
Article 1 

1. This Regulation establishes ... rules to protect civil aviation against acts of unlawful interference that jeopardise the security of civil aviation.It also provides the basis for an interpretation of Annex 17 to the Chicago Convention on International Civil Aviation.
2. The means of achieving the objectives set out in paragraph 1 shall be:
(a) the setting of ... rules and ... basic standards on aviation security;
(b) mechanisms for monitoring compliance.
Article 2 

1. This Regulation shall apply to the following:
(a) all airports or parts of airports located in the United Kingdom that are not exclusively used for military purposes;
(b) all operators, including air carriers, providing services at airports referred to in point (a);
(c) all entities applying aviation security standards that operate from premises located inside or outside airport premises and provide goods and/or services to or through airports referred to in point (a).
2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 3 
For the purposes of this Regulation:

1.. ‘civil aviation’ means any air operation carried out by civil aircraft, excluding operations carried out by State aircraft referred to in Article 3 of the Chicago Convention on International Civil Aviation;
2.. ‘aviation security’ means the combination of measures and human and material resources intended to safeguard civil aviation against acts of unlawful interference that jeopardise the security of civil aviation;
3.. ‘operator’ means a person, organisation or enterprise engaged, or offering to engage, in an air transport operation;
4.. ‘air carrier’ means an air transport undertaking holding a valid operating licence or equivalent;
5.. ...
6.. ‘entity’ means a person, organisation or enterprise, other than an operator;
7.. ‘prohibited articles’ means weapons, explosives or other dangerous devices, articles or substances that may be used to commit an act of unlawful interference that jeopardises the security of civil aviation;
8.. ‘screening’ means the application of technical or other means which are intended to identify and/or detect prohibited articles;
9.. ‘security control’ means the application of means by which the introduction of prohibited articles may be prevented;
10.. ‘access control’ means the application of means by which the entry of unauthorised persons or unauthorised vehicles, or both, may be prevented;
11.. ‘airside’ means the movement area of an airport, adjacent terrain and buildings or portions thereof, access to which is restricted;
12.. ‘landside’ means those parts of an airport, adjacent terrain and buildings or portions thereof that are not airside;
13.. ‘security restricted area’ means that area of airside where, in addition to access being restricted, other aviation security standards are applied;
14.. ‘demarcated area’ means an area that is separated by means of access control either from security restricted areas, or, if the demarcated area itself is a security restricted area, from other security restricted areas of an airport;
15.. ‘background check’ means a recorded check of a person’s identity, including any criminal history, as part of the assessment of an individual’s suitability for unescorted access to security restricted areas;
16.. ‘transfer passengers, baggage, cargo or mail’ means passengers, baggage, cargo or mail departing on an aircraft other than that on which they arrived;
17.. ‘transit passengers, baggage, cargo or mail’ means passengers, baggage, cargo or mail departing on the same aircraft as that on which they arrived;
18.. ‘potentially disruptive passenger’ means a passenger who is either a deportee, a person deemed to be inadmissible for immigration reasons or a person in lawful custody;
19.. ‘cabin baggage’ means baggage intended for carriage in the cabin of an aircraft;
20.. ‘hold baggage’ means baggage intended for carriage in the hold of an aircraft;
21.. ‘accompanied hold baggage’ means baggage, carried in the hold of an aircraft, which has been checked in for a flight by a passenger travelling on that same flight;
22.. ‘air carrier mail’ means mail whose origin and destination are both an air carrier;
23.. ‘air carrier materials’ means materials either whose origin and destination are both an air carrier or that are used by an air carrier;
24.. ‘mail’ means dispatches of correspondence and other items, other than air carrier mail, tendered by and intended for delivery to postal services in accordance with the rules of the Universal Postal Union;
25.. ‘cargo’ means any property intended for carriage on an aircraft, other than baggage, mail, air carrier mail, air carrier materials and in-flight supplies;
26.. ‘regulated agent’ means an air carrier, agent, freight forwarder or any other entity who ensures security controls in respect of cargo or mail;
27.. ‘known consignor’ means a consignor who originates cargo or mail for its own account and whose procedures meet ... security rules and standards sufficient to allow carriage of cargo or mail on any aircraft;
28.. ...
29.. ‘aircraft security check’ means an inspection of those parts of the interior of the aircraft to which passengers may have had access, together with an inspection of the hold of the aircraft in order to detect prohibited articles and unlawful interferences with the aircraft;
30.. ‘aircraft security search’ means an inspection of the interior and accessible exterior of the aircraft in order to detect prohibited articles and unlawful interferences that jeopardise the security of the aircraft;
31.. ‘in-flight security officer’ means a person who is employed by a state to travel on an aircraft of an air carrier licensed by it with the purpose of protecting that aircraft and its occupants against acts of unlawful interference that jeopardise the security of the flight.
Article 4 

