API RP 70-2010 pdf free download

API RP 70-2010 pdf free download.Security for Offshore Oil and Natural Gas Operations.
5.2 Facility owners/operators and contractors should keep abreast of the latest security alerts and government intelli- gence information and disseminate this information, as appropriate, throughout the organization. Facility owners/ operators should evaluate and respond appropriately to this information to safeguard personnel and assets. 5.3 Facility owners/operators should report, as appropriate, suspicious activities and behaviors, attempted incursions, ter- rorist threats, or actual events to the appropriate agencies. See Appendix A for an example communications protocol devel- oped by the Gulf Safety Committee. 5.4 Each facility owner/operator should establish clear communication channels and procedures for assessing, pre- paring for, and responding to potential or actual threats. 5.5 Each facility owner/operator should establish and maintain effective liaison with local emergency response agencies and organizations, as appropriate. 5.6 Each facility owner/operator should be aware of exist- ing security regulations, standards and operating practices as they relate to their assets. 5.7 Each facility owner/operator should develop a policy for control of relevant security sensitive information (SSI). 6 Security Vulnerability Assessment (SVA) If a facility meets or exceeds any of the threshold charac- teristics established and published by the U.S. Coast Guard, a SVA will be required. Additionally, a facility may by deemed critical by a particular owner/operator for a variety of other reasons. Each owner/operator should not only review the threshold characteristics, they should also determine if a SVA is warranted based on their own unique criteria. After an initial evaluation to determine which facilities are critical, a security vulnerability assessment (SVA) should be conducted for these critical facilities. The SVA is a secondary evaluation that examines a facilityÕs characteristics and opera- tions to identify potential threats or vulnerabilities and exist- ing
7 Security Plans 7.1 SECURITY PLAN CONSIDERATIONS Security planning starts with sound policy and procedures in place. The facility owner/operator should develop either an owner/operator-wide, multiple-facility or facility-speciÞc ¥ Additional measures as determined by the SVA, if con- ducted; and ¥ Coordination with Point of Embarkation. 7.3 SECURITY LEVELS security plan. Refer to Appendix D for an Example Model Security Plan. The security plan should include the following elements: 1. The measures being taken to detect or deter an attack or incursion; 2. The responses that may be considered at various secu- rity alert conditions, including the response to an actual attack, intrusion, or event; 3. Means of mitigating the consequences of an incident, if Homeland Security Advisory System (HSAS) Low: Green Guarded: Blue Elevated: Yellow High: Orange Severe: Red Note: *See Appendix B. Maritime Security (MARSEC) Level* Level 1 Level 1 Level 1 Level 2 Level 3 any, and; 4. If applicable, any additional security measures identi- Þed in the SVA described in Section 6. The plan should be kept conÞdential for security reasons. The plan should be reevaluated and updated periodically. A brief overview of the individual framework elements is provided in this section, as well as a roadmap to the more spe- ciÞc and detailed description of the individual elements that comprise the remainder of this recommended practice. 7.2 SECURITY PLAN ELEMENTS In developing a security plan, the facility owner/operator should consider several basic elements. This document recognizes the importance of ßexibility in designing security plans and provides guidance commensu- rate with this need. It is important to recognize that a security plan could be a highly integrated and iterative process. 7.2.1 Develop Baseline Security Plan A plan is developed to address awareness, communication and response actions, as applicable to the most signiÞcant risks to the facility.