References to EU regulation or EU websites in our guidance will not be an accurate description of your obligations or rights under UK law.read more
A Security Management System (SeMS) provides an entity with a framework of operating principles and guidance which enable it to enhance security performance by proactively managing risks, threats, and areas where there are gaps and vulnerabilities which may have a negative impact on that performance.
The UK CAA remains aligned with IATA, ICAO, ECAC and other regulatory bodies in the move towards modernising aviation security and considers SeMS key in achieving this.
The CAA is committed to sustaining and improving public confidence in air travel through constant industry self-assurance and responsible management of risk, combined with a focused and adaptive regulatory approach.
A Security Management System (SeMS) enables an organisation to identify and manage its own security risks in a proactive manner, with an effective security culture as the bedrock. SeMS provides top down assurance that the security measures taken to manage those risks are effective, on the basis that:
We will work alongside organisations as they exploit the insights and efficiencies delivered by a mature and effective SeMS - and we will utilise the resulting assurance data to develop an adaptive and risk-based oversight regime in the move towards Risk Based Oversight (RBO).
We believe the implementation of SeMS is straightforward:
For further information on implementing an SeMS, see
CAP 1273 Implementing Security Management Systems: An Outline.
The entity completes a Gap Analysis to identify which areas of their operation are already in line with the SeMS Framework, and which will require further development to meet Framework requirements.
The CAA will conduct a Phase 1 assessment to verify if the SeMS is present and suitable. This assessment comprises of:
Once sufficient time has elapsed for the entity's SeMS to mature, the CAA conducts a Phase 2 assessment to establish if the SeMS is operating and effective.
This assessment comprises of:
At Phase2B, the entity provides continued assurance of its SeMS.
This comprises of:
Growing numbers of organisations across all modes are actively developing their SeMS.
We are leading the way in making SeMS a reality for the wider aviation industry, and continue to support the ever-increasing numbers of entities making use of the advantages of implementing a robust and effective SeMS.
Risk Based Oversight (RBO) utilises additional security assurance data, including SeMS performance data, to adjust the frequency and/or target of CAA observations.
We are currently developing our RBO approach with Industry with a view to identifying the most appropriate data sets on which the adjustments to our oversight regime will be based. SeMS is a necessary precursor for the CAA to achieve this.
Training is available on a variety of Aviation Security topics, including SeMS, and is particularly relevant for Security Managers and Accountable Managers.
Our training provides a great opportunity to meet with the Regulator and Industry colleagues, share best practice, and find out more about implementing a successful SeMS.
For more information contact the SeMS team at firstname.lastname@example.org.
Read all @UK_CAA
Economic regulation of Heathrow Airport Limited
27 April, 2021
UK Civil Aviation Authority confirms regulatory approval for JetBlue
19 April, 2021
Major safety boost for offshore helicopters moves closer
25 March, 2021
Read all News
13 May, 2021
International Civil Aviation Day
7 December, 2020
Read All Blogs