1. The ... basic standards for safeguarding civil aviation against acts of unlawful interference that jeopardise the security of civil aviation shall be as laid down in the Annex.Additional basic standards not foreseen at the entry into force of this Regulation may be added to the Annex by regulations made by the Secretary of State.
2. General measures, designed to amend non-essential elements of the basic standards referred to in paragraph 1 by supplementing them, may be prescribed by regulations made by the Secretary of State.These general measures shall concern:
(a) methods of screening allowed;
(b) categories of articles that may be prohibited;
(c) as regards access control, grounds for granting access to airside and security restricted areas;
(d) methods allowed for the examination of vehicles, aircraft security checks and aircraft security searches;
(e) criteria for recognising the equivalence of security standards of third countries;
(f) conditions under which cargo and mail shall be screened or subjected to other security controls, as well as the process for the approval or designation of regulated agents, known consignors and account consignors;
(g) conditions under which air carrier mail and air carrier materials shall be screened or subjected to other security controls;
(h) conditions under which in-flight supplies and airport supplies shall be screened or subjected to other security controls, as well as the process for the approval or designation of regulated suppliers and known suppliers;
(i) criteria for defining critical parts of security restricted areas;
(j) criteria for staff recruitment and methods of training;
(k) conditions under which special security procedures or exemptions from security controls may be applied; and
(l) any general measures designed to amend non-essential elements of the ... basic standards referred to in paragraph 1 by supplementing them not foreseen at the date of entry into force of this Regulation....
3. Detailed measures for the implementation of the basic standards referred to in paragraph 1 and the general measures referred to in paragraph 2 may be prescribed by regulations made by the Secretary of State.These shall include:
(a) requirements and procedures for screening;
(b) a list of prohibited articles;
(c) requirements and procedures for access control;
(d) requirements and procedures for the examination of vehicles, aircraft security checks and aircraft security searches;
(e) decisions to recognise the equivalence of security standards applied in  another  country;
(f) as regards cargo and mail, procedures for the approval or designation of, and the obligations to be fulfilled by, regulated agents, known consignors and account consignors;
(g) requirements and procedures for security controls of air carrier mail and air carrier materials;
(h) as regards in-flight supplies and airport supplies, procedures for the approval or designation of, and the obligations to be fulfilled by, regulated suppliers and known suppliers;
(i) definition of critical parts of security restricted areas;
(j) staff recruitment and training requirements;
(k) special security procedures or exemptions from security controls;
(l) technical specifications and procedures for approval and use of security equipment; and
(m) requirements and procedures concerning potentially disruptive passengers.
4. The Secretary of State may make regulations to set criteria to permit derogation from the basic standards referred to in paragraph 1 and to adopt alternative security measures that provide an adequate level of protection on the basis of a local risk assessment. Such alternative measures shall be justified by reasons relating to the size of the aircraft, or by reasons relating to the nature, scale or frequency of operations or of other relevant activities.......
5. The appropriate authority shall ensure the application in the United Kingdom of the ... basic standards referred to in paragraph 1. Where the appropriate authority has reason to believe that the level of aviation security has been compromised through a security breach, it shall ensure that appropriate and prompt action is taken to rectify that breach and ensure the continuing security of civil aviation.
Article 5 
The Secretary of State may determine in which circumstances, and the extent to which, the costs of security measures taken under this Regulation to protect civil aviation against acts of unlawful interference should be borne by the State, the airport entities, air carriers, other responsible agencies, or users. If appropriate, the Secretary of State may contribute with users to the costs of more stringent security measures taken under this Regulation. As far as may be practicable, any charges or transfers of security costs shall be directly related to the costs of providing the security services concerned and shall be designed to recover no more than the relevant costs involved.
Article 6 

