Incident Command Team
Each incident procedure requires management. Whether from different departments of a company which owns or leases a facility, from the port, from the ships, area jurisdictions, mutual aid partners, or from State and Federal agencies, these entities need to be able to respond, plan, prepare and communicate with each other. The Incident Command Team section consists of menus that link to tiered levels of command. The users are able to quickly identify the names, position titles, contact information and the roles of each position. NIMS standards require uniform titles for some positions. Data from each screen may be printed as a report.
Security Incident Management
Incident management is driven by security incident procedures. Each incident will have its own set of planning, training, drills/exercises, deployment of personnel/equipment/supplies, communication, preparedness, response, prevention/mitigation and recovery components and procedures. In addition, procedures for each incident and incident component differ as Navigational & Vessel Inspection Circulars (NVIC) and Maritime Security (MARSEC) Directives are issued.
A security plan that is comprehensive and prepared for all security eventualities, from threats and crisis early warning signs to actual security crises, is possessed with a list of specific security incident procedures that could run into the thousands. The SeaPort Security Software (SPSS) program provides a well-organized framework with supporting data acquisition, formatting, exchange and reporting methods which all help to manage and strengthen incident procedures. The Security Incident Management section provides a cost effective method to organize, implement and keep incident procedures up to date. Reports of the procedures are made available in electronic or hard copy form.
Security Incidents & Incident Components
The Security Incident drop-down menu will contain a list of security incidents. The Incident Component menu will show a list of components. The Drills Logs button is a link to the file for logging Training, Drills and Exercising events.
NIMS sets minimum standards for many incident procedures, particularly response, preparedness, resource management and communications. SPSS provides the means to efficiently and economically manage these procedures per required standards.
MARSEC Levels, Procedures and Latest Directives
The text boxes named 1, 2 & 3 indicate procedures for security incidents that are different for each MARSEC level. They contain the procedures dictated by the selections that are made in the Security Incident and Incident Component menus above. The Record button will show the user a record of changes in MARSEC Levels including receiving, compliance, confirmation by date and time, and notification of stakeholders. The Notice To Entities menu provides quick access to predetermined links for communication with Incident Command Team members.
Incident Management Capabilities Audit & Measures
A facility audit is conducted with the protocols for the analysis of existing vulnerabilities and management capabilities. Determinations and measures or counter measures are made to meet required standards. The Vessel Security Plan (VSP) and the Area Maritime Security Plan (AMSP) use a set of protocols, directives, questions and measures that are specific to their operations. The number of questions is typically a large number and is quickly downloaded to the SPSS program.
The particular entity records the answers in the appropriate box in the Audit screen. Questions with a "not satisfactory" (NS) answer and those answers that are not accepted are automatically assigned to the Measures data file
Incident Management Capabilities Audit
The Audit is a self-administered electronic question and answer form that is done annually or periodically. The questions address conditions, vulnerabilities, deficiencies and the capabilities of the entity's security incident management.
The Audit is combination of questionnaires developed by regulatory agencies. In the case of Facility Security Plans, questions of the USCG Facility Security Plans Review Checklist for General Facilities are required. NIMCAST of the National Incident Management System and other jurisdictional agencies with performance-based mandated standards also require compliance.
Incident Management Capabilities Measures
Measures are defined as a series of steps toward an objective. For efficiency of dealing with most all measures, they are put into two categories:
1) Those that involve personnel procedures and,
2) Those that involve physical/structural initiatives.
The initiation of personnel measures that are required to meet compliance is managed with the Security Incident Management section. The initiation of physical, structural, equipment, operating and security systems measures is managed with the use of the applicable Facility, Vessel or Area Maritime Structures Measures.
Measures for Action and Priority are displayed. Audit and Measures Reports are produced automatically and may be configured to report summaries of actions by priority, and time schedules for implementation.
Facility Structures Audit & Measures
The Facility Structures Audit & Measures area consists of two screens: the Facility Structures Audit and the Facility Structures Measures. The disposition, arrangement and working condition of buildings, structures, equipment, security and alarm systems, or the absence thereof, have a major impact on the security of the site, structures and personnel. Each screen has linkages to maps and graphic images. Locations are marked upon the various images to permit audit team members to better visualize the interface of a wide range of incident procedures with the condition of the physical facility and its ability to meet security needs.
The purpose of the Facility Structures Audit is to record observations and deficiencies of physical items that are located on the site or in and on structures. A secure access electronic intra/inter network may be implemented to communicate site-specific data.
Facility Structures Audit
Physical facility, structures and site data is acquired with portable pen-based computing technology or with hard copy forms and then downloaded. Data that is recorded on the screen is referenced to a numbered location on a site map or building plan image.
The Item menu consists of 8 categories of items, which comprise the entire physical FACILITY. They are: Site, Site Access, Site Perimeter, Structures, Doors, Security Systems, Mechanical Electrical Systems, and Communication Systems. Each of the 8 items is broken down into its diverse parts, which describe each Item in more detail. This detailed data is selected from the Feature drop-down menu. The View box selects the maintenance record of an Item/Feature. Observations and Deficiencies (Obs/Def) and Priorities are selected from drop-down menus. The data that is generated from this screen is incorporated with Measures data.
