The importance of risk assessment in aviation security

Civil aviation continues to be an attractive target for a variety of reasons. Terrorists still seek to exploit real or perceived vulnerabilities in the international civil aviation system and develop new techniques and weapons in the hope of circumventing or defeating security measures.

The evolving threat of terrorism to the global aviation system is most effectively managed by identifying, understanding and addressing the potential risks to and from civil aviation. The identification of risks permits States to determine and implement proportionate measures and controls to mitigate appropriately against each risk.

What other seemingly far-fetched threats should we be considering? And how do we secure the political and financial commitment necessary to prevent these threats from becoming successful attacks?

Steve Berti Chief, Aviation Security Policy Section, ICAO

Risk is the combination of threat, vulnerability, and consequence. To understand risk, one must first seek to determine, understand and identify the threats to the aviation system. When there are insufficient or ineffective countermeasures to mitigate threats, this results in areas of vulnerability. The consequence is the direct and indirect impact if the threat is not adequately addressed.

Risk assessments must identify the plausible scenarios carefully and in sufficient detail, being specific and thorough in considering each form of threat. Threats could be directed at specific airports, terminals or other infrastructures, such as fuel farms, air traffic control facilities or navigational equipment, as well as aircraft, including different forms of aviation, such as general aviation, passenger aircraft, and cargo-only aircraft.

The threat scenario is the foundation of any risk analysis. It should include an identification and description of a credible act of unlawful interference (threat), including a target, modus operandi (to include method, weapon, pathway), and the adversary. The likelihood indicates the probability of that attack being attempted. The consequences of an attack can be diverse and can relate to human, economic, political and reputational terms under a reasonable worst-case scenario. Existing security measures are identified to determine if they reduce the likelihood of the attack being successful or reduce the consequences if it were to occur. With the information on mitigating measures, the extent of the remaining vulnerabilities can be assessed.

Based on a combination of the assessed scores for likelihood, consequences and vulnerabilities, a residual risk score can be given. This final ranking can offer a guide to policy-making, as well as help determine whether additional security measures are necessary to mitigate the risks to civil aviation.

The RCS risk assessment process map can assist States to prepare their own risk assessments

To assist Member States in their risk assessment processes, the Aviation Security Global Risk Context Statement (RCS) has been developed and is updated on a regular basis. Under some circumstances, senior decision-makers in AVSEC have access to threat information developed by an intelligence apparatus. However, this is not a widespread practice and sometimes it is left to the aviation authorities to determine which threats are of greatest concern.

In this case, the Risk Context Statement serves as an excellent place to start, as it contains an aviation security risk assessment, based on the global threat picture. The RCS offers a methodology and a framework to conduct risk assessments, provides a description of the current global aviation security threat picture, presents high-level global risk assessments to encourage an informed approach in creating and maintaining States’ national civil aviation security programmes; and assists ICAO in improving Standards and Recommended Practices (SARPs) and guidance material.

However, the process of risk assessment can be seen at times as more of an art than a science. An ongoing difficulty for AVSEC professionals is preparing for those threats that are not necessarily identified as highly likely. One example can be found in the debate prior to 2001 regarding the need to reinforce cockpit doors to ensure hijackers could not access the flight deck. On 11 September 2001, that debate ended with tragedy. What other seemingly far-fetched threats should we be considering? And how do we secure the political and financial commitment necessary to prevent these threats from becoming successful attacks?

These are some of the questions which will be taken up at the upcoming ICAO Global Aviation Security Symposium 2019 (AVSEC2019) to be held from 18 to 20 September 2019, where panellists and participants will be invited to discuss their experiences in developing tailored risk assessments, establishing and sustaining robust security cultures, expanding data sharing mechanisms, and overcoming the lack of formal intelligence reports to define various threats.


About the author:

Steven Berti is Chief, Aviation Security Policy (ASP) Section for the International Civil Aviation Organization, where he has worked since August 2001.