1. The Secretary of State may apply more stringent measures than the ... basic standards referred to in Article 4. In doing so, the Secretary of State shall act on the basis of a risk assessment .... Τhose measures shall be relevant, objective, non-discriminatory and proportional to the risk that is being addressed.
2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 7 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 8 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 9 
The Secretary of State is designated as the authority (hereinafter referred to as the appropriate authority) to be responsible for the coordination and monitoring of the implementation of the ... basic standards referred to in Article 4.
Article 10 

1. The appropriate authority shall draw up, apply and maintain a national civil aviation security programme.That programme shall define responsibilities for the implementation of the ... basic standards referred to in Article 4 and shall describe the measures required by operators and entities for this purpose.
2. The appropriate authority shall make available in writing on a ‘need to know’ basis the appropriate parts of its national civil aviation security programme to operators and entities which it deems to have a legitimate interest.
Article 11 

1. The appropriate authority shall draw up, apply and maintain a national quality control programme.That programme shall enable the appropriate authority to check the quality of civil aviation security in order to monitor compliance both with this Regulation and with its national civil aviation security programme.
2. The specifications for the national quality control programme may be prescribed by regulations made by the Secretary of State....The programme shall allow for the swift detection and correction of deficiencies. It shall also provide that all airports, operators and entities responsible for the implementation of aviation security standards that are located in the United Kingdom shall be regularly monitored directly by, or under the supervision of, the appropriate authority.
Article 12 

1. Every airport operator shall draw up, apply and maintain an airport security programme.That programme shall describe the methods and procedures which are to be followed by the airport operator in order to comply both with this Regulation and with the national civil aviation security programme ....The programme shall include internal quality control provisions describing how compliance with these methods and procedures is to be monitored by the airport operator.
2. The airport security programme shall be submitted to the appropriate authority, which may take further action if appropriate.
Article 13 

1. Every air carrier shall draw up, apply and maintain an air carrier security programme.That programme shall describe the methods and procedures which are to be followed by the air carrier in order to comply both with this Regulation and with the national civil aviation security programme ....The programme shall include internal quality control provisions describing how compliance with these methods and procedures is to be monitored by the air carrier.
2. Upon request, the air carrier security programme shall be submitted to the appropriate authority, which may take further action if appropriate.
3. Where an air carrier security programme has been validated by the entity granting an operating licence, the air carrier should be recognised as having fulfilled the requirements of paragraph 1. This is without prejudice to the Secretary of State's right to request from any air carrier details of its implementation of:
(a) the security measures applied by the Secretary of State under Article 6; and/or
(b) local procedures that are applicable at the airports served.
Article 14 

1. Every entity required under the national civil aviation security programme referred to in Article 10 to apply aviation security standards shall draw up, apply and maintain a security programme.That programme shall describe the methods and procedures which are to be followed by the entity in order to comply with the national civil aviation security programme ....The programme shall include internal quality control provisions describing how compliance with these methods and procedures is to be monitored by the entity itself.
2. Upon request, the security programme of the entity applying aviation security standards shall be submitted to the appropriate authority, which may take further action if appropriate.
Article 15 

1. The appropriate authority shall conduct inspections, including inspections of airports, operators and entities applying aviation security standards, in order to monitor the application ... of this Regulation and, as appropriate, to make recommendations to improve aviation security. ...The procedures for conducting inspections may be prescribed by regulations made by the Secretary of State.
2. ... Inspections of airports, operators and entities applying aviation security standards shall be unannounced. ...
3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 15A 