Facility Structures Measures
The purpose of the Facility Structures Measures is to assess the options for bringing the physical plant/facility items that have been discovered to be deficient into compliance. A Costs estimating section is included with the Measures screen to assist management in making decisions about capital expenditures. Financial analyses protocols are available that perform Life Cycle Cost and Least Cost Combination of Capital and Operating Costs Analyses.
The framework of this section and the organization of the data are similar for the Area Maritime (AMSP), Vessel (VSP) and Facility Security (FSPM) Plans. Reports are produced automatically for Audits, Measures, Cost Estimates, Priorities, Financial Analyses and Equipment Systems Maintenance & Certification.
This screen is accessed from the Audit. The
screen will automatically down load data to the Measures data screen into the
boxes titled Image,
Location, Item No,
Item/Feature, Obs/Def/ Notes and
Priority. Maintenance deficiencies of equipment and operating systems that have
been selected in the Audit are also downloaded.
Security Vulnerability & Incident Tracking
The purpose of the Security Vulnerability & Incident Tracking section is two fold:
1) To continuously update the prioritized list of asset vulnerabilities that have already been
made in the plan development process and actual incidents that have occurred. And
2) To report and record actual security incidents, threats, early warning signs and the results
of person ID queries.
The use of risk-based analysis and the record of actual incidents, which include tracking of incident early warning signs, threats and person ID queries thru national ID databases are effective tools to plan, train, prepare for, mitigate and prevent the endangering of assets and the occurrence of security breaches. An important application of risk management combined with factual incident information is the economics of what assets with what vulnerabilities should be supported with personnel, operational and capital resources. The findings of the risk-based assessment models are incorporated in the Asset Vulnerability data menu and applied to the security incident management process.
The port security assessment model developed for Area Maritime Security Plans employs four levels of risk assessment. They are criticality, threat, consequence and vulnerability of which the combined assessments of an asset are assigned a single score, ranking or priority. The Transportation Security Administration's "TSA Maritime Self-Assessment Risk Module" (TMSARM) and TRAVEL Programs have also been developed for risk assessment of assets of Vessels and Facilities Security Plans.
Security Vulnerability & Incident Tracking Screen
The Incident Occurred and Incident Threat/Early Warning Sign (Inc'd Threat/EWS) menus access the list of security incidents that have already been developed for the Security Incident Management section. The Asset Affected menu presents a list of the entity's structures, security systems, stores, assets etc.
The Asset Vulnerability menu consists of a list of the assets of which the entity has performed a vulnerability assessment-risk analysis and assigned a priority. The Asset Vulnerability data and priority appears in this box by default, as a result of the asset that has been selected from the Asset Affected menu. The Image button is used to access a plan, vicinity map or a digital photo. The Location and Incident Number of each incident is recorded on the image. The image with the designated locations is produced as an Image Report in combination with Incidents Reports.
The Person ID/Tracking button presents a form for entering the ID of a person involved in an incident. Depending on the users security clearance they may be able to make database identification and credentials queries with national ID Management Systems such as the Office of National Risk Assessment. The date and time of each incident or incident threat that has occurred is recorded. Drop-down boxes provide a list of the names of reporters and a list of agencies such as fire, police, Facility Security Officer, National Response Center and others, who may be automatically notified of the incident.
Images, Reports, Configuration
1) All types of images, maps, Floor Plans, Diagrams and Photographs are accessed with SPSS.
2) The Area Maritime Map is used by The Captain Of The Port (COTP). Facility tenants, owners and operating companies are responsible for management of the security plans within their particular Zone Map. These maps are linked to other modules of the SeaPort Security Software program for the purpose of identifying locations in connection with the Facility Structures Audit & Measures, Security Vulnerability and Incident Tracking and the Security Incident Management screens.
On the Area Maritime Map the various zones are indicated with heavy dotted lines. A click on the "F" zone displays the Zone F map. The scale and North arrow and other data are indicated at the top of the screen.
The screen of both the Area Maritime Map and the Facility Map scrolls vertically and horizontally to display the entire port/facility area. The examples that are shown are not related to any port or any facility. The material selected for this example is from a source that is available to the public.
Zone F Map
The Zone F Map, (shown on the right), represents the area, which is incorporated in a particular facility's Facility Security Plan.
The Facility Structures Audit & Measures section makes use of the map for the purpose of identifying the location of structural and physical items that are the subject of the Audit and Measures. For example, as shown in the Facility Structures Audit, locations 1 and 2 indicate access gates that are not monitored. The Measures indicates the task and cost estimates; all done automatically from menus and pull down boxes.
The Security Vulnerability & Incident Tracking section makes use of the map to identify the location of where an incident or threat occurred or where the affected asset is located.
The Security Incident Management section and the many Incident Component Procedures, especially Preparedness, Response and Planning Procedures use the map to locate equipment, staging, safe & command areas, control valves, communication points, exits, etc.
Separate maps are produced for each related section and that particular section