National Programmes

 National Civil Aviation Security Programme

 National Civil Aviation Security Training Programme

 National Civil Aviation Security Quality Control Programme

National Civil Aviation Security Programme

Pakistan has been successful in achieving excellence in maintaining aviation security despite continuous
high threats and risks from terrorism. The National Civil Aviation Security Programme (NCASP) contains
the detailed legislation, procedures, policies, regulations and measures devised on the basis of
international standards as well as additional security measures keeping in view the threat level in
Pakistan. The NCASP ensures co-ordination among all the stake holders in aviation security and fully
engages the national and international partners in aviation security. Strategies for risk management
and countering acts of unlawful interference are also incorporated in it. The NCASP provides an
overview of the following:

 Legal framework of regulatory body of aviation security

 Allocation of responsibilities of all the stakeholders involved in aviation security

 Co-ordination and communication channels for interaction at national and international forums

 Security controls and equipment being used for the screening of passengers, baggage, cargo
and mail

 Quality Control tools and procedures for ensuring the compliance with international standards

 Management of response to acts of unlawful interference and contingency planning

 Training and induction of personnel carrying out aviation security activities

 Formation and Regulation of Airport Security Committee and National Aviation Security
Committee

Aviation Security in Pakistan is based on a proactive and balanced approach and keeps all the elements
like security, efficiency and finances in equilibrium.

National Civil Aviation Security Training Programme (NCASTP)

The objective of NCASTP is to provide a framework for the selection and training of staff involved in
aviation security by stipulating the various responsibilities for ensuring these all important activities.
The NCASTP also spells out the respective training related responsibilities of all entities involved in or
overseeing security measures described in Pakistan NCASP. Consideration should be given to defining
the different types of security training programmes and all the categories of personnel who should be
subject to relevant security training according to their duties as well as the objective and the minimum
duration, frequency and contents of security training. Finally, the NCASTP stipulates the means by
which the effectiveness of the programme will be ensured as well as the certification procedures for
National Auditors, Inspectors, Security Instructors and Screeners. The contents include:

 Security Training Programme

 Security Staff recruitment and selection procedures and the training requirements and career
development
 Non-security staff recruitment and selection and training requirements
 Certification of screeners, instructors, national auditors and inspectors and managers
 Training modules and lesson plans for CAA , ASF and other functionary courses

National Civil Aviation Security Quality Control Programme

National Civil Aviation Security Quality Control Programme is a key tool for the oversight of aviation
security activities in Pakistan. It is for the identification and rectification of deficiencies in the aviation
security activities in comparison with international standards and practices. It also determines the
frequency of monitoring on the basis of risk management. The activities involved in quality control are:

 Audit: It is an in depth examination of all aspects of regulated parties, existing security

programmes to determine if measures are being implemented on a continual basis and to a
constant standard.
 Inspections: It is and examination for the implementation of the security measures required in
NCASP by airport security force, airlines and any other entity involved.
 Tests: It is an action which stimulates an attempt to commit an act of unlawful interference in
order to assess the effectiveness of a measure. A test may be conducted overtly or covertly.
 Surveys: It is an evaluation of the security needs, including the identification of vulnerable points
which could be used to commit an act of unlawful interference and the recommendation for the
implementation of remedial measures suited to the identified risk.
 Investigation: It is the review of a security incident and its causes in order to prevent them from
recurring.

International Documents

Annex - 17 is about safeguarding civil aviation against acts of unlawful interference. It consists of 5
chapters which provide international standards and recommendations regarding aviation security to
keep all the airports and personnel protected.

Annex - 9 discusses the facilitation services for the ease of passengers. Its relevant from aviation
security's point of view because it contains certain security related standards regarding travel
documents of passengers.

Annex-18 is about the safe transport of dangerous goods by air. The technical standards and
methodology is described in detail and the compliance to these standards and national regulations
comes also under the purview of security directorate.

Doc 8973 is a detailed document which provides guidance material to all the ICAO member states in
achieving aviation security standards as described in Annex-17.
Doc 9807

Universal Audit Security Programme Continuous Monitoring Approach (USAP-CMA) provides states
guidance to all the stakeholders involved in audit in planning, preparation, conducting and reporting of
USAP-CMA activities. It tells how states can comply with the SARPs of Annex 17 and Annex-9 security
related provisions. USAP-CMA is instrumental in identifying aviation security concerns and providing
recommendations for their resolution. USAP-CMA is efficient, long-term sustainable and cost effective,
and incorporates risk-management elements specific to aviation security.

Doc 10047

Doc 10047 is the aviation security oversight manual that has been designed to emphasize the
obligations and responsibilities of an ICAO Contracting State for the oversight of its national civil aviation
security system, through the establishment and management of a civil aviation security oversight
system, and to provide information and guidance for government decision makers in that regard.

Doc 9957 is the facilitation manual which is the guidance material to Annex-9. It describes in detail
about the standards and procedures to implement in the aviation security system.

United Nation's Security Council Resolution 2309 on aviation security is to ensure the security and safety
of global air travel and stresses the need to strengthen security measures and information among all
stakeholders involved in aviation security.

