Marine Transportation Security Regulations (SOR/2004-144)

319. A marine facility security assessment shall take into account potential threats and the following types of security incidents:

• (a) damage to, or destruction of, the marine facility or a vessel by explosive devices, arson, sabotage or vandalism;

• (b) tampering with essential equipment or systems, ships' stores or cargo of the marine facility;

• (c) unauthorized access to the marine facility;

• (d) the smuggling onto the marine facility of weapons or equipment, including weapons of mass destruction;

• (e) use of the marine facility itself as a weapon or as a means to cause damage or destruction;

• (f) nuclear, biological, radiological, explosive or chemical attacks on the shoreside support system of the marine facility or on a vessel interfacing with the marine facility;

• (g) the seizure of the marine facility or the seizure or hijacking of an interfacing vessel or persons on board; and

• (h) use of the marine facility or its equipment by persons intending to cause a security incident.

320. The operator of a marine facility shall ensure that an on-site survey of the marine facility is conducted. The survey shall examine and evaluate current protective procedures and operations to verify or collect security assessment information.

• 321. (1) A marine facility security assessment shall include a vulnerability assessment undertaken in consultation with the operator of the marine facility to determine the following so as to produce an overall assessment of the level of risk for which security procedures have to be developed:

  • (a) any particular aspect of the marine facility, including vessel traffic in the vicinity, that might make it a target of an attack;

  • (b) the potential consequences of an attack on or at the marine facility in terms of loss of life, damage to property and economic disruption, including the disruption of marine transport systems;

  • (c) the capability and intent of those likely to mount an attack; and

  • (d) the potential types of attack.

• (2) The vulnerability assessment shall include a consideration of the following:

  • (a) current security procedures, including identification systems;

  • (b) methods and points of access to the marine facility;

  • (c) the procedures to protect radio and telecommunications equipment, including computer systems and networks;

  • (d) any conflicting policies between safety and security procedures;

  • (e) any enforcement or personnel constraints;

  • (f) methods of monitoring restricted areas and other areas that have restricted access to ensure that only authorized persons have access;

  • (g) areas adjacent to the marine facility that might be exploited during or for an attack;

  • (h) current security procedures relating to utilities and other services;

  • (i) any deficiencies identified during training or drills;

  • (j) any deficiencies identified during daily operations or following incidents or alerts, reports of security concerns, the application of control measures or audits; and

  • (k) the structural integrity of the marine facility.