of accidents and incidents.
  • Procedures are established for documenting and reporting on accident investigations.
  • Process used to develop, implement, and track corrective actions that address investigation findings is specified.
  • Coordination with the oversight agency is specified.

 

 

 

11. Emergency Management Program
  • The agency’s emergency planning responsibilities and requirements are identified.
  • A description of the process used by the rail transit agency to develop an approved, coordinated schedule for emergency management program activities is provided.
  • Required meetings with external agencies regarding the emergency management program are specified.
  • The process used to evaluate emergency preparedness, such as annual emergency field exercises, is documented.
  • After action reports and implementation of findings are required.
  • The process is explained to be used by the rail transit agency for the revision and distribution of emergency response procedures.
  • The agency’s responsibilities for providing employee training are identified.
  • The agency’s responsibilities for providing familiarization training to local public safety organizations are identified.

 

 

 

12. Internal Safety Audit Program
  • A description of the process used by the rail transit agency to ensure that planned and scheduled internal safety audits are performed to evaluate compliance with the SSPP is included.
  • Identification of departments and functions subject to audit is performed.
  • Auditors must be independent from the first line of supervision responsible for the activity being audited.
  • A three-year audit schedule must be developed, reviewed, maintained and updated to ensure that all 21 SSPP elements are reviewed during the audit cycle.
  • The process for conducting audits, including the development of checklists, and procedures for conducting audits and issuing of findings is described.
  • The SSPP must describe the requirement of an annual audit report that summarizes the results of individual audits performed during the previous year and includes the status of required corrective action items. This report must be submitted to the state oversight agency for review and approval.
  • The process for resolving problems and disagreements, report distribution, and follow-up on corrective action procedures is described.
  • The ISAP process and reporting must be coordinated with the state oversight agency.
  • The ISAP process should be comprehensive.

 

 

 

13. Rules Compliance
  • Operating and maintenance rules and procedures that affect safety are identified.
  • Operating and maintenance rules and procedures that affect safety are reviewed for their effectiveness and determinations are made regarding their need to be updated.
  • Description of process for developing, maintaining, and ensuring compliance with operating and maintenance rules and procedures.
  • Techniques used to assess the implementation of operating and maintenance rules and procedures by employees, such as performance testing/compliance checks.
  • Techniques used to assess the effectiveness of supervision relating to the implementation of operating and maintenance rules.
  • Process for documenting results and incorporating them into the hazard management program.

 

 

 

14. Facilities and Equipment Inspections
  • Identification of the facilities and equipment that are subject to regular safety related-inspection and testing is provided.
  • A description of how safety-related equipment and facilities are included in a regular inspection and testing program is provided.
  • Use of a written checklist for conducting facility inspections.
  • Descriptions of how identified hazardous conditions are entered into the Hazard Resolution Process.

 

 

 

15. Maintenance Audit and Inspection Program
  • A list of systems and facilities subject to a maintenance program, along with established maintenance cycle and required documentation of maintenance performed for each item, is provided.
  • A description of the process for tracking and resolving problems identified during inspections is provided.
  • Use of a written checklist for conducting maintenance audits is required.

 

 

 

16. Training and Certification Program
  • A description of the training and certification program for employees and contractors is provided.
  • Categories of safety-related work requiring training and certification are identified.
  • Description of the training and certification program for employees and contractors in safety-related positions is provided.
  • Description of the training and certification program for contractors is provided.
  • The process used to maintain and access employee and contractor training records is described.
  • The process used to assess compliance with training and certification requirements is described.

 

 

 

17. Configuration Management Process
  • A description of the configuration management control process is provided and appropriate references are made to other rail transit agency documents governing this process.
  • Process for making changes is described.
  • Authority to make configuration changes is described and assurances are provided for formal notification of all involved departments.

 

 

 

18. Compliance with Local, State and Federal Safety Requirements
  • A description of the safety program for employees and contractors that incorporates the applicable local, state, and federal requirements is provided.
  • Safety requirements that employees and contractors must follow when working on, or in close proximity to, rail transit agency controlled property are identified.
  • Processes for ensuring the employees and contractors know and follow the requirements are described.

 

 

 

19. Hazardous Materials Program
  • A description of the hazardous materials program, including the process used to ensure knowledge of and compliance with program requirements is provided.

 

 

 

20. Drug and Alcohol Program
  • A description of the drug and alcohol program and the process used to ensure knowledge of and compliance with program requirements is provided.

 

 

 

21. Procurement
  • A description of the measures, controls, and assurances in place to ensure that safety principles, requirements, and representatives are included in the rail transit agency procurement process.

 

 

 

Appendix G: Program Requirements for Development of a Rail Transit Agency System Security and Emergency Preparedness Program Plan (SEPP)


SAMPLE

State Oversight Agency Program Requirements for the Development of Rail Transit System Security and Emergency Preparedness Plans

This document has been developed to serve as a template for use by state oversight agencies in specifying the requirements established in 49 CFR Part 659 for the development of a rail transit agency System Security and Emergency Preparedness Plan (SEPP). It includes a sample set of Program Requirements, detailing the required SEPP contents and a set of recommended SEPP appendices.

Table of Contents

SEPP Memorandum of Executive Approval/System Security Policy
1. System Security and Emergency Preparedness Program Introduction
1.1 Purpose of the SEPP
1.2 Goals and Objectives
1.3 Scope of Program
1.4 Security and Law Enforcement
1.5 Management Authority and Legal Aspects
1.6 Government Involvement
1.7 Security Acronyms and Definitions
2.0 System Description
2.1 Background & History of System
2.2 Organizational Structure
2.3 Human Resources
2.4 Passengers
2.5 Services and Operations
2.6 Operating Environment
2.7 Integration with Other Plans and Programs
2.8 Current Security Conditions
2.9 Capabilities and Practices
3.0 SEPP Management Activities
3.1 Responsibility for Mission Statement and System Security Policy
3.2 Management of the SEPP Program
3.3 Division of Security Responsibilities
4. SEPP Program Description
4.1 Planning
4.2 Organization
4.3 Equipment
4.4 Training and Procedures
4.5 Emergency Exercises and Evaluation
5.0 Threat and Vulnerability Identification, Assessment, and Resolution
5.1 Threat and Vulnerability Identification
5.2 Threat and Vulnerability Assessment
5.3 Threat and Vulnerability Resolution
6.0 Implementation and Evaluation of SEPP
6.1 Implementation Tasks for Goals and Objectives
6.2 Implementation Schedule
6.3 Evaluation
7.0 Modification of System Security Plan
7.1 Initiation
7.2 Review Process
7.3 Implement Modifications
Appendix A: DHS Regulation and Requirements Relevant to the SEPP
Appendix B: Acronyms
Appendix C: Definitions

SEPP Memorandum of Executive Approval/System Security Policy

In this section, a policy statement should be provided which establishes the System Security and Emergency Preparedness Plan (SEPP) as an operating document that has been prepared for, and approved by, rail transit agency top management.

The policy statement should define, as clearly as possible, the authority for the establishment and implementation of the SEPP. As appropriate, reference should be made to the authority provided by state and local statues to develop and securely operate the rail transit system and coordinate with local, state and federal agencies regarding security and emergency preparedness issues. The role of the SEPP in addressing FTA’s 49 CFR Part 659 and state oversight agency requirements should be clearly described. Participation in programs managed by the Department of Homeland Security, Office of Grants and Training (G&T) (formerly the Office of State and Local Government Coordination and Preparedness (SLGCP), Office for Domestic Preparedness (ODP)) and the Transportation Security Administration (TSA) that require the SEPP should also be mentioned, including the Transit Security Grant Program (TSGP) and compliance with TSA directives and the TSA Rail Security Inspector Program.

Reference should be made to management's approval, either by referencing the enabling signature on the title page or by other means.

1. System Security and Emergency Preparedness Program Introduction

1.1 Purpose of the SEPP

This section of the SEPP should identify its purpose. For most rail transit agencies, the purpose of the SEPP is to ensure a planned, documented, organized response to actual and potential security threats to the system, and to address these threats with proactive measures and response techniques that manage and minimize the outcome of security breaches or related events. The SEPP typically:

As set forth in rail transit agency's security program policy, accountability for security and emergency preparedness of the rail transit system rests with each employee, supervisor, manager, director, and department. As a result of this program, the rail transit agency will achieve not only an effective physical security program, but also develop emergency preparedness.

The rail transit agency's plans for response to natural disaster or terrorism incidents are based on partnerships with the emergency management and first-responder organizations of the cities and counties throughout the rail transit agency's service area, and the region's coordinated plans for response and recovery from such events. This coordination is essential for the rail transit agency's response and recovery capabilities, while at the same time, continuity of rail transit operations during a community-wide emergency is a vital capability for the region's recovery.

1.1.1 System Security

System security is defined as: “the application of operating, technical, and management techniques and principles to the security aspects of a system throughout its life to reduce threats and vulnerabilities to the most practical level through the most effective use of available resources.” System security provides a structured methodology for analyzing threats and weighing the consequences of the cost of their resolution against the capabilities of the system to fund improvements. This process allows the system; whatever its size, service, or operating environment; to implement the most effective security and preparedness program possible within its available resources. System security promotes an integrated approach to protection, identifying how all system activities come together as part of an interdependent system that deters, detects, assesses, and responds to threats.

1.1.2 Emergency Preparedness

Within the context of this approach, emergency preparedness is a central feature of the program, ensuring the capability to mitigate and manage those events that cannot be prevented. Emergency preparedness is defined as: “a uniform basis for operating policies and procedures for mobilizing public transportation system and other public safety resources to assure rapid, controlled, and predictable responses to various types of transportation and community emergencies.” Emergency preparedness ensures that the rail transit agency has a process in place to provide fast, controlled and predictable responses to various types of emergencies that may occur within the system or nearby locations. Emergency preparedness identifies how municipal and county agencies can both support, and obtain support from, the rail transit agency in addressing transit-specific and area-wide emergencies.

1.2 Goals and Objectives

1.2.1 Goals

This section of the SEPP should identify the goals developed by the rail transit agency to meet the purpose established for the SEPP. Goals are broad statements of ideal future conditions for the safety program that are desired by the rail transit agency, endorsed by top management, and are supported by specific objectives to aid in their attainment. Goals should be realistic and generally are presented in qualitative terms. Sample goals include the following:

  1. Security: Reduce the rate of crime, and the fear of crime, on the rail transit system.
  2. Awareness and Involvement: Engage all rail transit employees and contractor personnel in a program of awareness activities to ensure that they serve as “eyes and ears” for the system. Also establish a similar process of engagement in awareness activities for passengers and others who come into contact with the system.
  3. System Approach: Systematically and continually identify, assess and resolve threats to the security of the system, optimizing use of human resources, operating procedures, technology and equipment, facilities design and improvements, and community and interagency partnerships, to maximize security effectiveness.
  4. Emergency Preparedness: Develop and implement Plans, Organization, Equipment, Training/procedures, and emergency Exercises/evaluation (POETE) to assure preparedness for catastrophic natural disasters or terrorist attacks. These POETE activities should be appropriately coordinated and integrated with the emergency management/response jurisdictions in the rail transit agency’s service area, and should support compliance with Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan (NRP), the National Incident Management System (NIMS), the National Infrastructure Protection Plan (NIPP), and the National Preparedness Goal. The rail transit agency’s activities to support implementation of HSPD requirements may be coordinated through the Regional Transit Security Working Group (RTSWG) and the Regional Transit Security Strategy (RTSS).

1.2.2 Objectives

Objectives are the working elements of the SEPP, the means by which the identified goals are achieved. Unlike goals, objectives should be easily quantifiable. They should provide a framework for guiding the day-to-day activities that provide for a safe and secure rail transit operation. Objectives are often supported by the identification of associated tasks that are required to be completed. Objectives for the sample goals identified above are presented in the table that follows.

GOALS AND OBJECTIVES

Goal #1. Security: Reduce the rate of crime, and the fear of crime, on the rail transit system.

Objective 1.A Maintain 100,000 boarding rides or better per reported crime on the rail transit system, as measured by crimes occurring on the system reported to police.
Objective 1.B Maintain 70% or better customer rating of "good" or "excellent" addressing concerns about security on board the rail system, as measured through the rail transit agency’s annual Attitude and Awareness survey.
Objective 1.C Maintain 300,000 or better boarding rides per customer complaint about security or vandalism, as measured through rail transit agency’s Customer Service Information (CSI) system.

Goal # 2. Awareness and Involvement: Engage all rail transit employees and contractor personnel in a program of awareness activities to ensure that they serve as “eyes and ears” for the system. Also establish a similar process of engagement in awareness activities for passengers and others who come into contact with the system.

Objective 2.A Achieve broad-based awareness of security responsibilities, alertness and procedures by rail transit personnel (means of measurement to be determined).
Objective 2.B Achieve broad-based security alertness by rail transit agency customers (means of measurement to be determined).

Goal # 3. System Approach: Systematically and continually identify, assess and resolve threats to the security of the system, optimizing use of human resources, operating procedures, technology and equipment, facilities design and improvements, and community and interagency partnerships, to maximize security effectiveness.

Objective 3.A Systematically determine and assess deployments and tactics of dedicated security personnel, in relation to systematically analyzed information on crime, threats, and effectiveness on customer perception of security on the transit system.
Objective 3.B Continually foster partnerships with law enforcement jurisdictions and community organizations, in support and extension of the rail transit agency’s dedicated security resources.
Objective 3.C. Systematically incorporate security design considerations and security technology and equipment into design of rail transit agency facilities.

Goal # 4. Emergency Preparedness: Develop and implement Plans, Organization, Equipment, Training/procedures, and emergency Exercises/evaluation (POETE) for preparedness to perform the prevention, detection, response and recovery capabilities applicable to rail transit systems and their employees during catastrophic natural disasters or terrorist attacks. These activities should be appropriately integrated with emergency management/public safety jurisdictions in the rail transitagency’s service area, and should support compliance with Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan (NRP), the National Incident Management System (NIMS), the National Infrastructure Protection Plan (NIPP), and the National Preparedness Goal. The rail transit agency’s activities to support implementation of HSPD requirements will be coordinated through the Regional Transit Security Working Group (RTSWG) and the Regional Transit Security Strategy (RTSS).

Objective 4.A Develop and implement the rail transit agency’s internal emergency preparedness POETE through integration of these activities into the agency’s Emergency Operations Plan and into the development of Memorandum of Understanding (MOUs) with external agencies.
Objective 4.B Develop and implement the rail transit agency’s external emergency preparedness, through the development of procedures, training and emergency exercises, by partnering with the emergency management and first-responder organizations of cities and counties throughout the rail transit agency’s service area, to integrate POETE needed for natural disaster or terrorism incidents on the transit system, and into the region's coordinated, mutual POETE for response and recovery from such events.

1.3 Scope of Program

This section of the SEPP should establish the scope of the SEPP to cover all agency personnel, and be applicable to all agency operations:

The Scope should also specify that coordinating and integrating the emergency response plans of the rail transit agency and of the jurisdictions in the agency's service area, is part of the SEPP program.

1.4 Security and Law Enforcement

This section of the SEPP should describe the security and law enforcement functions that manage and support implementation of the SEPP. If the rail transit agency has its own police force, this section of the SEPP should introduce this department and provide an overview of the department’s activities. Also, this section of the SEPP should identify the rail transit police responsibilities regarding relationships with other law enforcement agencies in the municipalities traversed by the rail transit system.

If the rail transit system purchases security services from local law enforcement agency(s), the plan should introduce this arrangement, and provide an overview of the mechanisms in place to integrate contracted law enforcement services into the rail transit agency’s day-to-day operations. This section of the SEPP should also clarify which function within the rail transit agency manages this contract, and how activities are coordinated with other law enforcement agencies in the rail transit agency’s service area.

If the system employs its own security (non-sworn) force or purchases security services from a private company, the plan should provide an overview of these >security forces and identify the methodologies used to support cooperation with local law enforcement agencies in the rail transit agency’s service area. This section of the SEPP should also clarify which function within the rail transit agency manages this contract or in-house security force.

If the system depends solely on local law enforcement for primary response, the plan should discuss how the system interacts with local law enforcement and what formal or informal arrangements or agreements, including any memorandum of understanding (MOU), are in place. If the system uses any combination of these types of security configurations, the SEPP should provide an overview of how the various components of the security/police function work together.

Whatever the rail transit operator's police or security configuration, the SEPP should explain how staff officers work with, communicate with, coordinate activities with, and share jurisdiction with local law enforcement agencies. In this discussion, the rail transit agency should include information regarding response to incidents, planning and deployment, joint operations, special events, and the sharing the threat and crime information.

1.5 Management Authority and Legal Aspects

This section of the SEPP should describe the authority which oversees the operation and management of the rail transit agency, including its security/police function. The section should identify the charter or legislation which created the rail transit agency, and address the roles of the Board of Directors, General Manager, other executive leadership, and the manager of the security/police function in executing the SEPP. Municipal, county and state codes that are enforced on the transit system should be identified, including ordinances for fare evasion, parking enforcement, vandalism, disorderly conduct, and other public order violations. Any special authorities provided to transit police, contracted law enforcement, contracted private security or in-house security personnel should also be identified.

In preparing this section, the rail transit agency may first introduce its charter, enabling legislation and/or cooperative agreements with the municipalities and counties in its service area. Then, after describing the role of the Board of Directors (providing stewardship and budget approval for the transit agency) and the General Manager (approves and issues the SEPP, established policy that assigns responsibility for developing, implementing and administering the SEPP), this section may identify the roles of other management positions (Executive Director, Operations; Director of Safety and Security, Chief of Police/Security Manager) and explain how each is responsible for developing and enforcing the Standard Operating Procedures (SOPs), operating orders, training, rules compliance programs, evaluation programs, internal security audits, and other activities that assure implementation of the SEPP.