(1. Regulations made by the Secretary of State under this Regulation are to be made by statutory instrument.
(2. Regulations made by the Secretary of State under Articles 4(1), (2) or (4) or 11(2) may not be made unless a draft of the instrument has been laid before and approved by a resolution of each House of Parliament.
(3. Regulations made by the Secretary of State under any other provision in this Regulation are subject to annulment in pursuance of a resolution of either House of Parliament.
(4. Regulations made under this Regulation may—
(a) make different provision for different purposes or areas;
(b) include supplementary, incidental or consequential provision;
(c) make transitional, transitory or saving provision.
Article 16 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 17 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 18 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 19 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 20 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 21 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 22 
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Article 23 
Regulation (EC) No 2320/2002 is hereby repealed.
Article 24 

1. This Regulation shall enter into force on the 20th day following its publication in the Official Journal of the European Union.
2. It shall apply as from the date specified in the implementing rules adopted in accordance with the procedures referred to in Article 4(2) and (3), but not later than 24 months after the entry into force of this Regulation.
3. By way of exception to paragraph 2, Articles 4(2), 4(3), 4(4), 8, 11(2), 15(1) second subparagraph, 17, 19 and 22 shall apply from the date of entry into force of this Regulation.
...
ANNEX I
1.  1.1. 

1.. When designing and constructing new airport facilities or altering existing airport facilities, requirements for the implementation of the ... basic standards set out in this Annex and its implementing acts shall be fully taken into account.
2.. At airports the following areas shall be established:

((a)) landside;
((b)) airside;
((c)) security restricted areas; and
((d)) critical parts of security restricted areas.
 1.2. 

1.. Access to airside shall be restricted in order to prevent unauthorised persons and vehicles from entering these areas.
2.. Access to security restricted areas shall be controlled in order to ensure that no unauthorised persons and vehicles enter these areas.
3.. Persons and vehicles may be granted access to airside and security restricted areas only if they fulfil the required security conditions.
4.. Persons, including flight crew members, shall have successfully completed a background check before either a crew identification card or an airport identification card authorising unescorted access to security restricted areas is issued to them.
 1.3. 

1.. Persons other than passengers, together with items carried, shall be screened on a continuous random basis upon entering security restricted areas in order to prevent prohibited articles from being introduced into these areas.
2.. All persons other than passengers, together with items carried, shall be screened upon entering critical parts of security restricted areas in order to prevent prohibited articles from being introduced into these parts.
 1.4. 
Vehicles entering a security restricted area shall be examined in order to prevent prohibited articles from being introduced into these areas.
 1.5. 
There shall be surveillance, patrols and other physical controls at airports and, where appropriate, in adjacent areas with public access, in order to identify suspicious behaviour of persons, to identify vulnerabilities which could be exploited to carry out an act of unlawful interference and to deter persons from committing such acts.

2. 
Aircraft parked in demarcated areas of airports to which alternative measures referred to in Article 4(4) apply, shall be separated from aircraft to which the ... basic standards apply in full, in order to ensure that security standards applied to aircraft, passengers, baggage, cargo and mail of the latter are not compromised.

3. 

1.. Before departure, an aircraft shall be subjected to an aircraft security check or aircraft security search in order to ensure that no prohibited articles are present on board. An aircraft in transit may be subjected to other appropriate measures.
2.. Every aircraft shall be protected from unauthorised interference.

4.  4.1. 

1.. All originating, transfer and transit passengers and their cabin baggage shall be screened in order to prevent prohibited articles from being introduced into security restricted areas and on board an aircraft.
2.. Transfer passengers and their cabin baggage may be exempted from screening, if:

((a)) they arrive from a domestic airport; or
((b)) they arrive from any other airport designated by the appropriate authority.
3.. Transit passengers and their cabin baggage may be exempted from screening, if:

((a)) they remain on board the aircraft; or
((b)) they do not mix with screened departing passengers other than those who board the same aircraft; or
((c)) they arrive from a domestic airport; or
((d)) they arrive from any other airport designated by the appropriate authority.
 4.2. 

