The 36th Session of the ICAO Assembly directed the ICAO Council to consider the introduction of a limited level of transparency with respect to ICAO aviation security audit results, balancing the need for States to be aware of unresolved security concerns with the need to keep sensitive security information out of the public realm.
The ICAO Council approved a new MoU, which facilitates the limited level of transparency requested by the 36th Session of the ICAO Assembly. The information released consists of an indication of the level of implementation of the critical elements of an audited State's aviation security oversight system. This information is released to all ICAO Member States on a secure website, and consists of a chart. Transparency applies to all audits under the second cycle.
Significant Security Concerns
In addition to these measures which allow limited transparency of audit results, the ICAO Council approved in February 2010 a definition and a mechanism to deal with Significant Security Concerns (SSeCs) in a timely manner, outside of the established timeline for the production of audit reports and CAPs.
An SSeC occurs when the appropriate authority responsible for aviation security in the State permits aviation activities to continue despite a lack of effective implementation of the minimum security requirements established by the State and by the provisions set forth in Annex 17 related to critical aviation security controls including, but not limited to, the screening and the protection from unauthorized interference of passengers, cabin and hold baggage; the security of cargo and catering; access control to restricted and security-restricted areas of airports; and the security of departing aircraft resulting in an immediate security risk to international civil aviation.
When a potential SSeC is identified, the State in question is informed of the existence of a preliminary SSeC during the audit. If the preliminary SSeC is confirmed, the State will receive written notification, including the detailed finding and recommendation, within 15 days of the audit debriefing. The State is given a timeframe (maximum 15 days) to rectify the deficiency. If the State fails to resolve the deficiency within the agreed timeframe, the existence of an unresolved SSeC is disclosed to all States through the USAP secure website without providing its details. A chart showing the SSeC mechanism is shown below.