Then, the roles and responsibilities of middle management and line personnel may be briefly introduced and described (i.e., management within the transit security/police function, as well as the roles of supervisors and operations and maintenance personnel). Finally, the section may conclude with a discussion of the ordinances, codes, rules and other laws enforced on the rail transit system (i.e., felonies and misdemeanors applicable to the transit agency’s service area, fare evasion, vandalism, unlawful entry (trespass) upon transit property or vehicles, interference with movement of or access to transit vehicles, disorderly conduct on transit property or in transit vehicles, and offensive physical contact with a transit passenger, employee, agent, security officer or police officer).

This section of the SEPP should provide a high-level overview only. SEPP management and implementation will be discussed in greater detail in Chapters 3 and 4.

1.6 Government Involvement

This section of the SEPP should introduce and briefly describe the local, state and federal agencies with whom the rail transit agency coordinates for security and emergency preparedness. For example, at the federal level, the rail transit agency may coordinate with government agencies for funding support and to ensure compliance with security regulations and grant requirements. Federal partners may include: FTA, Federal Highway Administration (FHWA), Federal Railroad Administration (FRA), DHS, and its subsidiary bureaus, including G&T, the Federal Emergency Management Agency (FEMA), and TSA.

In working with FTA, 49 USC 5307(J)(i) requires that a recipient of federal transportation funds under 49 USCS 5336 spend at least one percent of the amount received on mass transportation security projects. The rail transit agency may consistently exceed the 1% utilization the FTA guideline.

In working with DHS, the rail transit agency may participate in the Transit Security Grant Program (TSGP), which is funded by G&T, and administered by the State Administrative Agency (SAA) and the regional Urban Area Security Initiative (UASI) Point-of-Contact Working Group (UAPOC). Participation in the TSGP requires the development of this SEPP, the implementation of an on-going threat and vulnerability assessment process, and creation of Regional Transit Security Working Groups (RTSWG) to develop and implement a Regional Transit Security Strategy (RTSS), in coordination with the SAA and UAPOC. G&T also offers technical assistance programs for establishing the RTSS, conducting rail transit threat and vulnerability assessment, and developing and conducting emergency exercises and evaluation.

The rail agency also coordinates with local, regional and state emergency management and public safety agencies to address other DHS requirements for implementation of the National Response Plan, the National Incident Management System, and the National Infrastructure Protection Plan. The rail transit agency may also support the TSA Rail Security Inspector Program, as well as research and pilot projects being performed by TSA, and ensure compliance with TSA directives. Appendix A provides additional information on these DHS, G&T and TSA programs.

State government coordination may include the state Department of Transportation (DOT), the state Office of Homeland Security, and the state SAA for the G&T TSGP program. The state oversight agency should also be discussed here, including its role in requiring, receiving, reviewing and approving the SEPP. If the state oversight agency does not have protections in place to shield security documents from public release, then the procedures developed to review and approve these documents, discussed in Section 6 of this SEPP, should be briefly mentioned. The state oversight agency’s enabling legislation and/or program requirements may be referenced here or included as an appendix.

At the regional level, the rail transit agency may coordinate with the region's emergency management group, the county emergency management agency, or a county emergency management committee; the UAPOC; the local office of the Federal Bureau of Investigation’s (FBI) Joint Terrorism Task Force (JTTF), and for transportation project funding, the region's Metropolitan Planning Organization (MPO). In supporting regional coordination, the rail transit agency may have signed intergovernmental agreements or memorandum of understanding (MOUs) to formally partner with the county/regional emergency management agency or committee, including requirements for participation in emergency management planning monthly coordination meetings and implementation of regional incident management and response protocols. The rail transit agency may have also joined the region's UASI working group, UAPOC, in support of the region's UASI Strategy, through implementation of the RTSS.

The rail transit agency may also have signed MOUs with local law enforcement, emergency medical services (EMS), fire departments, hospitals, and other transit providers in the region to address a range of issues associated with SEPP implementation.

1.7 Security Acronyms and Definitions

This section of the SEPP should include all of the acronyms and definitions used in the plan. Acronyms and definitions may be presented in this section or included in an Appendix that is referenced in this section. Appendices B and C of this document include sample acronym and definition lists.

2.0 System Description

The primary purpose of Chapter 2 is to provide organizational information and operating parameters for both those outside the organizations that need to understand the transit system, and those inside the organization to have clearly defined lines of report and responsibility delineation. The information presented should be sufficient to allow non-technical and non-transit persons to understand the system and its basic operations.

2.1 Background & History of System

This section should briefly describe the system's characteristics. This section should describe when and how the transit system was established, history of service delivery, major milestones in the transit system’s history, and the modes of service provided. A system map and reference to the transit agency’s website should also be provided.

2.2 Organizational Structure

This section of the SEPP should provide or reference:

2.3 Human Resources

This section of the SEPP should identify all departments supported at the rail transit agency and clarify how many full-time employees, part-time employees, and contracted personnel support them. For example, a table such as the one appearing below may be used.

Department
Full-time Employees Part-Time Employees Contractors
General and Administrative

 

 

 

Capital Projects and Facilities

 

 

 

    CP&F Bus and Rail Facilities Management

 

 

 

Operations

 

 

 

Administration and Planning

 

 

 

Safety and Security Department

 

 

 

Director and Administrative Staff

 

 

 

Security Staff

 

 

 

Safety Staff

 

 

 

Transit Police Officers

 

 

 

Transit Security Officers

 

 

 

Rider Advocates

 

 

 

Deputy District Attorney

 

 

 

Bus and Rail Transportation

 

 

 

Transportation Staff and Supervisory

 

 

 

Full-Time Bus Operators

 

 

 

Part-Time Bus Operators

 

 

 

Rail Operators

 

 

 

Contracted Support

 

 

 

Field Operations

 

 

 

Field Operations Staff and Lead Supervisors

 

 

 

Bus Dispatchers and Rail Controllers

 

 

 

Bus and Rail Field Operations Supervisors

 

 

 

Fare Inspection Field Operations Supervisors

 

 

 

Accessible Transportation Programs

 

 

 

Administrative and IT Staff

 

 

 

Vehicle Operators

 

 

 

Vehicle Maintainers

 

 

 

Dispatchers

 

 

 

Bus Maintenance

 

 

 

Maintenance Staff and Supervisory

 

 

 

Mechanics, Helpers, Cleaners, Clerks, Storekeepers

 

 

 

Rail Maintenance (excl. Rail Facilities Mgmt)

 

 

 

Maintenance Staff and Supervisory

 

 

 

Mechanics, Cleaners, Clerks, Storekeepers

 

 

 

2.4 Passengers

This section of the SEPP should provide annual ridership statistics for the most recent year they are available. Ridership may be broken down mode of service and by day of week. Weekly and annual totals should also be provided. Major changes in ridership (increases, decreases, new service areas or expanded modes of service) should also be identified. Relevant statistics or information on system riders may also be included, such as: growth in population in service area, characteristics of typical riders (i.e., commuters, students, etc.), percentage of adults living in service are who ride the system at least once a month, and information on the usage of accessible services and paratransit service.

2.5 Services and Operations

In this section of the SEPP, the rail transit agency should provide information on the size, location, and function of the transit agency’s physical assets including; maintenance facilities, offices, stations, vehicles, signals, and structures for all modes. This information, for each mode of service, may include: hours of operation, the number of vehicles, the number of routes, number of vehicles typically in peak and off-peak service, frequency of vehicles, the types of facilities owned and operated by the system and the types of activities performed there, and the names and addresses of relevant locations.

2.6 Operating Environment

This section of the SEPP should describe the rail transit agency’s operating environment, including traffic conditions, rail alignment, weather, issues associated with special events or other activities, safety issues associated with the rail transit service, and levels of crime in the communities served by the rail transit agency.

2.7 Integration with Other Plans and Programs

This section of the SEPP should discuss how the SEPP is integrated with the System Safety Program Plan, the System Safety and Security Certification Program Plan, the Emergency Operations Plan, Incident Specific Response Plans, Facility Emergency/Evacuation Plans, and other documents and programs that affect security and emergency preparedness, including the Regional Transit Security Strategy. A brief description of each of these documents should be provided, as well as the management interface which ensures coordination at the rail transit agency.

For example, the rail transit agency may state that the System Safety Program Plan and the SEPP are companion documents, and both are in accordance with FTA regulations concerning safety and security of transit systems, as implement by the state oversight agency. The rail transit agency may also specify that the Emergency Operations Plan and supporting training, drills and exercises are critical elements which support and reinforce SEPP provisions and procedures. Finally, the rail transit agency may identify how the SEPP supports, and is supported by, the Regional Transit Security Strategy, including the identification of tasks and G&T grant allocations to support achievement of SEPP goals and objectives.

2.8 Current Security Conditions

This section should describe current security conditions and issues at the transit agency including the incidents of crime experienced on the system and relevant information on passenger fear/perceptions of security. Crime data should be provided, documenting the most recent year for which it is available. The types of security incidents (including Part I and Part II offenses and ordinance violations) and their frequency of occurrence on the transit system should be included. Also this section should provide context for this information, including a comparison of crime rates at the transit system over time and/or a comparison of crime rates from the rail transit agency with crime rates for the municipalities in its service area.

2.9 Capabilities and Practices

This section should summarize methods and procedures, devices, and systems utilized by the transit agency to minimize security incidents throughout the transit system. In addition, this section should also address activities performed to reduce passenger fear. This section should not provide detailed information on the security/police function or distinct security roles and responsibilities of specific elements of the rail transit organization (this information will be provided in Chapter 3). Instead, this section is intended to provide a broad overview of the types of activities performed by the rail transit agency to address the security conditions described in Section 2.8. In preparing this section, the rail transit agency may want to consider the following types of descriptions:

Other Security Programs may be in place to address a range of passenger security issues and concerns, including:

Security-related features of the rail transit agency’s vehicles, facilities and communication systems include the following:

3.0 SEPP Management Activities

The purpose of Chapter 3 is to identify responsibilities for managing the rail transit agency’s SEPP program, including its conception, development, implementation, evaluation, review, and update. This Chapter will first identify responsibilities of senior management for specific functions necessary to create the SEPP and its supporting program. Then, responsibilities for SEPP implementation will be detailed for the security/police function, for the other rail transit agency departments/functions, and by job title. The role of external agencies in supporting SEPP development, implementation and evaluation will also be explained. Finally, this chapter will describe the committee(s) established by the rail transit agency to manage and coordinate security issues across departments/functions.

3.1 Responsibility for Mission Statement and System Security Policy

This section should define the authority and responsibility for the security organization, including but not limited to:

Typically, this section of the SEPP will discuss the role of the General Manager in preparing, revising, reviewing and signing the policy statement and the role of the head of security/police function and his or her staff in preparing, revising and reviewing the SEPP. It should be noted that annual reviews are now required by FTA’s 49 CFR Part 659 and the state oversight agency, regarding a determination of whether the SEPP should be updated. The head of the security/police function is typically responsible for ensuring that this annual review is performed and that the results are conveyed to the state oversight agency according to procedures and time-frames specified in the oversight agency’s Program Standard. This section may quote or reference the SEPP Memorandum of Executive Approval/System Security Policy.

3.2 Management of the SEPP Program

This section of the SEPP needs to identify the person or people in charge of managing transit security and emergency preparedness and the SEPP program. Two basic structures for managing the program are possibly dependent on the size of the transit system. In a small rail transit system that lacks its own police or security department, the General Manager or Operations Manager may play a large role not only in setting SEPP policy, but in actually overseeing the plan and carrying it out on a regular basis.

In larger rail transit systems, although the General Manager is ultimately responsible and accountable for system security and emergency preparedness, it is expected that another individual, most likely the Manager or Chief of the security/police function, will be responsible for coordinating the daily activities outlined in the SEPP. Other individuals within the security/police function may be designed to support the Manager or Chief in overseeing implementation of the SEPP.

Although it may appear self-evident which arrangement governs the plan, this section should state clearly and unequivocally which structure is in effect and should present the general reporting responsibilities regarding security for the entire organization. Specifically, this section should address who is responsible for these ten critical SEPP management activities:

  1. Defining ultimate responsibility for secure rail transit system operations.
  2. Communicating that security is a top priority for all rail transit employees.
  3. Advocating for, and allocating security program resources; directing day-to-day security operational activities (including tactics, intelligence and analysis); and assessing security performance.
  4. Developing and explaining relations with outside organizations that contribute to the rail transit agency's security and emergency preparedness program.
  5. Developing relations with local, state and federal security-related agencies, including security oversight roles of FTA's state Safety Oversight and Project Management Oversight (PMO) programs, security oversight role of DHS TSA, and emergency preparedness roles of DHS G&T, the state Office of Homeland Security, the region's emergency management group or committee, and Urban Area Security Initiative, Point-of-Contact Working Group.
  6. Explaining the mechanism for bringing security concerns to the attention of the appropriate rail transit agency official or group.
  7. Identifying potential security concerns in any part of the rail transit agency's operations.
  8. Explaining the liaison between rail transit employees and other security and emergency preparedness groups, committees and functions at the rail transit agency, for the purpose of addressing employees' security concerns.
  9. Actively soliciting the security concerns of employees.
  10. Working to ensure the rail transit agency's security and emergency preparedness program is carried out on a daily basis.

A matrix could also be used to present these 10 activities and to identify which management positions have responsibility for their implementation (i.e., General Manager, Manager, the Manager or Chief of the security/police function, the Commander of the Transit Police Division, the rail transit agency’s Security Committee(s), the heads of various rail transit departments/functions, and operations and maintenance supervisors).

3.3 Division of Security Responsibilities

3.3.1 Security/Police Function Responsibilities

This section should present a detailed description of the security/police function, including staff, the qualifications of the personnel, any planned short- or long-term additions to the security organization's mission, and any additional staff which may be required. Specific roles and responsibilities should also be identified.

In preparing this section of the SEPP, the rail transit agency should consider including:

In addressing this last category, the rail transit agency may consider the following examples.

In describing the roles and responsibilities of the Manager or Chief of the security/police function, the rail transit agency may identify the following activities:

The security functions and responsibilities of the Commander, Transit Police Division may include:

In another example, Transit Police Officers may be responsible for:

3.3.2 Security Responsibilities of Other Departments/Functions

This section of the SEPP should provide an overview of the other rail transit agency departments/functions that support the security/police function in implementing the SEPP. This section should contain a narrative description of the general roles and responsibilities performed by each department/function and how that department/function interfaces with the security/police function. As a guideline, no more than two or three paragraphs should be devoted to describing the security responsibilities of each other department/function within the rail transit agency.

3.3.3 Job-specific Security Responsibilities

This section should review and list the titles of all line and staff positions of the other departments/functions within the transit system and summarize their respective security responsibilities. In preparing these lists, rail transit agency’s may to consider the following examples.

Rail operators have an important role in system security and emergency response. They are expected to:

Rail supervisors have specific security and emergency responsibilities as well as a general responsibility for monitoring employees’ compliance with the agency’s security procedures. For this reason, rail supervisors should have full knowledge of security rules and procedures, and should communicate them on an ongoing basis so as to encourage other employees to incorporate security practices into their daily work activities. Specifically, rail supervisors are to:

Rail controllers are expected to:

3.3.4 Security Task Responsibilities Matrix

A security task responsibilities matrix should be presented showing interfaces and the key reports or actions required, including the frequency of those reports or actions. An example of a security task matrix, organized by SEPP section, is displayed Figure 1 below.

Figure 1 SEPP Program Roles and Responsibilities Matrix

For rail transit agencies choosing to take another approach, the task matrix can also be organized by specific tasks identified to implement the goals and objectives presented in Section 1.2. Or, as an alternate approach, rail transit agencies can organize their task matrices using a combination of specific activities to be performed to achieve goals and objectives and the SEPP plan organization.

3.3.5 Responsibilities of External Agencies

This section should briefly identify the external agencies that the rail transit agency works with in implementing its SEPP. As appropriate, reference may be made to Section 1.6 (Government Involvement) of this plan. For each external agency listed, this section of the SEPP should identify their specific responsibilities in supporting the SEPP (i.e., providing funding, training or technical assistance, reviewing and approving plans, etc.).

In addition, this section of the SEPP should also describe the rail transit agency’s relationship with the state safety oversight agency. This section should briefly summarize the requirements specified by the state oversight agency for SEPP development and implementation and other security activities, and the activities that must be performed by the state oversight agency.

The role of G&T and TSA in reviewing the SEPP should also be specified.

3.3.6 Security Committees

This section of the SEPP should identify the committee or committees established by the rail transit agency to address security issues. In the rail transit environment, the security committee(s) generally reports to top management through the chief operating officer or director of operations. The major task of this committee(s) is to identify and resolve potential security risks that the transportation system may encounter during operations. In preparing this section, the rail transit agency may consider the following example:

Coordinating and leading planning for the rail transit agency's SEPP program development is an essential job function of the Manager or Chief of the security/police function. In performing this activity, the Manager or Chief chairs the rail transit agency's Security Committee, consisting of the following:

The Security Committee also includes two rail operator representatives and one front-line maintenance employee representative.

Members of the Security Committee, in their respective security-related functional roles, contribute directly to planning the security and emergency preparedness program. The Security Committee meets at least once monthly. It extends the scope and effectiveness of the management of the security program, by assuring involvement and collaboration of all rail transit agency departments/functions in security program development and implementation, and by advising on development and evaluation of the program.

Security Committee meetings include reviews of:

4. SEPP Program Description

Chapter 3 identified the rail transit agency’s approach to managing the SEPP, and specified the SEPP-related responsibilities of management and line positions within the security/police function and the other rail transit departments/functions. Chapter 4 demonstrates how the SEPP management functions and responsibilities identified in Chapter 3 are integrated into a cohesive and effective program. The elements of this program are presented using the POETE categorization specified by DHS/TSA and G&T in implementing the National Preparedness Goal: Planning, Organization, Equipment, Training/Procedures, and Emergency Exercises and Evaluation. Examples for how rail transit agencies could address each of these five categories of activities are provided in Sections 4.1 through 4.5 below.

NOTE: In describing implementation of the SEPP program, rail transit agencies who are not participating in the G&T Transit Security Grant Program may use the traditional categories, previously recommended in FTA guidance: Planning, Proactive Measures, Training, and Day-to-Day Activities. Or these rail transit agencies may choose to use the POETE categories, since either organizational scheme provides the same general information.