1.. Passengers and their cabin baggage shall be protected from unauthorised interference from the point at which they are screened until departure of the aircraft on which they are carried.
2.. Screened departing passengers shall not mix with arriving passengers, unless:

((a)) they arrive from a domestic airport; or
((b)) they arrive from any other airport designated by the appropriate authority.
 4.3. 
Before departure potentially disruptive passengers shall be subjected to appropriate security measures.

5.  5.1. 

1.. All hold baggage shall be screened prior to being loaded onto an aircraft in order to prevent prohibited articles from being introduced into security restricted areas and on board aircraft.
2.. Hold baggage may be exempted from screening if—
(a) it arrives from a domestic airport; or
(b) it arrives from any other airport designated by the appropriate authority.
3.. Transit hold baggage may be exempted from screening if it remains on board the aircraft.
 5.2. 
Hold baggage to be carried on an aircraft shall be protected from unauthorised interference from the point at which it is screened or accepted into the care of the air carrier, whichever is earlier, until the departure of the aircraft on which it is to be carried.
 5.3. 

1.. Each item of hold baggage shall be identified as accompanied or unaccompanied.
2.. Unaccompanied hold baggage shall not be transported, unless that baggage has been either separated due to factors beyond the passenger’s control or subjected to appropriate security controls.

6.  6.1. 

1.. All cargo and mail shall be subjected to security controls prior to being loaded on an aircraft. An air carrier shall not accept cargo or mail for carriage on an aircraft unless it has applied such controls itself or their application has been confirmed and accounted for by a regulated agent, a known consignor ....
2.. Transfer cargo and transfer mail may be subjected to alternative security controls to be detailed in an implementing act.
3.. Transit cargo and transit mail may be exempted from security controls if it remains on board the aircraft.
 6.2. 

1.. Cargo and mail to be carried on an aircraft shall be protected from unauthorised interference from the point at which security controls are applied until the departure of the aircraft on which it is to be carried.
2.. Cargo and mail that are not adequately protected from unauthorised interference after security controls have been applied shall be screened.

7. 
Air carrier mail and air carrier materials shall be subjected to security controls and thereafter protected until loaded onto the aircraft in order to prevent prohibited articles from being introduced on board an aircraft.

8. 
In-flight supplies, including catering, intended for carriage or use on board an aircraft shall be subjected to security controls and thereafter protected until loaded onto the aircraft in order to prevent prohibited articles from being introduced on board an aircraft.

9. 
Supplies intended to be sold or used in security restricted areas of airports, including supplies for duty-free shops and restaurants, shall be subjected to security controls in order to prevent prohibited articles from being introduced into these areas.

10. 

1.. Without prejudice to the applicable aviation safety rules:

((a)) unauthorised persons shall be prevented from entering the flight crew compartment during a flight;
((b)) potentially disruptive passengers shall be subjected to appropriate security measures during a flight.
2.. Appropriate security measures such as training of flight crew and cabin staff shall be taken to prevent acts of unlawful interference during a flight.
3.. Weapons, with the exception of those carried in the hold, shall not be carried on board an aircraft, unless the required security conditions in accordance with national laws have been fulfilled and authorisation has been given by the states involved.
4.. Paragraph 3 shall also apply to in-flight security officers if they carry weapons.

11. 

1.. Persons implementing, or responsible for implementing, screening, access control or other security controls shall be recruited, trained and, where appropriate, certified so as to ensure that they are suitable for employment and competent to undertake the duties to which they are assigned.
2.. Persons other than passengers requiring access to security restricted areas shall receive security training, before either an airport identification card or crew identification card is issued.
3.. Training as mentioned in paragraphs 1 and 2 shall be conducted on initial and recurrent basis.
4.. Instructors engaged in the training of the persons mentioned in paragraphs 1 and 2 shall have the necessary qualifications.

12. 
Equipment used for screening, access control and other security controls shall comply with the defined specifications and be capable of performing the security controls concerned.

ANNEX II
1.  1.1. 

