Checklists

Federal Transit Administration - Office of Safety and Security

• Transit Security Handbook (1998)
• FTA Safety Action Plan (2000)
• Critical Incident Management Guidelines (not online)

American Public Transportation Association (APTA) - Public Transportation Security

• Checklists for Emergency Response Planning and System Security (Original, List below Modified by Richard Collins, Dec 23, 2001)

• Emergency Response Plan

  • Identify responsibilities of employees by function
  • Planning process is formalized and documented
  • Coordination is formalized and documented
  • Training is formalized and documented - Regular assessments of employee proficiency conducted
  • Prepare for multiple concurrent events
  • Service continuation, restoration / recovery plan developed
  • Emergency drills and table-top exercises scheduled, executed, graded and adjusted on a regular basis
    • Procedure revisions and updates incorporated into evacuation procedures; SOPs developed for signatures and distribution
• Elements of Plan:
  • Emergency Coordination - Emergency contacts list and procedures developed, kept current and in the hands of those affected.  Responsibilities for call-outs and backups identified.  Planning, coordination, training and mutual aid agreements: 
    • with Transportation Operations
    • With Security, transit police
    • With Safety Department
    • With Fire / rescue units
    • with Hospitals, Emergency Services
    • with Local Police, State Police, FBI, National Guard
    • with Federal Agencies
    • with Hazardous materials / Environmental agencies 
    • with Regional Office of Emergency Management
    • with Media - Formalize media relations responsibilities, information control procedures and policies
    • with Employees - issued quick reference guidelines for emergency and security situations
      • Security training provided to all staff levels (from front-line "eyes and ears" concept to professional level security training)
    • with Public - Development of appropriate pre-determined public address announcements for station platforms and on-board vehicles
    • with families of employees and public - Support systems developed to provide post-incident support to customers and employees
  • Emergency Drills and Exercises
    • Exercise Documentation - have a written plan, critique the plan, record recommendations, record follow-up
    • Emergency Procedures - reviewed by Safety Management Team on a regular basis and updated as needed
    • Security risk/vulnerability assessments conducted, documented and reviewed
  • Incident Management and Planning:
    • Pre-determination of factors that would require partial or full service shut-down
    • Regular functional testing / inspection of emergency support equipment and systems (e.g., emergency phones, CCTV, alarms, onboard/in-vehicle equipment, two-way radios, fans, pumps, generators, etc.)
    • Standard Operating Procedures for HVAC operations in various emergency conditions
    • Contingency plans for loss of electrical power and radio or phone communications
    • Procedure exists for alternate Operations Control Center in the event of evacuation
    • Emergency evacuation routing for transit vehicles developed

  • Security Plans and Preparations

    • Security Plan established to address all operations modes and contracted services, to  address multiple concurrent security incidents
    • System security responsibilities and duties established
    • Security task force established
    • Security equipment regularly inspected, maintained and functionally tested; including personal equipment issued to security personnel
    • Security SOPs reviewed on a regular basis and updates made as needed to Security Plan
    • Security equipment installed, inspected, and maintained to monitor trespass activities
    • Contingency SOPs developed; drills and table-top exercises conducted for extraordinary circumstances
      • Terrorism (including chemical/ biological agents/ weapons of mass destruction)
      • Riot / Domestic unrest
      • Catastrophic natural events
      • System-wide communications failure
      • Computer, Communications, Utilities failures
  • Security Procedures:
    • Standard Operating Procedures for critical incident command, control, and service continuation/ restoration
    • Agency employees identifiable by visible identification and/or uniform
    • Policy and procedures in place for facilities key control
    • Visitor, deliveries and contractor facility access procedures developed / visible identification required
    • Safety and security coordination on trespass issues
    • Data collection established for all security issues / incidents; analysis performed and recommendations made; document control established, including follow-up
    • Background checks on employees and contractors (where applicable)
    • Regular assessments of employee security proficiencies conducted
  • Awareness, Training, Infrastructure Hardening
    • Personal safety awareness/education programs for passengers and employees and community outreach
    • Trespass awareness programs, including education and signage
    • Concepts of crime prevention through environmental design (CPTED) applied in reviews of facilities and in new design and modifications
    • Security checklists developed and regularly used for verifying status of physical infrastructure and security procedures

Transportation Research Board - Transportation Security

• TRB Task Force A5T56 Critical Transportation Infrastructure Protection

The National Safety Council

• Emergency Response Plans This article outlines the general elements that should be included in your emergency response plan (ERP), including your company's responsibility for activating emergency procedures and how all members of an organization should respond to an emergency situation.
  • Clear, written policies that designate a chain of command, listing names and job titles of the people (or departments) who are responsible for making decisions, monitoring response actions and recovering back to normal operations.
  • Names of those who are responsible for assessing the degree of risk to life and property and who should be notified for various types of emergencies.
  • Specific instructions for shutting down equipment and production processes and stopping business activities.
  • Facility evacuation procedures, including a designated meeting site outside the facility and a process to account for all employees after an evacuation.
  • Procedures for employees who are responsible for shutting down critical operations before they evacuate the facility.
  • Specific training and practice schedules and equipment requirements for employees who are responsible rescue operations, medical duties, hazardous responses, fire fighting and other responses specific to your work site.
  • The preferred means of reporting fires and other emergencies.

National Infrastructure Protection Center (NIPC)

• Increase user awareness
• Update anti-virus software
• Stop hostile attachments at the e-mail server
• Utilize ingress & egress filtering
• Establish policy and procedures for responding and recovery

• www.cert.org/security-improvement
• www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/
  tools.asp
• www.sans.org/topten.htm