4.1 Planning

Planning for the SEPP program includes developing internal agency plans to address SEPP issues during rail transit agency operations; budgeting for system security and emergency preparedness functions; addressing security requirements in system design and safety/security certification for extensions and major projects, renovations and rehabilitations; and coordinating with local emergency management agencies and public safety agencies to ensure integration of the rail transit agency into response community plans for major criminal events, terrorist activities (including the use of Improvised Explosive Devices [IEDs] and the release of Chemical, Biological, Radiological, Nuclear and Explosive [CBRNE] agents), and natural disasters.

Internal Planning: Planning is an integral part of maintaining and operating a secure rail transit system. Stemming from state safety oversight requirements and DHS/G&T regulations and requirements, the rail transit agency has developed a set of plans to document its combined activities to address issues affecting the safety and security of passengers and employees, the agency’s ability to protect its infrastructure from crime and terrorism, and the agency’s capabilities to provide effective emergency response to a wide range of emergencies. To this end, the rail transit agency has developed this SEPP, as well as a System Safety Program Plan, a System Safety and Security Certification Program Plan, an Emergency Operations Plan, and a set of Incident Specific Response Plans for severe weather and natural disaster, a range of accident types and fires, and major crimes and terrorism.

Wherever possible and appropriate, these plans address state oversight agency requirements as well as DHS Homeland Security Presidential Directives (HSPDs) requiring implementation of the National Response Plan, the National Incident Management System, the National Infrastructure Protection Plan, and the National Preparedness Goal. In addition, the results of internal and external assessments performed at and by the agency addressing SEPP-related issues are also integrated into these plans, including needs assessments and threat and vulnerability assessments.

Budgeting: The rail transit agency's annual capital budget recommendations are developed by a senior staff group called the Capital Committee. The Executive Director, Operations is represented on the Capital Committee by the Director, Operations Planning and Development, who assures that the security capital improvement needs are incorporated into the rail transit agency's annual capital budget development process and 5-year Capital Improvement Program (C.I.P.) forecast. The rail transit agency’s security/police function provides an annual budget request. Rail transit agency committees also identify needed security and emergency preparedness improvements and make recommendations to the Director, Operations Planning and Development. Finally, the results of needs assessments and regional plans for communications interoperability and terrorism early warning systems are also shared with the Capital Committee.

Security Requirements in Design: The rail transit agency addresses security in planning for system modifications, extensions and rehabilitations. Using selected design features and technologies, crime and terrorism prevention capabilities are accomplished through an integrated approach based on CPTED principles. The rail transit agency requires all drawings and specifications to be reviewed by an American Society for Industrial Security (ASIS) Board Certified Protection Professional (CPP) who reviews them for CPTED concepts and upon acceptance, stamps the drawings and approves the specifications. Security reviews are conducted throughout the design process, and during construction, security features are assessed for their compliance with specifications, prior to being accepted and placed into service. The security/police function has both formal and informal input into design decisions that affect passenger, employee, and equipment security. In addition, the rail transit agency has developed Security Design Criteria, which ensure that CPTED principles are applied to all aspects of facilities and vehicle design. FTA's Transit Security Design Considerations is incorporated by reference into the design criteria, as a comprehensive CPTED guide.

The rail transit agency’s security planning in development of new transit projects is formalized through the Safety Certification Program. As described in the rail transit agency’s System Safety Program Plan and System Safety and Security Certification Program Plan, the rail transit agency conducts a safety certification process to ensure that safety concerns and hazards are adequately addressed prior to the initiation of passenger operations for new start rail transit projects and for major modifications to rail transit systems. The intent and practice of the safety certification program is that security considerations are integrated into the safety certification process, in the same manner as safety considerations.

To conduct this process, the rail transit agency specifies use of its security design criteria, a set of safety and security design reviews performed by several groups devoted to safety and security issues, including the Safety and Security Task Force, Fire/Life Safety and Security Committee, contracted safety and security engineering support, the rail transit agency’s system safety and security/police functions, and the agency’s standing committee for configuration management, and an extensive verification process to ensure that security elements specified in the design are actually built into the delivered project. Testing, start-up, training and emergency readiness issues are also addressed in this process.

Coordination for Regional Emergency Preparedness Capabilities: Following the events of September 11, 2001, and all subsequent DHS directives and guidance calling for a permanently heightened level of security awareness and emergency preparedness, officials from the rail transit agency have been working closely with officials of the region's emergency management organizations to: (1) include the rail transit agency as a full-fledged member of regional organizations and working groups established by emergency management and public safety organizations for purposes of planning and preparing for regional emergency responses, and (2) assure appropriate inclusion of the rail transit agency in the emergency response and security alert procedures of the region's Emergency Operations Centers.

The rail transit agency has coordinated with both local and county governments and the emergency management agencies in its service area to support on-going development and revision of their respective Emergency Operations Plans and supporting incident management and response protocols and resource inventories. The rail transit agency has also partnered with the major municipality in its service area to develop a Downtown Evacuation Plan, to ensure effective response to no-notice evacuations and emergencies, including events related to IED and CBRNE, earthquakes, fires and flooding.

The rail transit agency has established MOUs with local law enforcement, emergency medical services, fire departments, hospitals and other transit providers in the region. These MOUs provide direction and clarification regarding response to an incident occurring on the rail transit agency, and how the rail transit agency may support response to area-wide emergencies.

In addition, the rail transit agency, working with the Regional Transit Security Working Group and the region’s Urban Area Security Initiative agencies, has developed and implemented the Regional Transit Security Strategy. The RTSS provides the integration point between the individual, risk-based SEPPs of the rail transit agencies in the region, and the overall security goals and objectives established for the region. The RTSS demonstrates a clear linkage to the applicable state and urban area homeland security strategies developed or currently being developed. For G&T’s Transit Security Grant Program, it is expected that the SEPPs and the RTSS will serve as the basis on which funding is allocated to address regional transit security priorities, and the vehicle through which the rail transit agency may justify and access other funding and resources available on a region-wide basis through the UASI program.

4.2 Organization

Capabilities for the rail transit agency’s response to major crimes, terrorism and natural disaster emergencies are organized following the Incident Management Organization specified in the rail transit agency Emergency Operations Plan, as well as the procedures identified in rail rulebooks and SOPs/Emergency Procedures, the agency’s Crisis Communications Plan, the security/police function’s General Orders, the agency’s Incident Specific Response Plans, and internal transit facility emergency emergency/evacuation plans. The rail transit agency’s Incident Management Organization provides an organized command and control structure to ensure (1) coordinated response across the agency’s departments/functions and (2) adequate resources are mobilized during emergency incidents. The rail transit agency’s Incident Management Organization is akin to the Incident Command System (ICS) used by local responders. This organization enables the rail transit agency to integrate effectively with the ICS established by public safety and emergency management agencies, complying with the terms of both NIMS and the Major Emergency Incident Management System protocols established for the regional area.

These capabilities are coordinated and integrated with external jurisdictions and regional emergency preparedness plans, such as the municipal and county Emergency Operations Plans and the Downtown Evacuation Plan. Specific rail transit agency capabilities are also documented in the Regional Transit Security Strategy.

Specifically for terrorism, the rail transit agency recognizes that unique capabilities are provided by public safety responders in the region for addressing a range of terrorism-related events, including CBRNE and IED events occurring on or adjacent to rail transit property. Further, as specified in the Regional Transit Security Strategy, the rail transit agency has identified these capabilities and also has established its own resources to prevent, detect, respond to and recover from these events.

The organization of terrorism or emergency incident response teams in the rail transit agency’s service area includes the following capabilities: canine teams, explosive ordinance disposal, hazardous materials, underwater dive teams, special weapons and tactics, emergency medical services, medical surge teams, and urban search and rescue. These teams are available throughout the rail transit system’s service area.

Capabilities to collect, analyze, and disseminate information on potential threats to the region's transit systems include:

In additional capability desired is inclusion of public transportation agencies in development of a Terrorism Early Warning (TEW) system for the region. The state Office of Homeland Security is establishing a Strategic Analysis Information Center (SAIC) to effectively collect and share information from many different sources. The SAIC is designed to integrate existing local, state and federal information systems to create a central “fusion” center. The center will partner with many different sources of information, fusing relevant information and distributing valuable information to private and public sectors, first responders and investigators.

Policies or procedures to coordinate within this organizational structure to share information include:

4.3 Equipment

Through the administration of DHS and FEMA grants in the rail transit agency’s service area, first responders have obtained equipment, training and certification to support response to security and CBRNE events as well as natural disasters. Regional procedures, drills and exercises are being developed to ensure these capabilities. Through the state Emergency Management Agency, this activity has been coordinated with the Terrorism Annex of the state Emergency Operations Plan, as well as the state Homeland Security Assessment and Strategy. Based on the results of this assessment and strategy, specific equipment needs have been identified, prioritized and are being addressed in each of the state’s counties and major municipalities. Regional UASI working groups are also coordinating with the state Senior Interagency Coordinating Group (SICG) and the state Security Task Force to address the need to achieve greater terrorism and natural disaster preparedness and to work toward statewide response capabilities, including the acquisition of additional equipment.

The rail transit agency also has equipment to support its capabilities to detect, prevent, respond to and recover from security and terrorism events and to manage natural disasters:

The rail transit agency also has a variety of equipment in place to ensure the integrity of the following:

The rail transit agency has also identified the following equipment needs for optimum IED/CBRNE prevention, detection and response within the regional transit sector:

4.4 Training and Procedures

Training: At the rail transit agency, training for SEPP-related topics is performed to ensure that:

Training typically addresses rules, policies, and procedures, as well as many of the hazards in the transportation environment (e.g., live power, track and roadway safety, hazardous materials and alternate fuels, medical emergencies or blood-borne pathogen awareness, personal safety, and injury prevention). The rail transit agency also has established an emergency response agency familiarization program that provides orientation for local law enforcement, fire personnel, and medical services regarding the transportation environment and its vehicles.

The rail transit agency has performed basic security awareness or first responder awareness training, which emphasizes topics, such as:

The rail transit agency offers a variety of training programs to support SEPP implementation, as SEPP elements are integrated into including initial and refresher training programs provided to all employees. In addition the rail transit agency provides general security awareness training to all operations and maintenance departments and holds special seminars devoted to SEPP topics with supervisors, managers and the rail transit agency’s executive leadership. A brief summary of key training activities performed by the rail transit agency to address the SEPP appears below:

SEPP Training Campaigns:

Security/Police Function: Employee awareness: Customer awareness: NIMS/ICS: Familiarization Training

An overview of training offered by the rail transit agency is provided in Figure 2 below.

Figure 2 Training Course Offered by a Rail Transit Agency

Procedures: Rail operators, rail controllers at the rail transit agency’s Operations Control Center, rail supervisors, transportation and maintenance personnel, and security/police function personnel use Standard Operating Procedures (SOPs) and associated Rulebooks for normal, special, and emergency operations. Most procedures supporting system security are embedded in the operations SOPs pertaining to emergency operations, communications, and response, just as system safety is embedded into operating procedures. Some security procedures are stand-alone SOPs. Training on SOPs and Rulebooks applicable to respective employee jobs is the core element of operations training for the respective jobs, serving as the primary mechanism for safety and security training for employees. To illustrate the scope of security-related and emergency management-related SOPs, a list of selected SOPs which apply to the rail operation appears below.

In other procedures-related activities, the rail transit agency is:

The rail transit agency has also adopted specific procedures for Homeland Security Advisory System (HSAS) threat level changes; when advisory is raised, heightened security sweeps and surveillance patrols for vehicles and stations are put into effect.

Rail transit agency activity to ensure compliance with both training programs and procedures implementation is discussed in Chapter 6 of this SEPP and is also described in the System Safety Program Plan.

4.5 Emergency Exercises and Evaluation

Rail transit agencies are vulnerable to a range of events which may result in emergencies. The list below illustrates some of the most likely of these events, organized into categories of naturally occurring and human-caused events, intentional and unintentional.

Naturally Occurring:

Human Caused - Intentional:

Human Caused - Unintentional:

An exercise is a focused practice activity that places the participants in a simulated situation, which requires them to function in the capacity that would be expected of them in a real event. A good exercise, that is well evaluated, reveals inconsistencies in plans, highlights deficiencies in resources, and underscores the need for additional training.

Going directly into a real emergency operation without exercising involves substantial risks. For example, many participants may not know or thoroughly understand their emergency responsibilities and how they relate to activities performed for other elements of the response; equipment may not function as expected; or procedures may not be as effective as anticipated. Such risks, when thoughtfully considered, are unacceptable to most transportation agencies. Accordingly, a broad spectrum of exercise activity is necessary if functional emergency response and recovery capability is to be realistically assessed and improved.

Well-designed and executed exercises are the most effective means of:

Exercises are also an excellent way to demonstrate community resolve and cooperation to prepare for disastrous events. Review of successful responses to emergencies over the years has shown that pre-emergency exercising pays huge dividends when an actual emergency occurs. This is especially true in instances where communities were involved full-scale exercises that tested the range of response activities, communications protocols, and resources to be applied.

In the rail transit environment, exercises provide an effective way to implement and fine-tune an agency’s emergency plan, provide training, and improve system safety and security. Additionally, as providers of a public service, rail transit agencies have a responsibility to:

Exercises help the rail transit agency to fulfill these responsibilities. Transit agencies that integrate exercise and evaluation programs into their preparedness activities can more efficiently and effectively execute their emergency response plans during an actual event.

Since the mid-1980s, federal, state and local agencies involved in the design, conduct and evaluation of emergency exercises have emphasized the importance of a progressive exercise program. This approach encourages each rail transit agency to organize and prepare for a series of increasingly complex exercises, using a process where each successive exercise builds upon the previous one to meet specific operational goals. This program is coordinated using a set of project management tools that promote defined goals, measurable objectives, formal schedules, and dedicated resources.

A progressive program implements a cycle of emergency planning, training, exercises, and improvement actions. This cycle is used to direct and schedule exercise activity, and then to ensure that identified improvements are addressed. This program begins with the establishment of a three-year exercise cycle. Within this cycle, targeted areas of focus are then identified based on formal needs assessments, threat and vulnerability assessments, and the recommendations of senior personnel. For example, target areas may include the use of communications equipment and systems across multiple jurisdictions, the integration of rail transit resources into the incident/unified command system established by local responders, and/or the performance of specific types of activities in the rail transit environment (de-energizing and re-energizing third rail or overhead catenary systems, station and vehicle evacuations, or procedures for managing suspicious packages in transportation facilities and on vehicles).

Next, emergency response plans, policies, procedures, immediate actions and job aids are developed or existing documents are reviewed in these focus areas, and training is provided (or the quality of existing training is assessed). Then, over the course of the three-year cycle, increasingly more complex types of exercises are conducted to assess and reinforce critical activities within the target areas of focus. Each exercise is evaluated, and results are incorporated into the planning development process. As indicated in Figure 3 below, following this “building block” approach, over the three-year cycle, the rail transit agency will conduct seminars, workshops, tabletops, games, drills, functional exercises and, culminate in a full-scale exercise.

Figure 3 Building Block Approach to Exercises

To support effective SEPP implementation, the rail transit agency has already developed its Three-year Exercise Schedule and Program. Following this schedule, the rail transit agency has already conducted security awareness seminars and workshops and will continue this approach for presenting its revised Incident Management Organization and Emergency Operations Plan, as well as basic requirements for NIMS/ICS. The rail transit agency has also conducted a tabletop regarding an Improvised Explosive Device in a rail transit station. Executive Leadership has already participated in “war gaming” conducted by the American Public Transportation Association and co-sponsored by the Transit Cooperative Research Program.

Drills and spot-inspections are routinely conducted by operations and maintenance supervisors to ensure transit personnel knowledge of and compliance with a variety of safety and security-related policies and procedure. The rail transit agency is currently planning and developing both a functional exercise and a full-scale exercise with regional UASI and RTSWG partners, using its newly developed Incident Management Organization, and the NIMS and Incident Command models used by regional emergency management and public safety agencies. These two exercises will address (1) the IED prevention and response requirements and the (2) regional CBRNE exercise plan requirements pursuant to HSPD-8 and the Regional Transit Security Strategy.

In 2002, the rail transit agency received an Emergency Preparedness Drills grant from FTA. The purpose of the drills was to exercise the rail transit agency’s plans and protocols during a Weapons of Mass Destruction event. A table-top exercise was held in July 2003 involving an unknown explosive device left in a rails station receiving passengers for a sold out sporting event. A full-scale exercise was held November 2003 involving aerosol dispersal of an unknown substance on a rail vehicle train spraying transit passengers that who had boarded to depart the airport station. Shortly after these exercises, the rail transit agency filed after-action reports with both FTA and the state oversight agency.

The region’s Urban Area Security Initiative, Point-of-Contact working group members continually share opportunities for joint exercises. A single, coordinated Urban Area (UA) exercises planning calendar is updated monthly by the members. Additional coordination of the UA's exercise calendar is performed monthly by the technical committee of the UA's Regional Emergency Management Group (REMG), which includes UAPOC members and leaders of UA functional discipline working groups. The rail transit agency, represented on both the UAPOC and REMTEC committees, encourages the UA's responder and emergency management agencies to situate exercises on the transit system whenever possible, for mutual benefit to responder organizations and the transit system.

A highly collaborative culture exists in the regional UA among responder and emergency management agencies, with long-standing support to transit system incidents. As a result, there are ongoing exercises in the regional UA involving the transit system, which at the same time fulfill exercise objectives of the sponsoring responder or emergency management agencies. Examples of these regional drills involving the rail transit agency include: Regional bioterrorism tabletop (sponsored by regional Public Health organizations); Regional earthquake full-scale (sponsored by County Emergency Management Agency); Plane crash full-scale exercise at Municipal Airport (sponsored by the airport); and Multi-agency terrorism explosive tabletop (sponsored by the state Emergency Management Agency).