((1)) ‘annual traffic volume’ means the total number of passengers arriving, departing and in transit (counted once);
((2)) ...
((3)) ‘auditor’ means any person conducting national compliance monitoring activities on behalf of the appropriate authority;
((4)) ‘certification’ means a formal evaluation and confirmation by or on behalf of the appropriate authority that a person possesses the necessary competencies to perform the functions of an auditor to an acceptable level as defined by the appropriate authority;
((5)) ‘compliance monitoring activities’ means any procedure or process used for assessing the implementation of this Regulation and the national aviation security programme;
((6)) ‘deficiency’ means a failure to comply with an aviation security requirement;
((7)) ‘inspection’ means an examination of the implementation of security measures and procedures in order to determine whether they are being carried out effectively and to the required standard and to identify any deficiencies;
((8)) ‘interview’ means an oral check by an auditor to establish whether specific security measures or procedures are implemented;
((9)) ‘observation’ means a visual check by an auditor that a security measure or procedure is implemented;
((10)) ‘representative sample’ means a selection made from amongst possible options for monitoring which is sufficient in number and range to provide a basis for general conclusions on implementing standards;
((11)) ‘security audit’ means an in-depth examination of security measures and procedures in order to determine if they are being fully implemented on a continual basis;
((12)) ‘test’ means a trial of aviation security measures, where the appropriate authority simulates intent to commit an act of unlawful interference for the purpose of examining the effectiveness of the implementation of existing security measures;
((13)) ‘verification’ means an action taken by an auditor to establish whether a specific security measure is actually in place;
((14)) ‘vulnerability’ means any weakness in the implemented measures and procedures which could be exploited to carry out an act of unlawful interference.

2.  2.1. ...
 2.2. The appropriate authority shall perform compliance monitoring activities and have the powers necessary to require any identified deficiency to be rectified within set timeframes.
 2.3. 

((a)) advice and recommendations;
((b)) formal warning;
((c)) enforcement notice;
((d)) administrative sanctions and legal proceedings.

The appropriate authority may omit one or more of these steps, especially where the deficiency is serious or recurring.

3.  3.1. The objectives of the national quality control programme are to verify that aviation security measures are effectively and properly implemented and to determine the level of compliance with the provisions of this Regulation and the national civil aviation security programme, by means of compliance monitoring activities.
 3.2. 

((a)) organisational structure, responsibilities and resources;
((b)) job descriptions of, and qualifications required for auditors;
((c)) compliance monitoring activities, including scope of security audits, inspections, tests and, following an actual or potential breach of security, investigations, frequencies for security audits and inspections and also classification of compliance;
((d)) surveys, where there is cause to reassess security needs;
((e)) deficiency correction activities providing details concerning deficiency reporting, follow-up and correction in order to ensure compliance with aviation security requirements;
((f)) enforcement measures and, where appropriate, penalties, as specified in point 2.3 of this Annex;
((g)) reporting of compliance monitoring activities carried out including, where appropriate, information exchange between national bodies on compliance levels;
((h)) monitoring process of the airport, operator and entity internal quality control measures;
((i)) a process to record and analyse the results of the national quality control programme to identify trends and steer future policy development.

4.  4.1. All airports, operators and other entities with aviation security responsibilities shall be regularly monitored to ensure the swift detection and correction of failures.
 4.2. Monitoring shall be undertaken in accordance with the national quality control programme, taking into consideration the threat level, type and nature of the operations, standard of implementation, results of internal quality control of airports, operators and entities and other factors and assessments which will affect the frequency of monitoring.
 4.3. Monitoring shall include the implementation and effectiveness of the internal quality control measures of airports, operators and other entities.
 4.4. Monitoring at each individual airport shall be made up of a suitable mixture of compliance monitoring activities and provide a comprehensive overview of the implementation of security measures in the field.
 4.5. The management, setting of priorities and organisation of the quality control programme shall be undertaken independently from the operational implementation of the measures taken under the national civil aviation security programme.
 4.6. Compliance monitoring activities shall include security audits, inspections and tests.

5.  5.1. The methodology for conducting monitoring activities shall conform to a standardised approach, which includes tasking, planning, preparation, on-site activity, the classification of findings, the completion of the report and the correction process.
 5.2. Compliance monitoring activities shall be based on the systematic gathering of information by means of observations, interviews, examination of documents and verifications.
 5.3. Compliance monitoring shall include both announced and unannounced activities.