To support the evaluation of emergency exercises, the rail transit agency has committed to following the methodology specified in G&T’s Homeland Security Exercise and Evaluation Program Volume II: Exercise Evaluation and Improvement. This volume identifies DHS mission outcomes in support of the National Preparedness Goal, and provides guidelines for preparing an Exercise Evaluation Guide, to provide evaluation and performance measures to be used during rail transit exercises, which assess results in terms of DHS mission outcomes. This volume also provides guidance on developing after action reports compliant with G&T requirements. While the rail transit agency has not yet applied for funding assistances from the DHS Homeland Security Exercise and Evaluation Program, it may do so in the next year.

5.0 Threat and Vulnerability Identification, Assessment, and Resolution

Chapter 5 of the SEPP outlines the rail transit agency’s process for managing threats and vulnerabilities during operations, and for major projects, extensions, new vehicles and equipment, including integration with the safety certification process.

Threats are defined as “any real or potential condition that can cause injury or death to passengers or employees of damage to or loss of transit equipment, property, and/or facilities.” Threats range from the extreme of CBRNE releases to more common events such as theft of service, pick-pocketing, graffiti and vandalism.Vulnerabilities are defined as “characteristics of passengers, employees, vehicles, and/or facilities which increase the probability of a security breach.”

Threat and vulnerability assessment provides an analytical process to consider the likelihood that a specific threat will endanger the rail transit system. Threat and vulnerability analysis can also identify activities to be performed to reduce risk of a security threat and mitigate its consequences. Threat and vulnerability assessment methodologies offer rail transit decision makers a consistent and mutually agreed-upon process for addressing security risks.

Given the size and ubiquitous nature of the rail transit network, decision makers cannot possibly protect every element of the transportation infrastructure from every type of security event. Nevertheless, an informed threat and vulnerability assessment process can provide a structured and systematic way to ensure that the rail transit agency receives a maximum level of security for its investment. This process will also focus resources where they are most needed to reduce vulnerabilities with the greatest potential for significant harm in the rail transit network.

Recent events have raised expectations that those entrusted with planning, designing and operating the nation’s transportation infrastructure are making adequate provisions to mitigate security risks. As shown in Figure 4 below, DHS/G&T, FTA, FHWA, and a Blue Ribbon Panel of transportation and security experts have also issued guidelines and recommendations which address threat and vulnerability assessment.

Figure 4 Existing Guidelines for Transportation Threat and Vulnerability Assessment

As required by FTA’s revised 49 CFR Part 659 and the state oversight agency, in performing the threat and vulnerability assessments to be documented in Chapter 5 of the SEPP, rail transit agencies should, at a minimum, reference the process specified in “Chapter 5: Reducing Threat and Vulnerability” in FTA’s Public Transportation System Security and Emergency Preparedness Planning Guide (January 2003), available on FTA’s safety and security website at: http://transit-safety.volpe.dot.gov .

For those rail transit agencies participating in the DHS G&T Transit Security Grant Program, other practices may be referenced, such as adoption of the threat and vulnerability assessment process specified in G&T’s Special Needs Jurisdiction Tool Kit, or a process jointly developed by the rail transit agency and G&T as a result of G&T’s Technical Assistance Program for Risk Assessment. The G&T program follows an approach similar to what is described in FTA’s Public Transportation System Security and Emergency Preparedness Planning Guide, which is a referenced requirement in the DHS Transit Security Grant Program application.

In preparing this SEPP chapter, the rail transit agency should begin by describing the methods the transit system will use to prioritize critical assets and to identify threats and vulnerabilities to those assets. Once threats and vulnerabilities have been systematically identified, they should be assessed to determine their impact on both the affected asset(s) and the entire system, to ensure that the greatest risks to the agency, its passengers and employees are identified. Finally, the process used by the rail transit agency to make decisions regarding whether potential impacts from identified threat and vulnerabilities will be accepted, mitigated or eliminated, should be explained. For each of these activities, the SEPP should also identify the department/function responsible.

In addressing these three elements, FTA’s recommended methodology from its System Security and Emergency Preparedness Planning Guide is presented graphically in Figure 5 figure. The G&T Special Needs Jurisdiction Risk Assessment Process is summarized on the page following. In this SEPP chapter, the rail transit agency can describe whichever approach is the most appropriate for its operations and its status in the G&T Transit Security Grant Program.

5.1 Threat and Vulnerability Identification

This section of the SEPP should begin by describing the methods the transit system will use to identify security and terrorism-related threats and vulnerabilities. Typically, this process begins with the identification and prioritization of rail transit agency assets. Then, using the rail transit agency’s process for security data collection and analysis, specific threats and vulnerabilities are identified for each prioritized asset.

Figure 5 FTA’s Threat and Vulnerability Process

G&T Special Needs Jurisdiction Risk Assessment Process

5.1.1 Asset Analysis

In security terms, assets are broadly defined as people, information, and property. For rail transit agencies, the people typically include passengers, employees, visitors, and contractors, vendors, nearby community members, and others who come into contact with system. Information includes operating and maintenance procedures, vehicle control and power systems, employee information, computer network configurations and passwords, and other proprietary information. The range of rail transit assets that a SEPP program might consider is presented below.

Rail Transit Assets

In reviewing assets, the rail transit agency should prioritize which among them has the greatest consequences for people and the ability of the system to sustain service. These assets may require higher or special protection from an attack. In making this determination, the system may wish to consider:

There are a variety of worksheets which may be used by the rail transit agency in identifying which assets in their operations would produce the greatest losses to the system and the community. Worksheets are included in the System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process. G&T’s on-site technical assistance program also supports the activities of rail transit agencies in identifying critical assets.

Based on the results of the completed worksheets, the rail transit agency should have a listing of its most important assets. Rail transit agencies participating in G&T programs should share this listing with the Regional Transit Security Working Group and the Urban Area Security Initiative Point-of-Contact Working Group to support regional prioritization of assets and security planning.

Rail transit agency departments/functions responsible for the identification of critical assets typically include the capital/planning department/function, the system safety function, and the security/police function.

5.1.2 Security Data Collection for the Identification of Threats and Vulnerabilities

The rail transit agency’s security/police function is often the central point for collection, assessment, reporting and recordkeeping of security data and information involving the rail transit system. The rail transit agency’s security database includes standard crime analysis codes, and information sorted by geographic location, geographic area, day of week, time of day, and train route. Analysis of the security database is conducted continually to indicate patterns of criminal behavior occurring on the rail transit system, as a valuable tool used to help determine deployment of security resources on the system. The rail transit agency’s security/police function also receives security threat and crime intelligence through law enforcement sources in the region continually and concurrently, for assessment and incorporation into security personnel resource deployments and tactics and rail transit agency operations orders. Security data and information inputs to the security/police function include:

In addition, the rail transit agency is a member of the U.S. DOT and APTA-sponsored Surface Transportation Information Sharing and Analysis Center (ST-ISAC), and monitors daily threat information reported by ST-ISAC. The rail transit agency’s security/police function is also provided transit-related intelligence information from the regional FBI Joint Terrorism Task Force (JTTF). The rail agency will also join the state-wide terrorism early warning system, when it is operational next year.

Every effort is made to compile all security-related data and reports into the most complete accounting of transit system security information possible. The designated Security Data Coordinator for the security/police function reviews security data and information for accuracy and completeness on an on-going basis, and makes determinations regarding the reliability of the information available as an appropriate basis for security operations and tactics.

5.1.3 Other Sources of Information – Security Reviews, Testing and Inspection Programs

The rail transit agency’s threat and vulnerability identification process also includes security testing and inspections. These activities are geared toward ensuring that equipment is operating properly, is readily available when needed, and that employees are proficient in the use of the equipment. To accomplish this, testing programs are developed for specific systems and equipment that not only assess the current state of security, but can also be used to upgrade staff effectiveness through training.

The rail transit agency conducts formal reviews of every incident on its transit system which may require changes in or additions to operating procedures, training programs, or to the design of vehicles, equipment or facilities. Security or emergency incident reviews are generally conducted through the rail transit agency’s Security Committee. The rail transit agency’s security/police function typically leads the review process for security or emergency incidents. The incident reviews identify causes, and corrective actions, as appropriate.

The rail transit agency has designated employees at each of its operating facilities and office buildings, responsible to coordinate with occupant work groups at each facility and the rail transit agency’s security/police function to assure that internal security procedures are identified and followed, and that appropriate physical features and equipment for building/site security are identified, implemented and maintained at each work facility. At a typical operations facility, the security representatives are the maintenance and transportation operations managers of that location. In addition, monthly safety inspections of operating facilities, which are performed by these personnel, include inspections of security-related items. Managers responsible for maintenance of the respective facilities are responsible to correct any security items found non-compliant by the monthly safety/security inspections.

The rail transit agency security/police function also supports facility security representatives and operations managers by providing security assessments of transit system assets such as transit centers, park/ride facilities, light rail tunnel and stations, and operations facilities. Supplemental or update assessments may occur whenever prompted by identification of a vulnerability or in corrective action resulting from a security breach incident review.

Within the security/police function, security data and information is processed in three (3) functional areas:

Security data and information outputs from the security/police function include:

In addition, the Operations Control Center reports rail transit security incidents meeting specified thresholds to the state oversight agency, as required in 49 CFR Part 659. Every effort is made to issue these reports within two-hours of incident occurrence, as per the standard of 49 CFR § 659.33. Full investigations are conducted of these events, and corrective action plans are developed, reviewed and approved by the state oversight agency, and tracked through to implementation by the security/police function.

As security issues are identified, they are documented and addressed through security design criteria; development of new procedures and practices; employee training; changes in the deployment of security personnel; and targeted integration with relevant local law enforcement and regional emergency management agencies. The security/police function takes the lead in coordinating rail transit agency activity to address the results of security information collection.

5.1.4 Identifying Threats for Prioritized Assets

Based on this security information collection and analysis process described above, the rail transit agency will identify specific threats for its list of prioritized assets. This activity is termed “threat analysis.” Threat analysis defines the level or degree of the threats against a prioritized asset by evaluating the intent, motivation, and possible tactics of those who may carry them out. The process involves gathering historical data about the ways in which criminals have perpetrated crimes on the systems and also, for terrorism, identifying ways in which threats could be carried out again the system. In performing this assessment, the rail transit agency should identify and evaluate which information, from all that is collected, is relevant in assessing the threats against the prioritized assets. This activity may be performed by the security/police function with the support of a consultant and the system safety function.

Specifically for terrorism, possible methods of carrying out hostile actions in the transportation environment are identified below. Historical examples are provided for reference and consideration, as well as the types of weapons typically used in these attacks.

Attack Type: Explosive and Incendiary Devices

Historical Examples and Types of Weapons Used:

Attack Type: Exterior Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Stand-off Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Ballistics Attacks

Historical Examples and Types of Weapons Used:

Attack Type: Networked/Inside Access: Forced Entry; Covert Entry; Insider Compromise; Visual Surveillance; Acoustic/ Electronic Surveillance

Historical Examples and Types of Weapons Used:

Attack Type: Cyber Attack

Historical Examples and Types of Weapons Used:

Attack Type: Chemical, Biological, Radiological, & Nuclear (CBRN) Agent Release

Historical Examples and Types of Weapons Used:

Identified threats for each prioritized asset may be recorded in worksheets or databases are maintained by the rail transit agency’s security/police function. Sample worksheets are included in the System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

5.1.5 Identifying Vulnerabilities

Vulnerability is anything that can be taken advantage of to carry out a threat. This includes vulnerabilities in the design and construction of a facility, in its technological systems, and in the way a facility is operated (e.g., security procedures and practices or administrative and management controls). To identify vulnerabilities, the rail transit agency should pair prioritized assets with identified threats to create scenarios. This activity is termed “vulnerability analysis.”

Vulnerability analysis identifies specific weaknesses with respect to how they may invite and permit a threat to be accomplished. Vulnerabilities are commonly prioritized through the creation of scenarios that pair identified assets and threats. Using these scenarios, transportation agencies can evaluate the effectiveness of their current policies, procedures, and physical protection capabilities to address consequences.

In conducting its vulnerability analysis, the rail transit agency should apply an interpretive methodology that encourages role-playing by transportation personnel, emergency responders, and contractors to brainstorm ways to attack the system. By matching threats to critical assets, transportation personnel can identify the capabilities required to support specific types of attacks. This activity promotes awareness and highlights those activities that can be preformed to recognize, prevent, and mitigate the consequences of attacks.

Both the FBI and DHS recommend that rail transit agencies focus on the top 10% of identified critical assets (at a minimum). Using these assets, transportation personnel should investigate the most likely threats, considering the range of attack objectives and methods that may be used (such as property and violent crime, disruption of traffic, destruction of bridge or tunnel, airborne contamination, hazardous materials accident, and threat or attack with explosives intended to disrupt or destroy). The system should also consider the range of perpetrators, such as juvenile gang members, drug users and pushers, car thieves, organized crime, terrorists, disgruntled employees, disturbed copycats, and others.

When conducting the scenario analysis, the system may choose to create chronological scenarios (event horizons) that emphasize the worst credible scenario as opposed to the worse case scenario. Experienced transportation personnel, who have participated in transportation war-gaming, recommend the investigation of worst credible scenarios. Based on this type of assessment, the rail transit system may determine certain scenarios as the most relevant. Results can be recorded in worksheets provided in System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

Relevant Rail Scenarios

Rail Assets Most Probable Threats
Stations
  • High-yield vehicle bomb near stations
  • Lower-yield explosive device in station
  • Armed assault, hijacking, hostage, or barricade situation in station
  • Chemical, biological, and nuclear release in station
  • Secondary explosive device directed at emergency responders
  • Graffiti in station
  • Car theft from station parking lot
Track/Signal
  • Explosive detonated on track
  • Chemical, biological, nuclear release on track
  • Signal and/or rail tampering
  • Dumping of debris on track
Rail Cars
  • Explosives placed on or under rail car
  • Improvised explosive device (pipe/fire bomb) on rail car
  • Chemical, biological, nuclear release on rail car
  • Armed assault, hostage, or barricade situation on rail car
  • Secondary explosive device directed at emergency responders
  • Graffiti on rail car
Power substations
  • Explosive detonated in or near substation
  • Tampering with power substations and components
Command Control Centers
  • Physical or information attack on train control system
  • Physical or information attack dispatch system
  • Armed assault, hostage, or barricade situation
  • Explosive device near or in Center
  • Sabotage of train control system

5.2 Threat and Vulnerability Assessment

Threats and vulnerabilities to a transit system cover a wide array of events, virtually none of which can be totally eliminated while still operating the system. Since no system can be rendered totally secure, once threats and vulnerabilities are identified, their impact on the total system must be assessed to determine whether to accept the risk of a particular danger, and the extent to which corrective measures can eliminate or reduce its severity.

To conduct its threat and vulnerability assessment, for each scenario pairing prioritized assets with identified threats, the transportation system should attempt to identify the costs and impacts using a standard risk level matrix, which supports the organization of consequences into categories of high, serious, and low. Consequences are assessed both in terms of severity of impact and probability of loss for a given threat scenario. A sample matrix is presented in Figure 6 below:

Figure 6 Sample Threat and Vulnerability Assessment Matrix

Scenarios with vulnerabilities identified as “high” may require further investigation and the implementation of countermeasures. Scenario-based analysis is not an exact science but rather an illustrative tool demonstrating potential consequences associated with low-probability to high-impact events. To determine the system’s actual need for additional counter-measures, and to provide the rationale for allocating resources to these counter-measures, the system should use the scenarios to pin-point the vulnerable elements of the critical assets and make evaluations concerning the adequacy of current levels of protection.

Examples of vulnerabilities that may be identified from scenario-based analysis include the following:

At the conclusion of the scenario-based analysis, the transportation system should have assembled a list of prioritized vulnerabilities for its top 10% critical assets. Typically, these vulnerabilities may be organized into the following categories:

These vulnerabilities should be documented in a confidential report or memorandum for the system’s executive director. Results can be recorded in worksheets provided in System Security and Emergency Preparedness Planning Guide, as well as in the G&T Special Needs Jurisdiction Risk Assessment process.

5.3 Threat and Vulnerability Resolution

Based on the results of the analysis described in Section 5.2 of this SEPP, the rail transit system can then identify countermeasures to reduce vulnerabilities identified as unacceptable to management. Effective countermeasures typically integrate mutually supporting elements.

Figure 7 as illustrated on the next page, security tends to emphasize “rings of protection,” meaning that the most important or most vulnerable assets should be placed in the center of concentric levels of increasingly stringent security measures. For example, a rail transit agency’s Operational Control Center should not be placed right next to the building’s reception area, rather, it should be located deeper within the building so that, to reach the control center, an intruder would have to penetrate numerous rings of protection, such as a fence at the property line, a locked exterior door, an alert receptionist, an elevator with key-controlled floor buttons, or a locked door to the control room.

Figure 7 Sample Rings of Protection

Within the rings of protection concept, the development of countermeasures typically reflects standard precedence guidelines for hazard resolution, including:

As a first step in assessing the need for countermeasures, the rail transit agency assures that the security policies, procedures, responsibilities, equipment, technology, and response capabilities described throughout this SEPP are effectively in-place for all threats, so that the risks of loss from security incidents to transit customers and employees, and to operating performance of the transit system, is at a manageable or acceptable level.

Next, based on the assessment of identified vulnerabilities, the rail transit agency may consider implementation of additional strategies to mitigate or eliminate vulnerabilities. Typically, rail transit agencies consider both passive and active strategies for identifying, managing, and resolving threats to the system’s operation. Passive strategies include all security and emergency response planning activity, outreach with local law enforcement, training, evacuation and business continuity and recovery plans, employee awareness, public information, and passenger training. Passive responses also include security design strategies, supported by Crime Prevention Through Environmental Design (CPTED) and Situational Crime Prevention (SCP) methods, such as landscaping, lighting, and physical barriers (planters or bollards).

Active strategies include security technology, such electronic access control, intrusion detection, closed circuit TV, digital recorders, emergency communications systems, and chemical agent or portable explosives detectors. Active systems also include personnel deployment. It is important to consider the entire lifecycle cost when evaluating security solutions. Technology options may require a substantial one-time investment, supported by fractional annual allocations for maintenance and vendor support contracts. Personnel solutions are generally more expensive.

Examples of ways in which the above prioritization may be applied include:

Other prevention strategies involve cooperation with law enforcement agencies, security staff in other systems, and industry associations in order to share threat information. It is useful to know whether other transportation systems in an area have experienced threats, stolen uniforms or keys, or a particular type of criminal activity, in order to implement appropriate security measures.

The table below provides a sample listing of possible countermeasures.

Possible Rail Transit Agency Countermeasures
Rail Transit Agency Countermeasures Planning Coordination with Local Responsers Training and Exercising Access Control Surveillance Blast Mitigation WMD Agent Protection
Identifying Unusual or Out-of-Place Activity X

 

X X X

 

X
Security Screening and Inspection Procedures X X X

 

X X X
Enhancing Access Control for Stations/Vehicles X X X X

 

X

 

Securing Perimeters for Non-revenue Areas X

 

 

X X

 

 

Denying Access to Authorized-only Areas X

 

X X X

 

 

Securing Vulnerable Areas (target hardening) X

 

 

X X X

 

Removing Obstacles to Clear Line-of-Sight X

 

 

X X

 

 

Protecting Parking Lots X

 

 

X X

 

 

Enhanced Access Control for Control Center X

 

 

X X

 

 

Securing Critical Functions and Back-ups X

 

 

X X

 

 

Promoting Visibility of Uniformed Staff X

 

 

X X

 

 

Removing Spaces that Permit Concealment X

 

 

X X

 

X
Reinforcing Natural Surveillance X

 

 

X X

 

 

Procedures for Vehicle and Station Evacuations X X X

 

 

X X
Coordination with Community Planning Efforts X X X

 

 

 

X
Backing up Critical Computer Systems X

 

X

 

 

 

 

Revising Lost-and-Found Policies X

 

X

 

 

 

X
Securing Tunnels and Elevated Structures X

 

X X X X X
Elevating/securing Fresh Air Intakes X

 

 

X

 

 

X
Protecting Incoming Utilities X

 

 

X X X X
Establishing Mail-handling Procedures X

 

X

 

X

 

X
Identifying Appropriate Personal Protective Equipment and Training X X X

 

 

 

X
Preparing Response Folders and Notebooks for Facilities and Vehicles X X X

 

X X X
Familiarization Training for Local Emergency Response Agencies X X

 

 

 

 

X
Planning for Scene Management and Emergency Response X X

 

 

 

X X

6.0 Implementation and Evaluation of SEPP

6.1 Implementation Tasks for Goals and Objectives

This section should describe the specific tasks that will be implemented by the rail transit agency to meet the goals and objectives specified in Section 1.2 of the SEPP, and the roles, responsibilities and program implementation activities described in the other chapters. For example, for the sample goals and objectives identified in Section 1.2 of this SEPP, the rail transit agency may identify the following tasks:

6.2 Implementation Schedule

This section should detail a schedule that is used for the implementation of the security program. For example, if the security plan is to be reviewed by the transit agency on an annual basis, beginning in January of each year, then this review should be included in the general schedule. In addition, if specific threat and vulnerability analysis of key stations or facilities are to be updated every year, this section should include those items in the schedule.

6.3 Evaluation

This section of the SEPP should document the rail transit agency’s process for conducting internal security audits to evaluate compliance and measure the effectiveness of the SEPP. This process must ensure that all elements in the rail transit SEPP are reviewed for their implementation and effectiveness in an on-going manner over a three-year cycle. This process may be combined with the internal audit process used for the System Safety Program Plan, or it may be an independent procedure.

This section of the SEPP should identify the department/function with responsibility for conducting these audits, the activities to be performed, including establishing the audit schedule, the development of checklists to guide the audit, and the notification of the state oversight agency no less than 30 days prior to the conduct of an audit, the frequency of the audits, and, if possible, the specific person or internal function responsible. For example, the system safety function may audit the security/police function as part of its internal audit program on a three year basis. In addition, security management may perform weekly or daily reviews of the private security forces it has hired to provide security at transit agency facilities. The rail transit agency must submit an annual report to the state oversight agency for review and approval, documenting its internal audit activities over the past year, along with a certification, signed by the General Manager that, based on the results of internal audit process, the SEPP is being implemented by the rail transit agency.

Any external reviews of the security program should also be explained in this section. The SEPP should state that the state safety oversight agency will conduct an external review of the rail transit agency’s SEPP program on a three year basis at a minimum. The transit agency should also explain the process for correcting any findings that are a result of the external review. To respond to findings of an oversight agency external review, the rail transit agency may need to submit a corrective action plan describing how the finding will be resolved. The corrective action plan should include the corrective action plan required, the person(s) or department responsible for implementing the corrective action, a time frame for implementing the corrective action, and the status of the corrective action plan. As applicable, the rail transit agency should also note reviews to be conducted by G&T and/or TSA.

7.0 Modification of System Security Plan

7.1 Initiation

This section of the SEPP plan should include a process for initiating revisions, gathering input for the revisions and procedures for updating the plan and the identification of the responsible person.

7.2 Review Process

The process used to review and revise the security plans as necessary should be explained, including frequency and responsible person(s). The role of the state safety oversight in requiring annual updates and reviewing the security plan needs to be included in this section.

This section of the SEPP should also document the rail transit agency’s process for making its SEPP and accompanying procedures available to the oversight agency for review and approval. As specified in § 659.11 of the revised Rule, the oversight agency must either have provisions in place for protecting security-related materials from public disclosure or the rail transit agency must develop special procedures to ensure that these materials cannot be released. The rail transit agency’s SEPP must describe the process in place to ensure that all security-related materials are protected from public disclosure. In many instances, this may include the state oversight agency conducting an on-site review of the SEPP and supporting procedures at the rail transit by agency.

7.3 Implement Modifications

The process of communicating, disseminating and implementing new and revised procedures of the security plan throughout the transit agency should be detailed.

Appendix A: DHS Regulation and Requirements Relevant to the SEPP

As discussed briefly in Section 1.6 (Government Involvement) and Section 3.3.6 (Responsibilities of External Agencies), DHS and its departments (including G&T, FEMA, and TSA) all have a new role in public transportation system security and emergency preparedness. This section of the SEPP describes the various elements of this role, which are based in the Homeland Security Act of 2002 and subsequent Homeland Security Presidential Directives (HSPDs), and identifies the implications for the rail transit agency.

The authority of the Department of Homeland Security to regulate the security and emergency preparedness operations of public transportation agencies is two-fold. First, DHS has direct regulatory authority over all modes of transportation. See Aviation and Transportation Security Act of 2001, PL 107-71, 115 Stat. 597, 49 USC 40101 (transferring regulation of all modes of security to the Transportation Security Administration (TSA), still within the Department of Transportation) and Homeland Security Act of 2002, PL 107-296, 116 Stat. 2135, 6 USCA 101 (transferring TSA from the DOT to DHS). Thus, DHS (through TSA) has the authority to regulate and oversee implementation of security and emergency preparedness measures for all modes of transportation in the United States. TSA may exercise its authority through formal rulemaking or binding directives to transportation operators. See 49 CFR § 1500–1699 (current rules as codified).

Second, DHS has control over the intergovernmental coordination of national security operations, and because public transportation agencies are “local governments” as defined in the Homeland Security Act, they are subject to the guidelines and any grant-based requirements associated with DHS coordination efforts. See Homeland Security Act of 2002, PL 107-296, 116 Stat. 2135, 6 USCA 101. The Office of the Secretary of DHS includes the Office of State and Local Government Coordination and Preparedness (SLGCP), which includes G&T, which plays a major role administering and managing DHS grant programs. FEMA, now a part of DHS, also plays a significant role in coordinating intergovernmental activities for all-hazards emergency preparedness.

Homeland Security Presidential Directives and Supporting Guidance

Under the Homeland Security Act, activities identified to support intergovernmental coordination are carried out primarily by G&T and FEMA, following guidance and requirements specified in Homeland Security Presidential Directives (HSPDs), particularly:

Homeland Security Presidential Directive 5: Management of Domestic Incidents, February 28, 2003

Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection, December 17, 2003

Homeland Security Presidential Directive 8: National Preparedness, December 17, 2003

Relationships among HSPDs 5, 7 and 8 are depicted graphically in Figure 8 below.

Figure 8 DHS Strategy, HSPDs, National Initiatives and Expected Results

HSPD-5 (Management of Domestic Incidents) mandated the creation of the National Incident Management System (NIMS) and National Response Plan (NRP). The NIMS provides a consistent framework for entities at all jurisdictional levels to work together to manage domestic incidents, regardless of cause, size, or complexity. To promote interoperability and compatibility among federal, state, local, and tribal capabilities, the NIMS includes a core set of guidelines, standards, and protocols for command and management, preparedness, resource management, communications and information management, supporting technologies, and management and maintenance of NIMS. The NRP, using the template established by the NIMS, is an all-discipline, all-hazards plan that provides the structure and mechanisms to coordinate operations for evolving or potential Incidents of National Significance. Incidents of National Significance are major events that “require a coordinated and effective response by an appropriate combination of federal, state, local, tribal, private sector, and nongovernmental entities.” The relationship of NIMS and the NRP during Incidents of National Significance is presented in Figure 9 below.

Figure 9 National Response Plan and National Incident Management System

Specific requirements in support of NRP and NIMS implementation have been placed on county, municipal, and state emergency management agencies and on local emergency response agencies, including law enforcement. Public transportation agencies now must address these requirements through greater integration in the local/regional/state emergency planning process and through adoption and implementation of NIMS.

To support implementation of HSPD-7 (Critical Infrastructure Identification, Prioritization, and Protection), DHS issued the Interim National Infrastructure Protection Plan (NIPP) in February 2005. The NIPP provides a consistent, unifying structure for integrating critical infrastructure protection (CIP) efforts into a national program. The NIPP outlines how DHS and its stakeholders will develop and implement the national effort to protect infrastructures across all sectors, including transportation. DHS and the Sector-Speci#c Agencies (SSAs) are evaluating the Interim NIPP with critical stakeholders to further ensure its effectiveness and success. As depicted in Figure 10 below, DHS has developed a risk management framework to be used in evaluating vulnerabilities and establishing priorities in each of the 17 sectors identified as containing critical infrastructure or key resources. Public transportation is included as a critical infrastructure.

Figure 10 DHS Risk Management Process for Critical Infrastructure Protection

For public transportation, DHS has identified representative measures of efforts being made across the United States. These measures involve a layered approach to enhancing the safety and security of its transit systems. Some of the elements of this approach include:

  • the increased presence of law enforcement to deter potential terrorists and to possibly identify threats, as well as to provide additional first response capabilities should an event occur;
  • the selected deployment of sensors and other detection devices to deter terrorists and to quickly identify the presence of various chemical, biological, radiological, nuclear, or explosive materials in order to minimize the consequences of an attack;
  • the application of facial recognition and other screening technologies in order to identify suspect individuals;
  • training for employees and the traveling public to increase awareness of suspicious individuals and packages and the need to promptly report them;
  • daily sharing of threat information and best practices for protective measures across different transit systems;
  • development of emergency response and evacuation plans to assist in rapid evacuations and control of any situations that occur;
  • development of recovery plans to allow safe operations to resume as quickly as possible after a shutdown (with or without an actual attack);
  • selective closures of entrances and exits where the service benefit is low and the security concerns are high;
  • greater separation of passenger areas from those that are open to the public;
  • use of access control systems, badges and uniforms to more readily identify employees and those that are supposed to be in restricted areas; and
  • greater cooperation and interaction with local, state, and federal law enforcement and intelligence agencies to ensure that critical information is shared.

HSPD-8 (National Preparedness) establishes policies to strengthen the preparedness of the United States to prevent and respond to threatened or actual domestic terrorist attacks, major disasters and other emergencies by requiring a National Preparedness Goal, establishing mechanisms for improved delivery of federal preparedness assistance to state and local governments and outlining actions to strengthen preparedness capabilities of federal, state, and local entities. Statewide all-hazards preparedness strategies should be consistent with the National Preparedness Goal, assess the most effective ways to enhance preparedness, address areas facing higher risk especially to terrorism, and address local government concerns and Citizen Corps efforts.

The National Preparedness Goal establishes the requirement for federal, state, local and tribal entities to achieve and sustain nationally accepted risk based target levels of capability for prevention, preparedness, response and recovery for major events, especially terrorism. The target levels of capability are based upon National Planning Scenarios, a Universal Task List (UTL), and a Target Capabilities List (TCL). These tools have been developed with input from the homeland security community at all levels and will continue to be updated over time. States should take steps in FY05 to review and incorporate these tools in their preparedness efforts in preparation for full implementation of HSPD-8 in FY06. The figure below (this figure has been converted to a listing for easy reading) provides a visual depiction of the interfaces among the National Planning Scenarios, the Universal Task list, and the Target Capabilities List.

Elements of the National Preparedness Goal

In the National Preparedness Goal Scenarios directly relate to Task, and Tasks directly relate to Capabilities. These Scenarios, Tasks and Capabilities are described below.

Scenarios: The National Planning Scenarios highlight the scope, magnitude and complexity of plausible catastrophic terrorist attacks, major disasters, and other emergencies.

  • 15 Scenarios
  • Chemical, Biological, Radiological, Nuclear, Explosive, Food and Agricultural, and Cyber Terrorism
  • Natural Disasters
  • Pandemic Influenza

Tasks: The Universal Task List (UTL) provides a menu of tasks from all sources that may be performed in major event such as those illustrated by the National Planning Scenarios.

  • Entities select on the tasks that apply to their assigned roles and responsibilities
  • Prevention
  • Protection
  • Response
  • Recovery
  • The intent of the UTL is to guide the design, development, conduct and evaluation of training and exercise events

Capabilities: The Target Capabilities List (TCL) provides guidance on specific capabilities and levels of capability that federal, state, local and tribal entities will be expected to develop and maintain.

  • 36 Capability Summaries
  • Description, Outcome, ESF/Annex, Associated Critical Tasks, Measures, Capability Elements, Linked Capabilities, Event Conditions, ReferencesTailored to levels of government based on assigned roles and responsibilities
  • Tailored to Tiers or groups of jurisdictions based on risk factors

The 36 Critical Capabilities required to ensure National Preparedness are listed below:

  1. Animal Health Emergency Support
  2. CBRNE Detection
  3. Citizen Preparedness and Participation
  4. Citizen Protection: Evacuation and/or In-Place Protection
  5. Critical Infrastructure Protection
  6. Critical Resource Logistics and Distribution
  7. Economic and Community Recovery
  8. Emergency Operations Center Management
  9. Emergency Public Information and Warning
  10. Environmental Health and Vector Control
  11. Explosive Device Response Operations
  12. Fatality Management
  13. Firefighting Operations/Support
  14. Food and Agriculture Safety and Defense
  15. Information Collection and Threat Recognition
  16. Information Sharing and Collaboration
  17. Intelligence Fusion and Analysis
  18. Interoperable Communications
  19. Isolation and Quarantine
  20. Mass Care (Sheltering, Feeding, and Related Services)
  21. Mass Prophylaxis
  22. Medical Supplies Management and Distribution
  23. Medical Surge
  24. On-Site Incident Management
  25. Planning
  26. Public Health Epidemiological Investigation and Laboratory Testing
  27. Public Safety and Security Response
  28. Restoration of Lifelines
  29. Risk Analysis
  30. Search and Rescue
  31. Structural Damage Assessment and Mitigation
  32. Terrorism Investigation and Intervention
  33. Triage and Pre-Hospital Treatment
  34. Volunteer Management and Donations
  35. WMD/Hazardous Materials Response and Decontamination
  36. Worker Health and Safety

For HSD-8, DHS has identified seven National Priorities, based on the scenarios, task list and critical capabilities, as building blocks for the National Preparedness System. These seven priorities reflect a limited number of the cross-cutting initiatives and critical capabilities that should drive near-term planning and resource allocation efforts. The National Priorities are intended to guide the nation’s preparedness efforts to meet its most urgent needs, and fall into two categories: (1) overarching priorities that contribute to the development of multiple capabilities, and (2) capability-specific priorities that build selected capabilities for which the nation has the greatest need.

Overarching Priorities

  1. Implement the National Incident Management System and National Response Plan
  2. Expanded Regional Collaboration
  3. Implement the Interim National Infrastructure Protection Plan

Capability-Specific Priorities

  1. Strengthen Information Sharing and Collaboration capabilities
  2. Strengthen Interoperable Communications capabilities
  3. Strengthen CBRNE Detection, Response, and Decontamination capabilities
  4. Strengthen Medical Surge and Mass Prophylaxis capabilities

Implications for the Rail Transit Agency

HSPD-5: NRP: Requirements for the NRP are being addressed by the state Emergency Management Agency (EMA) in revising the state Emergency Operations Plan. The county EMA and/or a specially created County Advisory Board (CEM Board) and the major municipality served by the rail transit agency are also preparing Emergency Operations Plans for the county and city respectively, which reflect requirements from the NRP and the state EOP. The rail transit agency, in turn, is addressing these requirements through participation in the Major Emergency Incident Management System (MEIMS) established for the county/municipality and through the submission of its EOP to the appropriate municipal and county agencies. The rail transit agency is also revising its MOUs and response protocols with the municipality and county, and preparing an itemized inventory of emergency response resources.

The rail transit agency’s cooperative agreement with the county EMA extends to mutual aid with participating communities. In addition, the county coordinate’s homeland security related emergency management planning through the Urban Area Security Initiative (UASI) Point-of-Contact Committee (UAPOC).

HSPD-5: NIMS: To address NIMS requirements, the rail transit agency has developed and documented its Incident Management Organization and emergency notification and response procedures in its Emergency Operations Plan. The rail transit agency EOP:

  • incorporates NIMS into emergency operations planning;
  • incorporates NIMS into existing training programs and exercises;
  • revises/updates mutual aid agreements with regional emergency management public safety agencies in the rail system’s service area to address NIMS requirements; and
  • institutionalizes the rail transit agency’s capabilities to interface with the Incident Command System (ICS) used by emergency management and public safety agencies in its service area.