6.  6.1. 

((a)) all security measures at an airport; or
((b)) all security measures implemented by an individual airport, terminal of an airport, operator or entity; or
((c)) a particular part of the National Civil Aviation Security Programme.
 6.2. 

((a)) announcement of the security audit and communication of a pre-audit questionnaire, if appropriate;
((b)) preparation phase including examination of the completed pre-audit questionnaire and other relevant documentation;
((c)) entry briefing with airport/operator/entity representatives prior to beginning the monitoring activity on-site;
((d)) on-site activity;
((e)) debriefing and reporting;
((f)) where deficiencies are identified, the correction process and the associated monitoring of that process.
 6.3. 

((a)) examination of documents;
((b)) observations;
((c)) interviews;
((d)) verifications.
 6.4. Airports with an annual traffic volume of more than 10 million passengers shall be subject to a security audit covering all aviation security standards at least every 4 years. The examination shall include a representative sample of information.

7.  7.1. The scope of an inspection shall cover at least one set of directly linked security measures of Annex I to this Regulation and the corresponding implementing acts monitored as a single activity or within a reasonable time frame, not normally exceeding three months. The examination shall include a representative sample of information.
 7.2. A set of directly linked security measures is a set of two or more requirements as referred to in Annex I to this Regulation and the corresponding implementing acts which impact on each other so closely that achievement of the objective cannot be adequately assessed unless they are considered together. These sets shall include those listed in Appendix I to this Annex.
 7.3. 

((a)) preparation phase;
((b)) on-site activity;
((c)) a debrief, depending on the frequency and the results of the monitoring activities;
((d)) reporting/recording;
((e)) correction process and its monitoring.
 7.4. 

((a)) examination of documents;
((b)) observations;
((c)) interviews;
((d)) verifications.
 7.5. At airports with an annual traffic volume of more than 2 million passengers the minimum frequency for inspecting all sets of directly linked security measures set out in chapters 1 to 6 of Annex I to this Regulation shall be at least every 12 months, unless an audit has been carried out at the airport during that time. The frequency for inspecting all security measures covered by chapters 7 to 12 of Annex I shall be determined by the appropriate authority based on a risk assessment.
 7.6. ...

8.  8.1. 

((a)) access control to security restricted areas;
((b)) aircraft protection;
((c)) screening of passengers and cabin baggage;
((d)) screening of staff and items carried;
((e)) protection of hold baggage;
((f)) screening of cargo or mail;
((g)) protection of cargo and mail.
 8.2. 

((a)) preparation phase;
((b)) on-site activity;
((c)) a debrief, depending on the frequency and the results of the monitoring activities;
((d)) reporting/recording;
((e)) correction process and the associated monitoring.

9.  9.1. Surveys shall be carried out whenever the appropriate authority recognises a need to re-evaluate operations in order to identify and address any vulnerabilities. Where a vulnerability is identified, the appropriate authority shall require the implementation of protective measures commensurate with the threat.

10.  10.1. Compliance monitoring activities shall be reported or recorded in a standardised format which allows for an on-going analysis of trends.
 10.2. 

((a)) type of activity;
((b)) airport, operator or entity monitored;
((c)) date and time of the activity;
((d)) name of the auditors conducting the activity;
((e)) scope of the activity;
((f)) findings with the corresponding provisions of the National Civil Aviation Security Programme;
((g)) classification of compliance;
((h)) recommendations for remedial actions, where appropriate;
((i)) time frame for correction, where appropriate.
 10.3. Where deficiencies are identified, the appropriate authority shall report the relevant findings to the airport, operators or entities subjected to monitoring.

11.  11.1. Compliance monitoring activities shall assess the implementation of the national civil aviation security programme using the ... classification system of compliance set out in Appendix II.