The rail transit agency understands that full NIMS compliance is required for the receipt of preparedness grants from G&T and FEMA for FY 2007. FEMA’s NIMS Integration Center (NIC) is continuing to develop resource materials and guidance ( http://www.fema.gov/nims ). In addressing NIMS requirements, the rail transit agency has committed to:

  • Having relevant personnel complete the NIMS Awareness Course: “National Incident Management System (NIMS), An Introduction” IS 700. This independent study course is available on-line and will take between forty-five minutes to three hours to complete. The course is available on the Emergency Management Institute web page at: http://training.fema.gov/EMIWeb/IS/is700.asp .
  • Formally recognizing NIMS and adopting NIMS principles and policies. The NIC will provide sample language and templates to assist in formally adopting NIMS through legislative and/or executive/administrative means.
  • Establishing a NIMS baseline by determining which NIMS requirements are already satisfied. The NIC has developed a web-based self-assessment system, the NIMS Capability Assessment Support Tool (NIMCAST) to evaluate their incident response and management capabilities. The NIC is currently piloting the NIMCAST with a limited number of states. Upon completion of the pilot, the NIC will provide all potential future users with voluntary access to the system. Additional information about the NIMCAST tool will be provided later this year.
  • Establishing a timeframe and developing a strategy for full NIMS implementation. Rail transit systems are encouraged to achieve full NIMS implementation during FY 2005. To the extent that full implementation is not possible during FY 2005, federal preparedness assistance must be leveraged to complete NIMS implementation in FY 2006. By FY 2007, federal preparedness assistance will be conditioned upon full compliance with NIMS.
  • Institutionalizing the use of the ICS. Transit systems that are not already using ICS, must institutionalize the use of ICS (consistent with the concepts and principles taught by DHS) across the entire response system.

The rail transit agency is also addressing NIMS requirements through its partnership with the county and municipal emergency management agencies in its service area. The county has approved the Major Emergency Incident Management System (MEIMS) Basic Principals and Protocols. MEIMS Basic Principles establish Emergency Incident Levels and define the roles and responsibilities of the various entities, including the rail transit agency, which could become involved in emergency response. MEIMS Protocols, which have been adopted by the rail transit agency, specify use of the Incident Command System (ICS) and support compliance with the National Incident Management System (NIMS) and the National Response Plan (NRP) regarding both on-scene response and the request and mobilization of resources.

HSPD-7: NIPP: In developing its Emergency Operations Plan, SEPP, and supporting procedures, plans, policies, training, drills/exercises, and other activities, the rail transit agency is addressing concerns identified in the NIPP. Further, the rail transit agency remains committed to filling requests from DHS or SSAs regarding:

  • the identification and prioritization of assets;
  • the sharing of data with DHS & SSAs and the response to all calls for such data;
  • the verification and update of data based on knowledge, practice and observations;
  • the conduct of shared assessments with DHS and SSAs;
  • the identification of infrastructure interdependencies; and
  • the development of cross-sectional prioritization efforts.

HSPD-8: G&T Transit Security Grant Program: G&T requires fulfillment of DHS emergency preparedness guidance as a condition of eligibility for security preparedness grants and technical assistance. G&T includes a Transportation Infrastructure Security Division (TISD) which administers the Urban Area Security Initiative (UASI), Transit Security Grant Program (TSGP). This program requires that the rail transit agency work with its State Administrative Agency (SAA), and the state Emergency Management Agency, to:

  • Provide a point-of-contact and a program narrative describing the rail transit system, including a description of its operating systems, infrastructure, ridership, the number of track miles (if applicable), the number of vehicles or vessels (if applicable), types of service and other important features, as well as system maps, a description of the geographical borders of the transit systems and the cities and counties served, and a description of other sources of funding being leveraged for security enhancements. In addition, the program narrative should address the rail transit agency’s current prevention, detection and response capabilities relative to improvised explosive devices (IEDs), as well as chemical, biological, radiological and nuclear (CBRNE) devices, including sensors, canine units, etc.
  • Ensure that the rail transit agency has conducted a transit threat and vulnerability assessment (either as outlined in The Public Transportation System Security and Emergency Preparedness Planning Guide, published by the U.S. Department of Transportation’s Federal Transit Administration, January 2003 or through the Security Readiness Assessment conducted by the FTA, or through risk assessments that were completed during the previous round of UASI Transit Security Grants or the risk assessment completed as part of the G&T Mass Transit Technical Assistance Program). These assessments must be provided to G&T.
  • Develop a Security and Emergency Preparedness Plan (SEPP), updated within the past year, which addresses the requirements outlined in The Public Transportation System Security and Emergency Preparedness Planning Guide. This plan must be provided to G&T for the release of TSGP funds.
  • The program also includes a requirement that transit systems selected for funding participate in a Regional Transit Security Working Group (RTSWG) for the purpose of developing a Regional Transit Security Strategy (RTSS), and to develop regional consensus on the expenditure of FY 2005 TSGP funds. The RTSWG must also include representation from the state Emergency Management Agency and the state Department of Public Safety, Division of Homeland Security and the local Urban Area Working Group (UAWG). Other transit agencies whose systems intersect with the rail transit agency also participate in the RTSWG process.

    The focus of the regional transit system security strategy is on the detection of, response to, prevention of and recovery from terrorist incidents. First and foremost is the threat of improvised explosive devices and chemical, biological, radiological, nuclear, and explosive devices. This strategy will work hand in hand with existing regional, state homeland security, and urban area security initiative strategies, with particular emphasis on the transit system. A significant aspect of this strategy will be on the development of relationships, sharing of communications networks, tactical interoperable radio systems, shared technology, equipment, training and exercises.

  • Other Elements: Public Awareness and Citizen Participation: Citizens are a critical component of homeland security, and to have a fully prepared community, citizens must be fully aware, trained, and practiced on how to detect, deter, prepare for, and respond to emergency situations. Recent surveys indicate that citizens are concerned about the threats facing the nation and are willing to participate to make their communities safer, yet most Americans have low awareness of federal, state, and local emergency preparedness plans, are not involved in local emergency drills, and are not adequately prepared at home.

    Informed and engaged citizens are an essential component of homeland security and the mission of Citizen Corps is to have everyone in America participate in making their community safer, stronger, and better prepared. To achieve this, state, local and tribal Citizen Corps Councils have formed nationwide to help educate and train the public, and to develop citizen/volunteer resources to support local emergency responders, community safety, and disaster relief.

    In support of this mission, G&T is currently working with FTA to align the Citizen Corps and Transit Watch programs. As part of this, all FY 2005 TSGP award recipients should work with the applicable state and local Citizen Corps Councils to more fully engage citizens through the following activities:

    • Expand plans and task force memberships to address citizen participation.
    • Develop or revise plans to integrate citizen/volunteer resources and participation, and include advocates for increased citizen participation in task forces and advisory councils.
    • Awareness and outreach to inform and engage the public. Educate the public on personal preparedness measures, terrorism awareness, alert and warning systems, and state and local emergency plans via a range of community venues and communication channels.
    • Include citizens in training and exercises. Provide emergency preparedness and response training for citizens, improve training for emergency responders to better address special needs populations, and involve citizens in all aspects of emergency preparedness exercises, including planning, implementation, and after action review.
    • Develop or expand programs that integrate citizen/volunteer support for the emergency responder disciplines. Develop or expand Citizen Corps Programs into the transit environment, including citizen participation in prevention and response activities.

In addition, FY2005 TSGP award recipients should also take advantage of the public awareness materials developed by FTA through Transit Watch. To facilitate this, reproduction of official Transit Watch materials is an allowable expense as part of this program.

TSA REGULATIONS: Under authority of 49 USC 40119, USDOT and TSA have jointly issued, at 49 CFR § 15 and 49 CFR § 1520 respectively, regulations for protection of sensitive security information (SSI), applicable to all modes of transportation. The rail transit agency uses its legal department to address SSI considerations, and, at the present time, does not need protections afforded by these regulations.

In addition, the Transportation Security Administration (TSA) has required, per its security directive RAILPAX-04-01 issued May 20, 2004, the designation of primary and alternate security coordinators (SCs) for public mass transit rail operations. The rail transit agency has provided these SCs to TSA.

The SCs serve as point-of-contact with TSA, such as rail security inspectors under TSA's Surface Transportation Security Inspector (STSI) program. Pursuant to the DHS/G&Ts National Infrastructure Protection Plan (NIPP) and DHS/TSA's Transportation Security Operational Plan (TSOP), TSA has developed a Surface Transportation Security Inspector (STSI) Program (Rail), as mandated by the Fiscal Year 2005 Homeland Security appropriations bill.

The STSI program will hire, train and deploy 100 TSA rail security compliance inspectors, to be located in 19 cities. The cities were chosen for their proximity to major rail hubs, existing Federal Railroad Administration (FRA) and Federal Transit Administration offices, and existing TSA Aviation Operations Districts. In coordination with mass transit and passenger rail systems, the TSA inspectors will: conduct security system evaluations; share security-related best practices information; coordinate security threat advisories; and conduct inspections to ensure compliance with security directives, such as TSA's security directive RAILPAX-04-01 issued May 20, 2004.

Appendix B: Acronyms

AVL - Automatic Vehicle Location

BASS - Behavioral Awareness Security Screening

CBRNE - Chemical, Biological, Radiological, Nuclear, Explosive (WMD)

CCTV - Closed-Circuit Television

COOP - Continuity of Operations Plan

CFR - Code of Federal Regulations

CPTED - Crime Prevention Through Environmental Design

DHS - U.S. Department of Homeland Security

DOT - U.S. Department of Transportation

EMS - Emergency Medical Services

EOC - Emergency Operations Center

EOP - Emergency Operations Plan

G&T - Office of Grants and Training

HSPD - Homeland Security Presidential Directive

IED - Improvised Explosive Device

JTTF - Joint Terrorism Task Force (FBI)

NIMS - National Incident Management System

NTI - National Transit Institute

OCC - Operations Control Center

ODP - Office for Domestic Preparedness

OSHA - Occupational Safety and Health Administration

POETE - Plans, Organization, Equipment, Training/Procedures, and Exercises/Evaluation

RFGS - Rail Fixed Guideway System

RTSS - Regional Transit Security Strategy

SEPP - Security and Emergency Preparedness Plan

SOP - Standard Operating Procedure

SSO - RFGS State Safety Oversight Agency

SSPP - System Safety Program Plan

TEW - Terrorism Early-Warning System

TSA - Transportation Security Administration

UA - Urban Area (for DHS/G&T administration of UASI program)

UAPOC - Regional UASI Point-of-Contact working group

UASI - Urban Areas Security Initiative

WMD - Weapons of Mass Destruction

Appendix C: Definitions

Assessment - The evaluation and interpretation of measurements and other information to provide a basis for decision-making.

Assets - People, information, and property for which the public transportation system is responsible as legal owner, employer, or service provider.

Capabilities Assessment - A formal evaluation, conducted by the public transportation system, to identify the status of its security and emergency preparedness activities. This activity enables the system to determine its existing capacity to: (1) Reduce the threat of crime and other intentional acts, (2) Recognize, mitigate, and resolve incidents that occur in service and on system property, (3) Protect passengers, employees, emergency responders, and the environment during emergency operations, and (4) Support community response to a major event.

Consequences - The severity of impact and probability of loss for a given threat scenario. Consequences may be measured in qualitative or quantitative terms.

Countermeasures - Those activities taken to reduce the likelihood that a specific threat will result in harm. Countermeasures typically include the deployment and training of personnel, the implementation of procedures, the design or retrofit of facilities and vehicles; the use of specialized equipment, the installation of alarms/warning devices and supporting monitoring systems; and communications systems and protocols.

Critical Assets - A sub-category of assets whose loss has the greatest consequences for people and the ability of the system to sustain service. These assets may require higher or special protection.

Critical Infrastructure - Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. (USA Patriot Act of 2001, 42 U.S.C. § 5195(e), incorporated by reference into the Homeland Security Act of 2002, 6 U.S.C. § 101).

Department of Homeland Security (DHS) - U.S. government agency created by the Homeland Security Act of 2002 (Pub. L. 107-296). Includes Transportation Security Administration (TSA), and within the Office of the Secretary of DHS, the Office for Domestic Preparedness (ODP), which is now referred to as the Department of Homeland Security, Preparedness Directorate, Office of Grants and Training (G&T). TSA's authority includes regulation and oversight of security measures for all modes of transportation in the United States. G&T's functions include coordinating emergency preparedness efforts at all levels of government.

Emergency - A condition, situation or occurrence of a serious nature, developing suddenly and unexpectedly, and requiring immediate action.

Emergency Operations Center (EOC) - The physical location at which the coordination of information and resources to support domestic incident management activities normally takes place.

Emergency Operations Plan (EOP) - The formal plan that documents the transportation system’s program for emergency preparedness and response.

Emergency Preparedness - Plans, organization, equipment, training/procedures, and exercises/evaluation, for preparedness to perform the prevention, detection, response and recovery capabilities applicable to mass transit employees and operations during catastrophic natural disasters, or terrorist attacks, appropriately coordinated/integrated with emergency response/management jurisdictions in the transit agency's service area.

Emergency Responder - Federal, state, and local public safety, law enforcement, emergency response, emergency medical (including hospital emergency facilities), and related personnel, agencies, and authorities.

Evacuation - Organized, phased, and supervised withdrawal, dispersal, or removal of civilians from dangerous or potentially dangerous areas, and their reception and care in safe areas.

Event - A planned, non-emergency activity. ICS can be used as the management system for a wide range of events, e.g., parades, concerts, or sporting events.

Federal Transit Administration (FTA) - The agency of the U.S. Department of Transportation which administers the federal program of financial assistance to public transit.

Hazard also Hazardous Condition - Any real or potential condition that can cause injury, illness, or death; damage to or loss of a system, equipment or property; or damage to the environment.

Hazard Severity -

    Catastrophic - A hazard severity category defined as “Category I” failure condition that could result in a large number of serious injuries and/or fatalities, and/or significant loss of system capability.

    Critical - A hazard severity category defined as “Category II” failure condition that could result in severe injury to one or more persons, and/or significant system damage.

    Marginal - A hazard severity category defined as "Category III”, failure conditions that could result in minor injury, minor occupational illness, or minor system damage.

    Negligible - A hazard severity category defined as "Category IV” failure conditions that cause less than minor injuries, illness, or system damage.

Hazard Threat Probability – The probability a hazard or threat will occur. Probability may be expressed in quantitative or qualitative terms and the ranking system is as follows: (a) frequent, (b) probable, (c) occasional, (d) remote, (e) improbable, and (f) impossible.

Hazard Resolution – The analysis and subsequent actions taken to reduce, to the lowest level practical, the risk associated with an identified hazard.

Homeland Security Presidential Directives (HSPDs) - instruments for communicating presidential decisions about the national security policies of the United States and implementations thereof.

Incident – An occurrence or event, natural or human-caused, which requires an emergency response to protect life or property.

Incident Command System (ICS) - A standardized on-scene emergency management concept specifically designed to provide for the adoption of an integrated organizational structure that reflects the complexity and demands of single or multiple incidents, without being hindered by jurisdictional boundaries. ICS is the combination of facilities, equipment, personnel, procedures, and communications operating within a common organizational structure, designed to aid in the management of resources during incidents.

Incident Commander (IC) - The individual responsible for all incident activities, including the development of strategies and tactics and the ordering and the release of resources. The IC has overall authority and responsibility for conducting incident operations and is responsible for the management of all incident operations at the incident site.

Injury – Injury to a person requiring medical attention necessitating transport to a medical facility by ambulance or police vehicle for medical treatment.

Investigation - The process used to determine the causal and contributing factors of an accident or hazard, so that actions can be identified to prevent recurrence.

Management Loss Control - An element of the system safety and security management function that evaluates the effects of potential hazards/threats considering acceptance, control, or elimination with respect to the expenditure of available resources.

Mitigation - The activities designed to reduce or eliminate risks to persons or property or to lessen the actual or potential effects or consequences of an incident. Mitigation measures may be implemented prior to, during, or after an incident. Mitigation measures are often informed by lessons learned from prior incidents. Mitigation involves ongoing actions to reduce exposure to, probability of, or potential loss from hazards.

Multi-jurisdictional Incident - An incident requiring action from multiple agencies that each have jurisdiction to manage certain aspects of an incident. In ICS, these incidents will be managed under Unified Command.

Mutual-Aid Agreement - Written agreement between agencies and/or jurisdictions that they will assist one another on request, by furnishing personnel, equipment, and/or expertise in a specified manner.

National Incident Management System - A system mandated by HSPD-5 pursuant to the Homeland Security Act of 2002, that provides a consistent nationwide approach for federal, state, local, and tribal governments; the private-sector, and nongovernmental organizations to work effectively and efficiently together to prepare for, respond to, and recover from domestic incidents, regardless of cause, size, or complexity. To provide for interoperability and compatibility among federal, state, local, and tribal capabilities, the NIMS includes a core set of concepts, principles, and terminology. HSPD-5 identifies these as the ICS; multi-agency coordination systems; training; identification and management of resources (including systems for classifying types of resources); qualification and certification; and the collection, tracking, and reporting of incident information and incident resources.

National Infrastructure Protection Plan (NIPP) - A DHS/TSA-issued plan, mandated by HSPD-7 pursuant to the Homeland Security Act of 2002, for protection of critical infrastructure in the United States. The plan designates TSA as the sector-specific federal agency responsible for transportation critical infrastructure protection. In 2005, TSA is developing a Transportation Security Operational Plan (TSOP) that (1) will describe responsibilities and program milestones for securing critical transportation infrastructure in areas of domain awareness, prevention, protection, response, and recovery; and (2) will provide transportation owner/operators with guidance to develop or enhance their respective security plans.

National Response Plan - A DHS/G&T-issued plan, mandated by HSPD-5 pursuant to the Homeland Security Act of 2002, that integrates federal domestic prevention, preparedness, response, and recovery plans into one all-discipline, all-hazards plan.

National Preparedness Goal and National Preparedness Plan - A DHS/G&T-issued plan, mandated by HSPD-8 pursuant to the Homeland Security Act of 2002, that provides a consistent nationwide approach and objectives for federal, state, local, and tribal governments to develop plans, organization, equipment, training/procedures, and exercises/evaluation, for preparedness to perform the prevention, detection, response and recovery capabilities (as specified in the DHS/G&T-issued Target Capabilities List) during catastrophic natural disasters or terrorist attacks (particularly as specified in the DHS/G&T-issued National Planning Scenarios).

Office of Domestic Preparedness (ODP) - see Department of Homeland Security (DHS)

Office of Grants and Training (G&T) – see Department of Homeland Security (DHS)

Off-Peak Period - The period between the morning and evening peak periods when travel activity is generally lower and less transit service is scheduled.

Park and Ride Lot - Designated parking areas for automobile drivers who then board transit vehicles from these locations.

Peak Period - Morning and afternoon time periods when transit riding is heaviest.

Preparedness - The range of deliberate, critical tasks and activities necessary to build, sustain, and improve the operational capability to prevent, protect against, respond to, and recover from domestic incidents.

Prevention - Actions to avoid an incident or to intervene to stop an incident from occurring. Prevention involves actions to protect lives and property. It involves applying intelligence and other information to a range of activities that may include such countermeasures as deterrence operations; heightened inspections; improved surveillance and security operations; investigations to determine the full nature and source of the threat; public health and agricultural surveillance and testing processes; immunizations, isolation, or quarantine; and, as appropriate, specific law enforcement operations aimed at deterring, preempting, interdicting, or disrupting illegal activity and apprehending potential perpetrators and bringing them to justice.

Procedures - Established and documented methods to perform a series of tasks.

Public Information Officer - A member of ICS Command Staff responsible for interfacing with the public and media or with other agencies with incident-related information requirements.

Public Transit System - An organization that provides transportation services owned, operated, or subsidized by any municipality, county, regional authority, state, or other governmental agency, including those operated or managed by a private management firm under contract to the government agency owner.

Recovery - The development, coordination, and execution of service- and site-restoration plans; the reconstitution of government operations and services; individual, private sector, nongovernmental, and public-assistance programs to provide housing and to promote restoration; long-term care and treatment of affected persons; additional measures for social, political, environmental, and economic restoration; evaluation of the incident to identify lessons learned; post-incident reporting; and development of initiatives to mitigate the effects of future incidents.

Response - Activities that address the short-term, direct effects of an incident. Response includes immediate actions to save lives, protect property, and meet basic human needs. Response also includes the execution of emergency operations plans and of mitigation activities designed to limit the loss of life, personal injury, property damage, and other unfavorable outcomes. As indicated by the situation, response activities include applying intelligence and other information to lessen the effects or consequences of an incident; increased security operations; continuing investigations into the nature and source of the threat; on-going public health and agricultural surveillance and testing processes; immunizations, isolation, or quarantine; and specific law enforcement operations aimed at preempting, interdicting, or disrupting illegal activity, and apprehending actual perpetrators and bringing them to justice.

Redundancy - The existence of more than one means of accomplishing a given function.

Ridership - The number of rides taken by people using a public transportation system in a given time period.

Risk Assessment

    Initial Risk Index - The index of the worst credible consequences resulting from the hazard.

    Residual Risk Index - The index of the worst credible consequences resulting from the hazard once corrective actions have been implemented.

Safety - Freedom from harm resulting from unintentional acts or circumstances.

Safety Certification - An element of the System Safety Program that documents the functional working of the System Safety Program, and provides a documented database from which to validate the active processes necessary to produce a safe system, ready for revenue service. Used primarily on new systems and expansions of operational properties.

Scenario Analysis - An interpretive methodology that encourages role-playing by transportation personnel, emergency responders, and contractors to brainstorm ways to attack the system. This analysis uses the results of threat analysis, paired with the system’s list of critical assets. Transportation personnel use this analysis to identify the capabilities required to support specific types of attacks. This activity promotes awareness and highlights those activities that can be preformed to recognize, prevent, and mitigate the consequences of attacks.

Security - Freedom from harm resulting from intentional acts or circumstances.

Security Breach - An unforeseen event or occurrence which endangers life or property and may result in the loss of services or system equipment.

Security Threat - Any intentional action with the potential to cause harm in the form of death, injury, destruction, disclosure, interruption of operations, or denial of services.

Sensitive Security Information (SSI) - Information as described at 49 CFR § 1520.5 / 49 CFR § 15.5. SSI is information obtained or developed in the conduct of security activities, the disclosure of which would be detrimental to transportation safety. SSI includes: security program plans, security and vulnerability assessments, threat information, incident response plans, security directives and measures, security inspection or investigative information, security screening information or procedures, specifications for devices for detection of weapons or destructive devices or substances, specifications for communications equipment used for transportation security, and critical infrastructure information (see Critical Infrastructure).

System - A composite of people (employees, passengers, others), property (facilities and equipment), environment (physical, social, institutional), and procedures (standard operating, emergency operating, and training) which are integrated to perform a specific operational function in a specific environment.

System Security - The application of operating, technical, and management techniques and principles to the security aspects of a system throughout its life to reduce threats and vulnerabilities to the most practical level through the most effective use of available resources. System Security Program is the combined tasks and activities of system security management and system security analysis that enhance operational effectiveness by satisfying the security requirements in a timely and cost-effective manner through all phases of a system life cycle. System Security Management is an element of management that defines the system security requirements and ensures the planning, implementation, and accomplishments of system security tasks and activities.

System Security Program Plan - a document developed and adopted by a transit agency describing its security policies, objectives, responsibilities, and procedures.

Terrorism - Under the Homeland Security Act of 2002, terrorism is activity that involves an act dangerous to human life or potentially destructive of critical infrastructure or key resources and is a violation of the criminal laws of the United States or of any state or other subdivision of the United States in which it occurs and is intended to intimidate or coerce the civilian population or influence a government or affect the conduct of a government by mass destruction, assassination, or kidnapping.

Threat - An indication of possible violence, harm, or danger. Any real or potential condition that can cause injury or death to passengers or employees of damage to or loss of transit equipment, property, and/or facilities.

Threat and Vulnerability Assessment - An evaluation performed to consider the likelihood that a specific threat will endanger the system, and to prepare recommendations for the elimination or mitigation of all threats with attendant vulnerabilities that meet pre-determined thresholds. Critical elements of these assessments include:

    Threat Analysis - Defines the level or degree of the threats against a specific facility by evaluating the intent, motivation, and possible tactics of those who may carry them out

    Threat Probability - The probability a threat will occur at a specific facility during its life cycle (typically quantified as 25 years), for example:

      Frequent: Event will occur within the system’s lifecycle.

      Probable: Expect event to occur within the system’s lifecycle.

      Occasional: Circumstances expected for that event; it may or may not occur within the system’s lifecycle.

      Remote: Possible but unlikely to occur within the system’s lifecycle.

      Improbable: Event will not occur within the system’s lifecycle.

Threat Severity - A qualitative measure of the worst possible consequences of a specific threat in a specific facility:

    Category 1 - Catastrophic: May cause death or loss of a significant component of the transit system, or significant financial loss.

    Category 2 - Critical: May cause severe injury, severe illness, major transit system damage, or major financial loss.

    Category 3 - Marginal: May cause minor injury or transit system damage, or financial loss.

    Category 4 - Negligible: Will not result in injury, system damage, or financial loss.

Threat Resolution - The analysis and subsequent action taken to reduce the risks associated with an identified threat to the lowest practical level.

Transportation Security Administration (TSA) - see Department of Homeland Security (DHS).

Unified Command - An application of ICS used when there is more than one agency with incident jurisdiction or when incidents cross political jurisdictions. Agencies work together through the designated members of the UC, often the senior person from agencies and/or disciplines participating in the UC, to establish a common set of objectives and strategies and a single IAP.

Unsafe Condition or Act - Any condition or act which endangers life or property.

Urban Area Security Initiative (UASI) - A security grant assistance program of the U.S. Department of Homeland Security (DHS), administered through the Office of Grants and Training. UASI provides grant assistance to address the unique planning equipment training and exercise needs of identified high-risk urban areas (UAs), ports and mass transit agencies, and to assist them in building an enhanced capability to prevent, respond to, and recover from acts of terrorism.

Vulnerability - Characteristics of passengers, employees, vehicles, and/or facilities which increase the probability of a security breach.

Vulnerability Analysis - The systematic identification of physical, operational and structural components within transportation facilities and vehicles that can be taken advantage of to carry out a threat. This includes vulnerabilities in the design and construction of a given transit facility or vehicle, in its technological systems, and in the way it is operated (e.g., security procedures and practices or administrative and management controls). Vulnerability analysis identifies specific weaknesses with respect to how they may invite and permit a threat to be accomplished.

Appendix H: Checklist for Reviewing the System Security and Emergency Preparedness Plan

Rail Transit Agency (RTA) ___________________________________________________________

State Oversight Agency Reviewer ___________________________ Date _______________

#

CHECKLIST ITEM

PLAN REQUIREMENTS

Does the PLAN contain or provide for the following:

INCLUDED

Yes — No

PAGE REF.

COMMENTS

1. Policy Statement
  • A policy statement should be developed for the System Security and Emergency Preparedness Plan (SEPP).
  • The policy statement should describe the authority that establishes the SEPP, including statutory requirements and the rail transit agency’s relationship with the oversight agency.
  • The policy statement is signed and endorsed by the rail transit agency’s chief executive.

     

     

     

    1.1 Purpose
    • The SEPP should identify the purpose of the security program endorsed by the agency’s chief executive
    • The SEPP should introduce the concept of “system security.”
    • The SEPP introduces the concept of “emergency preparedness.”

     

     

     

    1.2 Goals and Objectives
    • The SEPP should identify the goals of the SEPP program endorsed by the agency’s chief executive.
    • The SEPP should identify the objectives of the SEPP program endorsed by the agency’s chief executive.

     

     

     

    1.3 Scope
    • Describe the scope of the SEPP and Program.

     

     

     

    1.4 Security and Law Enforcement
    • Describe the security and law enforcement functions that manage and support implementation of the SEPP.

     

     

     

    1.5 Management Authority and Legal Aspects
    • Describe the authority which oversees the operation and management of the rail transit agency, including its security/police function.

     

     

     

    1.6 Government Involvement
    • Describe how the SEPP interfaces with local, state and federal authorities to ensure security and emergency preparedness for the system.

     

     

     

    1.7 Security Acronyms and Definitions
    • Provide a listing of acronyms and definitions used in the SEPP.

     

     

     

    2.1 Background and History
    • A description of the agency including general overview, a brief history and scope of rail transit services provided.

     

     

     

    2.2 Organizational Structure
    • Organizational charts showing the lines of authority and responsibility as they relate to security and emergency preparedness.

     

     

     

    2.3 Human Resources
    • Provide a categorization and break-down of all employees and contractors who work for/on the rail transit agency.

     

     

     

    2.4 Passengers
    • Provide a description of the rail transit agency’s ridership.

     

     

     

    2.5 Services and Operations
    • Describe the rail transit agency’s operations and services.

     

     

     

    2.6 Operating Environment
    • Describe the rail transit agency’s operating environment.

     

     

     

    2.7 Integration with Other Plans
    • Describe how the SEPP integrates with other plans and programs maintained by the rail transit agency.

     

     

     

    2.8 Current Security Conditions
    • Description of the current security conditions at the rail transit agency and the types of security incidents experienced by the transit system and their frequency of occurrence.

     

     

     

    2.9 Capabilities and Practices
    • Summary description of methods and procedures, devices, and systems utilized to prevent or minimize security breaches, including passenger education, campaigns, delay, detection, and assessment devices, and others that may be applicable.

     

     

     

    3.1 Responsibility for Mission Statement
    • Identification of the person(s) responsible for establishing a transit system security and emergency preparedness policy and for developing and approving the SEPP.

     

     

     

    3.2 Management of the SEPP Program
    • Identification of the person(s) with overall responsibility for transit security and emergency preparedness, including day-to-day operations, SEPP-related internal communications, liaison with external organizations, and identifying and resolving SEPP-related concerns.

     

     

     

    3.3 Division of Security Responsibility
    • Listing of SEPP-related responsibilities of the personnel who work within the transit agency security/police function
    • Listing of SEPP-related responsibilities of other departments/functions, including their relationship to the security/police function.
    • Listing of security-related responsibilities for other (non-security/police) rail transit agency employees, including their relationship to the employee’s other duties.
    • A SEPP Program Roles and Responsibilities Matrix should be developed showing interfaces with other transit system departments/functions and the key reports or actions required.
    • The responsibilities of external agencies for supporting SEPP development and implementation should be identified.”
    • The committees developed by the rail transit agency to address security issues should be identified .

     

     

     

    4.1 Planning
    • Identification of SEPP activities and programs in place at the rail transit agency to support planning for system security and emergency preparedness.

     

     

     

    4.2 Organization
    • Identification of the organization of SEPP-related activities and programs and the ability to coordinate with external response agencies.

     

     

     

    4.3 Equipment
    • Description of the equipment used to support implementation of the SEPP program.

     

     

     

    4.4 Training and Procedures
    • Description of SEPP-related training and procedures available to ensure employee proficiency.

     

     

     

    4.5 Exercises and Evaluation
    • Description of SEPP-related activities to ensure the conduct of emergency exercises and evaluation.

     

     

     

    5.1 Threat and Vulnerability Identification
    • Description of the rail transit agency’s activities to identify security and terrorism-related threats and vulnerabilities.

     

     

     

    5.2 Threat and Vulnerability Assessment
    • Description of the rail transit agency’s activities to assess the likely impacts of identified threats and vulnerabilities on the system and to identify particular vulnerabilities which require resolution.

     

     

     

    5.3 Threat and Vulnerability Resolution
    • Description of how response strategies (both short- or long-term strategies) are developed for prioritized vulnerabilities, including the decision process used to determine whether to eliminate, mitigate, or accept security problems.

     

     

     

    6.1 Required Tasks for Goals and Objectives
    • Identification of tasks to be performed to implement the goals and supporting objectives required to implement the SEPP.

     

     

     

    6.2 Task Schedule
    • General schedule with specific milestones for implementation of the security program, threat and vulnerability analyses, staff security training, and regular program reviews during the implementation process.

     

     

     

    6.3 Evaluation
    • Description of the types of internal management reviews to be conducted, the frequencies of the reviews, and the person(s) responsible.

     

     

     

    7.1 Initiation of SEPP Revisions
    • Description of process used to initiate revisions to the security plan, gather input for the revisions, procedures for updating the security plan, and identification of responsible person(s).

     

     

     

    7.2 Review Process
    • Description of the process used to review and revise the security plan as necessary, including frequency of reviews, and responsible person(s).

     

     

     

    7.3. Implement Modifications
    • Description of the process used to communicate and disseminate new and revised procedures and other elements of the security plan to appropriate transit agency staff.

     

     

     

    Appendix I: Checklist for Reviewing Rail Transit Agency Accident Investigation Reports and Supporting Documentation<

    Summary Checklist for Reviewing Rail Transit Agency Accident Investigation Reports and Supporting Documentation

    SAFETY AND SECURITY OVERSIGHT PROGRAM CHECKLIST FOR REVIEWING RTA INVESTIGATION REPORTS
    Rail Transit Agency: Date Submitted:
    Event Date/Description: Reviewer(s):
    Investigation Report: Comment:
    Summary
    Facts/Sequence of Events
    • Location of reportable event and/or hazard
    • Injuries to persons
    • Other damage
    • Operator information
    • Train information, including method of operation
    • Weather conditions
    • Other environmental factors
    • Fire
    • Tests and research
    • Other information

    Analysis
    • Are analytic methods and results identified?
    • Does analysis support inferences and guide judgment by validity, consistency and logic?
    • Have facts, conditions, circumstances and inferences been properly reviewed and evaluated?
    • Were people, procedures, equipment, facilities, and environmental factors considered in the analysis?

    Recommendations
    • Are they feasible and supported by findings?
    • Are they itemized/specific enough to facilitate corrective actions?
    • Are they directed toward correcting a particular area and assigned to specific individuals and/or departments for action?
    • Do they establish specific target dates on a schedule for implementation or completion?

    Appendices
    • upporting documentation
    • Drawings, photographs
    • Interviews
    • Other (specify)

    This investigation report is:
    _____ Approved
    _____ Not approved, additional requirements specified below

    Comments/Requirements:
    Reviewed By: Date:
    Approved By: Date:

    Detailed Checklist for Reviewing Rail Transit Agency Accident Investigation Reports and Supporting Documentation

    Overview

    This checklist identifies a set of activities that should have been performed by the RTA in conducting an investigation of accidents meeting thresholds specified by SOA. Since each accident may be different, the tasks and procedures detailed in this checklist will not necessarily be applied to, nor required for, every RTA accident investigation. In applying this checklist, SOA staff should carefully assess which elements of the checklist are applicable to the particular investigation, and address only those elements.

    Review Elements

    Notification:

    1) Did the RTA notify SOA of the accident within the required two-hour timeframe?

    Yes

    No

    Partially

    Notes:

    2) Was the RTA Initial Notification complete, and did it address the required points of information?

    Yes

    No

    Partially

    Notes:

    3) Was the RTA’s internal notification process appropriately applied, ensuring that all RTA personnel who needed to be informed of the accident were so notified?

    Yes

    No

    Partially

    Notes:

    Initial Response:

    4) Upon notification of an accident, did responsible modal supervisory personnel respond to the scene and establish, as necessary, the RTA’s on-site Incident Management Organization or Incident Command (IC)?

    Yes

    No

    Partially

    Notes:

    5) Did the responsible modal supervisory personnel coordinate appropriately with the on-site Incident Command established by outside emergency responders and become a resource to the emergency responder Incident Commander?

    Yes

    No

    Partially

    Notes:

    6) If appropriate, did the RTA implement its Emergency Operations Plan and/or emergency response procedures to manage the accident?