12.  12.1. The correction of identified deficiencies shall be implemented promptly. Where the correction cannot take place promptly, compensatory measures shall be implemented.
 12.2. The appropriate authority shall require airports, operators or entities subjected to compliance monitoring activities to submit for agreement an action plan addressing any deficiencies outlined in the reports together with a timeframe for implementation of the remedial actions and to provide confirmation when the correction process has been completed.

13.  13.1. Following confirmation by the airport, operator or entity subjected to monitoring that any required remedial actions have been taken, the appropriate authority shall verify the implementation of the remedial actions.
 13.2. Follow-up activities shall use the most relevant monitoring method.

14.  14.1. The appropriate authority  shall ensure that a sufficient number of auditors are available to the appropriate authority directly or under its supervision for performing all compliance monitoring activities.

15.  15.1. 

((a)) are free from any contractual or pecuniary obligation to the airport, operator or entity to be monitored; and
((b)) have the appropriate competencies, which include sufficient theoretical and practical experience in the relevant field.

Auditors shall be subject to certification or equivalent approval by the appropriate authority.
 15.2. 

((a)) an understanding of current applicable security measures and how they are applied to the operations being examined including:

— an understanding of security principles,
— an understanding of supervisory tasks,
— an understanding of factors affecting human performance,
((b)) a working knowledge of security technologies and techniques;
((c)) a knowledge of compliance monitoring principles, procedures and techniques;
((d)) a working knowledge of the operations being examined;
((e)) an understanding of the role and powers of the auditor.
 15.3. Auditors shall undergo recurrent training at a frequency sufficient to ensure that existing competencies are maintained and new competencies are acquired to take account of developments in the field of security.

16.  16.1. Auditors carrying out monitoring activities shall be provided with sufficient authority to obtain the information necessary to carry out their tasks.
 16.2. Auditors shall carry a proof of identity authorising compliance monitoring activities on behalf of the appropriate authority and allowing access to all areas required.
 16.3. 

((a)) obtain immediate access to all relevant areas including aircraft and buildings for monitoring purposes; and
((b)) require the correct implementation or repetition of the security measures.
 16.4. 

((a)) intentional obstruction or impediment of an auditor;
((b)) failure or refusal to supply information requested by an auditor;
((c)) when false or misleading information is supplied to an auditor with intent to deceive; and
((d)) impersonation of an auditor with intent to deceive.

17. 
18. 
Appendix I
The sets of directly linked security measures as referred to in point 7.1 of Annex II shall include the following elements of Annex I to this Regulation and the corresponding provisions in its implementing acts:


((i)) point 1.1; or
((ii)) point 1.2 (except provisions relating to identification cards and vehicle passes); or
((iii)) point 1.2 (provisions relating to identification cards); or
((iv)) point 1.2 (provisions relating to vehicle passes); or
((v)) point 1.3 and the relevant elements of point 12; or
((vi)) point 1.4; or
((vii)) point 1.5.

the whole point


((i)) point 3.1; or
((ii)) point 3.2.


((i)) point 4.1 and the relevant elements of point 12: or
((ii)) point 4.2; or
((iii)) point 4.3.


((i)) point 5.1 and the relevant elements of point 12; or
((ii)) point 5.2; or
((iii)) point 5.3.


((i)) all provisions relating to screening and security controls applied by a regulated agent, except as detailed in points (ii) to (v) below; or
((ii)) all provisions relating to security controls applied by known consignors; or
((iii)) all provisions relating to account consignors; or
((iv)) all provisions relating to the transportation of cargo and mail; or
((v)) all provisions relating to the protection of cargo and mail at airports.

the whole point

the whole point

the whole point

the whole point


((i)) all provisions relating to staff recruitment at airport, air carrier or entity; or
((ii)) all provisions relating to staff training at an airport, air carrier or entity.

Appendix II
The following classification of compliance shall apply to assess the implementation of the national civil aviation security programme.


 
                                       Security audit
                                     
                                       Inspection
                                     
                                       Test
                                    

                                       Fully compliant
                                       

                                       Compliant, but improvement desirable
                                       

                                       Not compliant
                                       

                                       Not compliant, with serious deficiencies
                                       

                                       Not applicable
                                       

                                       Not confirmed
                                       

Appendix III