    Yes

    No

    Partially

    Notes:

    Investigator in Charge:

    7) Did the RTA designate an Investigator in Charge (IIC) to conduct the investigation in accordance with the RTA’s SSPP and Accident/Incident Investigation Procedure?

    Yes

    No

    Partially

    Notes:

    8) Upon notification of an accident/incident meeting RTA investigation thresholds, did the IIC respond to the scene in a timely manner?

    Yes

    No

    Partially

    Notes:

    9) While on-scene, did the IIC have sufficient authority to initiate, coordinate, and conduct an independent on-site investigation of the accident?

    Yes

    No

    Partially

    Notes:

    10) Did the RTA support the IIC with an accident investigation team?

    Yes

    No

    Partially

    Notes:

    11) Upon arriving on the scene, did the IIC serve as the point of contact/communication with any responding regulatory agency, including SOA?

    Yes

    No

    Partially

    Notes:

    Accident Scene:

    12) If not in conflict with any authority having jurisdiction, did the IIC secure the scene in order to preserve site conditions and evidence to ensure accurate data development?

    Yes

    No

    Partially

    Notes:

    13) Did the IIC follow the RTA’s designated procedure for securing the scene?

    Yes

    No

    Partially

    Notes:

    14) Did the IIC coordinate with the RTA on-scene response to obtain, as needed, technical assistance/expertise in conducting required post accident/incident assessments of vehicles, infrastructures, physical plant, and/or equipment?

    Yes

    No

    Partially

    Notes:

    15) What specific technical assistance/expertise did the IIC request at the scene from RTA personnel? Examples of technical assistance/expertise include, as applicable, inspection, testing, and operational assessment of the following: signals, track, power, communications, and vehicle and equipment.

    Notes:

    16) If the IIC requested technical assistance/expertise, did the IC ensure that the required technical assets are made available and deployed to the scene in a timely manner?

    Yes

    No

    Partially

    Notes:

    17) Did the IIC meet his or her objectives when initially responding to an accident scene? Objectives specified in RTA procedures include: securing the scene to ensure safety and prevent a second accident, preserving short term and long term physical evidence, developing a preliminary sequence of events to determine what happened, and identifying employees, passengers, and other eyewitnesses to obtain preliminary statements and contact information.

    Yes

    No

    Partially

    Notes:

    18) Did the RTA response effectively ensure that short term information, which becomes quickly perishable as an accident scene is recovered (e.g. equipment or obstructions are moved or re-arranged, equipment controls are repositioned, witnesses “disappear”, etc.), was documented to the greatest extent possible?

    Yes

    No

    Partially

    Notes:

    Accident Photography:

    19) Upon arrival on the accident scene, did the IIC arrange to have the scene photographed as soon as possible from a “panoramic” view, preferably before the accident scene is restored?

    Yes

    No

    Partially

    Notes:

    20) Did this panorama view include camera photographic shots of the involved vehicle(s) in full view, nearby infrastructure features, and any evident significant obstructions, objects, or conditions?

    Yes

    No

    Partially

    Notes:

    21) Were accident scene photographs taken using a ‘4 point compass’ method?

    Yes

    No

    Partially

    Notes:

    22) Was the entire scene photographed from multiple vantage points?

    Yes

    No

    Partially

    Notes:

    23) Did the photographer attempt to provide sufficient depth-of-field to show relative positioning of objects and subjects for later comparison with diagrams?

    Yes

    No

    Partially

    Notes:

    24) Did the photographer arrange to have specific objects or subjects photographed as soon as possible from both normal periphery and close-up views, preferably before the accident scene was restored?

    Yes

    No

    Partially

    Notes:

    25) Did the photographer attempt to ensure appropriate depth-of-field to sufficiently record subject material?

    Yes

    No

    Partially

    Notes:

    26) Did the photographer attempt to include, as appropriate: (1) each vehicle involved, exterior four sides, including number, (2) each vehicle involved, interior compartment,

    (3) each vehicle involved, operating control compartment, (4) resting position of wheels if off track, including evidence of sanding, (5) all visible points of vehicle damage, (6) evidence of wheel marks on rail, (7) all visible points of infrastructure damage, (8) any visibly evident contributing obstructions, objects, or conditions, (9) position of casualties, if stationary, and (10) any other subject that appears out of the ordinary?

    Yes

    No

    Partially

    Notes:

    Initial Documentation:

    27) Was initial documentation prepared for the investigation, including: (1) the location of the accident, (2) the date of occurrence, (3) the time of occurrence, (4) the time of arrival of IIC, supervisory staff, and responders, (4) the visibility conditions at the scene (dawn, day, dusk, dark), (5) the weather at the scene (clear, cloudy, rainy, foggy, snowing, sleeting), and (6) the approximate temperature at the scene?

    Yes

    No

    Partially

    Notes:

    28) Was eyewitness information obtained at the scene as quickly as possible? Information should include: (1) witness name, address, telephone number, (2) witness category (employee, passenger, bystander), (3) status of witness (observer or principal involved in accident) and (4) brief description or account of what was or was not observed.

    Yes

    No

    Partially

    Notes:

    29) Was the damage and condition of the vehicle(s) documented appropriately, including monetary damage estimate? Elements to be considered may include: (1) car body condition (visible damage), (2) positions of all operator controls (controller & brake handles, headlight and other switches, air gauge readings, etc.), (3) wheels, axles, trucks, and/or sanders, (4) brake systems – friction, electric (dynamic), track, (5) door positions or other entry/exit location conditions, and (6) headlights, marker lights, indicator lights status.

    Yes

    No

    Partially

    Notes:

    30) Was evidence appropriately documented relative to vehicle travel/speed to include, as a minimum, the following: (1) ensure event log data (where in service) is secured, (2) identify wheel marks on track, (3) identify evidence of sanding, (4) identify evidence indicating area of contact/collision, (4) determine line-of-sight distances, and (6) ensure arrangement to secure recorded communication data?

    Yes

    No

    Partially

    Notes:

    31) Were damage to and condition of the infrastructure and environmental conditions appropriately documented, including monetary damage estimate? Items to consider include the following: (1) damage (observable) to track, signals, bridges, structures, buildings, other infrastructure equipment or machinery, (2) damage (observable) to crossing protection apparatus, if relevant, (3) roadway approaches, visible pedestrian approaches (unauthorized or otherwise), if relevant, (4) evidence (observable) of recent environmental alteration (washout, landslide, etc.), (5) evidence (observable) of recent miscreant alteration (vandalism), and (6) point of derailment, collision, or other incident.

    Yes

    No

    Partially

    Notes:

    Sketch of Accident Scene:

    32) Was the scene sketched, as appropriate, regarding the relative location of track(s), vehicle(s), signals, equipment, apparatus, buildings, bridges, other structures? Include noteworthy landmark features, such as roadways, waterways, pathways, flora, etc.?

    Yes

    No

    Partially

    Notes:

    33) Was the diagram alignment relative to geographic north?

    Yes

    No

    Partially

    Notes:

    34) Were points of reference indelibly marked in the field (e.g. paint or chalk markings)?

    Yes

    No

    Partially

    Notes:

    35) Was correlation of points of reference documented with regard to resting positions of objects or subjects?

    Yes

    No

    Partially

    Notes:

    36) Were “feet” used as a standard unit of measure?

    Yes

    No

    Partially

    Notes:

    Casualty Information:

    37) Was the status of all known casualties documented?

    Yes

    No

    Partially

    Notes:

    38) Did this include: (1) total number of injuries, (2) total number of fatalities, (3) identification of emergency response units that treated or transported casualties, and (4) identification of hospitals where casualties were transported?

    Yes

    No

    Partially

    Notes:

    Drug and Alcohol Testing:

    39) The RTA is mandated by 49 CFR Part 655, “Prevention of Alcohol Misuse and Prohibited Drug Use in Transit Operations,” to conduct toxicological testing based upon regulatory requirements, collective bargaining agreements, or standard policy. Did RTA field supervisory personnel make appropriate determinations regarding which employees, if any, were subject to testing based upon the criteria?

    Yes

    No

    Partially

    Notes:

    40) Did the RTA identify the authorization to conduct the test, and the type of test that was required? Authorization and type includes the following: (1) FTA (For Cause, Post Accident), (2) FRA (For Cause, Post Accident), (3) RTA (For Cause, Post Accident), and (4) Local or Regional Police.

    Yes

    No

    Partially

    Notes:

    Off-Scene Accident Investigation:

    41) Once the accident scene had been recovered, did the RTA IIC pursue the three objectives specified in RTA procedures for accident investigation data development: (1) to collect remaining applicable non-perishable data, (2) to conduct interim research and analysis of all collected data to date to reconstruct the event, and (3) to determine probable cause and contributing factors?

    Yes

    No

    Partially

    Notes:

    42) In the aftermath of an accident, long term information that is non-perishable must be collected (e.g. operational speeds and conditions, maintenance and inspection records, damage estimates, etc.) The primary task of off-site data collection is to coordinate documentation to support evaluation of system, vehicle, and employee performance. Did the IIC coordinate needed post-accident research and analysis with all support departments and independent outside agencies?

    Yes

    No

    Partially

    Notes:

    43) Did the IIC arrange for providing specialized technical support within the respective discipline(s) and/or departments?

    Yes

    No

    Partially

    Notes:

    Off-Scene Vehicle Investigation:

    44) Did the IIC arrange to conduct and/or document post-accident inspections/tests on vehicles as needed to determine if pre-existing conditions contributed to the accident? Applicable components to be tested may include, as a minimum, the following: (1) operator controls, (2) wheels/axles/trucks/sanders, (3) braking systems friction, electric (dynamic), track, (4) on-board signal/speed control systems, (5) communication system, (6) lights, and (7) whistle/horn/gong.

    Yes

    No

    Partially

    Notes:

    45) Were all applicable engineering specifications and drawings obtained to support the investigation?

    Yes

    No

    Partially

    Notes:

    46) Was the prior maintenance history of vehicle(s) or component(s) involved in the accident researched to determine if any significant conditions or performance levels existed prior to the accident?

    Yes

    No

    Partially

    Notes:

    47) Were RTA procedures appropriately followed in accessing this information?

    Yes

    No

    Partially

    Notes:

    48) Was systems performance data (inspections/tests, maintenance history) compared with prescribed engineering limits/specifications to determine if there were any contributing factors to the accident?

    Yes

    No

    Partially

    Notes:

    49) Were vehicle damage and repair costs verified?

    Yes

    No

    Partially

    Notes:

    50) Was event log data recovered from the vehicle to determine actual vehicle performance prior to and at the time of the event?

    Yes

    No

    Partially

    Notes:

    51) Was recorded radio or other communication data recovered to determine if flow of information was of significance?

    Yes

    No

    Partially

    Notes:

    Off-Scene Infrastructure Investigation:

    52) Were timely post-accident inspections/tests on infrastructure conducted as needed to determine if pre-existing conditions contributed to the accident? This activity might have included tests for: (1) track structure, (2) traction power system, (3) signal systems, (4) routing systems, (5) buildings and other structures, (6) bridges, (7) grade crossing protection apparatus, and (8) other equipment or machinery.

    Yes

    No

    Partially

    Notes:

    53) Was data recovered from any off-vehicle event recorders such as signal system event recorders or other software driven records systems?

    Yes

    No

    Partially

    Notes:

    54) Was the prior maintenance history of all systems involved in the accident researched to determine if any conditions/performance levels existed prior to the accident?

    Yes

    No

    Partially

    Notes:

    55) Were designed RTA procedures followed in accessing this information?

    Yes

    No

    Partially

    Notes:

    56) Was systems performance data (inspections/tests, maintenance history) compared against prescribed engineering limits/specifications to determine if there were any contributing factors to the accident?

    Yes

    No

    Partially

    Notes:

    57) Were infrastructure damage and repair costs verified?

    Yes

    No

    Partially

    Notes:

    Off-Scene Operating Procedures/Instructions Investigation:

    58) Were all applicable operating instructions identified for the location of accident? These include, but are not limited to, the following: (1) maximum authorized speed and speed restrictions, (2) operating signs and locations, (3) wayside signal locations and aspects capable of being displayed, (4) bulletins or other special operating orders in effect at time of accident, (5) automatic signal systems in effect (train control, cab signals, interlockings, automatic block, etc.), and (6) any special operating conditions.

    Yes

    No

    Partially

    Notes:

    59) Were applicable federal and state rules/regulations obtained and researched to determine compliance and effect on accident dynamics? As applicable, these should include, at a minimum, the following: (1) motor vehicle code, (2) operating standards and practices, (3) equipment standards, (4) qualification/certification level requirements, (5) inspection/maintenance standards, and (6) safety standards and practices.

    Yes

    No

    Partially

    Notes:

    Off-Scene Interviews:

    60) Were detailed face-to-face interviews conducted as needed to determine sequence of events leading up to and at time of the accident? If possible, these interviews should have been tape recorded and supported by a signature from interviewee attesting to the accuracy of the statement.

    Yes

    No

    Partially

    Notes:

    61) At a minimum, did interviews include: crew members, other employees directly or indirectly involved in the sequence of events, non-employee accident principals, passengers and bystander witnesses?

    Yes

    No

    Partially

    Notes:

    62) Was interview data obtained from other independent sources (i.e., law enforcement)?

    Yes

    No

    Partially

    Notes:

    63) Were applicable reports obtained from operators and supervisors for the investigation?

    Yes

    No

    Partially

    Notes:

    64) Were other applicable reports of investigation obtained from outside agencies and law enforcement?

    Yes

    No

    Partially

    Notes:

    Off-Scene Employee Records Review:

    65) Were employee records researched for performance history or incidents relating to accident dynamics? These records should include, but are not limited to, the following:

    (1) operating and safety practices compliance, (2) qualification/certification levels and experience, (3) training and continuing education history, (4) accident/incident history, (5) toxicological and medical history, and (6) attendance/discipline history.

    Yes

    No

    Partially

    Notes:

    66) Were employee hours of service before the accident researched and documented? This should include the following: (1) time employee reported for duty, (2) elapsed time from on-duty time until time of accident, (3) break periods before accident, (4) available off-duty hours before reporting for assignment, (5) number of consecutive days worked prior to day of accident, and (6) nature of off-duty activity prior to accident.

    Yes

    No

    Partially

    Notes:

    67) Was the employee’s fitness for duty researched and documented? This should include the following: (1) visual acuity, (2) pre-existing medical conditions, and (3) consumption of prescription/non-prescription medication.

    Yes

    No

    Partially

    Notes:

    68) Were all aspects of employee performance considered comparative to operating conditions, vehicle and infrastructure conditions, and human physical limitations?

    Yes

    No

    Partially

    Notes:

    Off-Scene Casualty Investigation:

    69) Were hospitals contacted to verify casualties?

    Yes

    No

    Partially

    Notes:

    70) Was the following information obtained: number of casualties, identities of casualties, and severity of casualties (injuries vs. fatalities [include Medical Examiner reports])?

    Yes

    No

    Partially

    Notes:

    Off-Scene Trespasser Investigation:

    71) Was additional research conducted for trespasser events?

    Yes

    No

    Partially

    Notes:

    72) Did the RTA investigate reports prepared by law enforcement agencies related to indications of suicide or foul play?

    Yes

    No

    Partially

    Notes:

    73) Did the RTA obtain and review Medical Examiner toxicological reports?

    Yes

    No

    Partially

    Notes:

    74) Comparison of research data to event log and communication data to determine performance level?

    Yes

    No

    Partially

    Notes:

    Analysis of Collected Investigation Information:

    75) Did the RTA IIC document vehicle, infrastructure, or operating conditions that could have contributed to casualties, or increased severity of same?

    Yes

    No

    Partially

    Notes:

    76) Did the RTA IIC obtain results of post-accident toxicological testing?

    Yes

    No

    Partially

    Notes:

    77) Did the RTA IIC obtain determination of toxicological significance, if available?

    Yes

    No

    Partially

    Notes:

    78) As considered relevant, did the RTA IIC reconstruct the accident dynamics and sequence of events based upon all data from on-site investigation and off-site research?

    Yes

    No

    Partially

    Notes:

    79) Did the RTA IIC establish facts that were contributory to the accident?

    Yes

    No

    Partially

    Notes:

    80) Did RTA IIC fact-finding identify the following: actual vehicle performance, actual infrastructure performance, actual employee performance, performance data or mathematical calculations to determine vehicle speeds and/or impacts, scale drawings/diagrams, and photographic evidence?

    Yes

    No

    Partially

    Notes:

    81) Once the readily obtainable information for the investigation was assembled, did the ICC ensure that all existing evidence was evaluated prior to making a general determination as to the contributing factors and probable cause of the accident?

    Yes

    No

    Partially

    Notes:

    82) In determining the contributing factors and probable cause of the accident, is it clear that the RTA IIC and/or the RTA accident team reviewed the following: initial accident report, operator and supervisor reports, interview reports, technical reports (vehicle, infrastructure, other), outside agency reports, data contained on employee records, hand-written statements, event log data, radio/communication tapes and/or transcripts, maps, drawings, or diagrams, and photographs or videos?

    Yes

    No

    Partially

    Notes:

    Investigation Report and Corrective Action Plan

    83) Did the RTA IIC prepare a draft report detailing the data and analysis to support a determination of cause and recommended corrective action, where needed?

    Yes

    No

    Partially

    Notes:

    84) Was the draft report completed within the timeframe specified by the SOA and the RTA SSPP and Accident Investigation Procedure?

    Yes

    No

    Partially

    Notes:

    85) Did the draft report contain the following sections: Executive Summary, Sequence of Events, (prior to the accident/incident, the accident/incident, subsequent to the accident/incident), Findings/Analysis, Conclusions, Probable Cause, Contributory Causes, and Recommendations?

    Yes

    No

    Partially

    Notes:

    86) Did the RTA IIC and/or RTA accident team coordinate with affected departments to draft a corrective action plan for implementing recommendations specified in the draft accident investigation report?

    Yes

    No

    Partially

    Notes:

    87) Did the RTA prepare a corrective action plan for all recommendations developed following an accident/incident investigation?

    Yes

    No

    Partially

    Notes