Directorate of Security - About

PCAA directorate of security is designated key regulatory role for ensuring the compliance of aviation
security measures as per International and National standards to protect civil aviation from acts of
unlawful interference.

The Directorate is committed to manage security control and audit tasks at airports through security
programs and enact the relevant compliance to ICAO Annexures & documents, EU and TSA regulations
and national regulations.

The Directorate is committed to manage security control and audit tasks at airports through security
programs and enact the relevant compliance to ICAO Annexures and documents. It is also designated
to manage the coordination of the training in the field of aviation security with ICAO, IATA, CATI and
other training institutes for trainings and certifications. The Directorate also evaluates and provides
security infrastructure and equipment at airports, in addition it is responsible for documentation of all
facts and events related to the security issues for preventive and corrective actions.

Core Functions and Responsibilities

 Aviation Security

 Vigilance

 Intelligence

Vision
To regulate the highest standards of security for the Pakistan aviation Industry and set a benchmark for
the International community.

Mission

To be the best in aviation security.Ensuring excellent standards for the protection of passengers, crew,
aircrafts and all concerned against acts of unlawful interference via quality control activities,
continuous monitoring, training, education, research and innovation.

Core Values

 Excellence
In everything we do

 Dedication
To serve with full sincerity

 Innovation
To be ahead in race

 Compliance
No compromise on security issues

 Team Work
Synergy and Capacity Building

International Conventions

Chicago Convention

The Convention on International Civil Aviation, drafted in 1944 by 54 nations, was established to
promote cooperation. Known more commonly today as the "Chicago Convention", this landmark
agreement established the core principles permitting international transport by air, and led to the
creation of the specialized agency which has overseen it ever since - the International Civil Aviation
Organization (ICAO).

Tokyo Convention

In recognition of the fact that customary international law inadequately coped with the jurisdiction
problems arising from crimes on board aircraft in flight, the Tokyo convention on Offences and Certain
Other Acts Committed on Board Aircraft, was concluded on 14 September 1963.

The Hague Hijacking Convention

The Hague Hijacking Convention (formally known as The Convention for the Suppression of Unlawful
Seizure of Aircraft) is a multilateral treaty by which states agree to prohibit and punish aircraft hijacking.
The convention does not apply to customs, law enforcement or military aircraft, thus it applies
exclusively to civilian aircraft. The convention sets out the principle of aut dedere aut judicare - that a
party to the treaty must prosecute an aircraft hijacker if no other state requests his or her extradition
for prosecution of the same crime.

Montreal Convention

Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation (sometimes referred
to as the Sabotage Convention or The Montreal Convention) was signed in 1971 in consideration of the
fact that unlawful acts of seizure or exercise of control of aircraft in flight jeopardize the safety of
persons and property and seriously affect the operation of air services and the safety of civil aviation.

Montreal Protocol

Protocol for the Suppression of Unlawful Acts of Violence at Airports serving International Civil Aviation
(Montreal Protocol) is supplementary to the convention for the Suppression of Unlawful Acts against the
Safety of Civil Aviation (Montreal Convention 1971). The protocol enhances aviation security by
including airports serving international civil aviation in the scope of protection of the Montreal
Convention of 1971.

Convention on the Marking of Plastic Explosives

The Convention agrees to prohibit the manufacture, storage, transport, or entry of unmarked plastic
explosives in its territory. Plastic explosives are not prohibited by the treaty, but it mandates that when
they are produced they are marked with a chemical taggant (specified in the treaty's Technical Annex)
which can facilitate future identification purposes. The convention was ratified on 1st March 1991.

National Regulations

Civil Aviation Ordinance 1982

Pakistan Civil Aviation Authority provides for the promotion and regulation of civil aviation activities and
to develop infrastructure for safe, efficient and properly coordinated civil air transport service in
Pakistan.

Civil Aviation Rules 1994

Civil Aviation Rules 1994, provides the guidelines and regulations which all the PCAA employees have to
abide by.

National Aviation Policy 2015 and now in March 2019 approved by PM

The policy marks an important milestone in Pakistan’s aviation history, where the Government along
with all stakeholders, representing various segments of the aviation industry, collectively developed a
comprehensive and forward looking document. Key objective set forth for aviation division was to
develop a safe, secure and efficient air transportation structure. The policy is designed to create better
business opportunities and enhance economic activity through effective utilization of resources.
About Safety and Quality Management System -
SQMS
The Directorate of Safety and Quality Management System is established in 2009. In 2008 Pakistan
CAA started actions regarding acquisition of International Management Systems Standards for the
continual improvement in its functions, systems and services. ICAO Safety management System is
another International requirement for the provision of Air Traffic Services and Aerodrome Operations.
Pakistan CAA being Air Navigation Service Provider & Operator of Aerodromes and having a fleet of
Calibration Aircraft is mandatorily required to implement Safety Management System (Aviation SMS)
in these areas. In the first phase CAA intends to subscribe four major international management
system standards (i.e. QMS, EMS, OHSAS & ICAO SMS. In the year 2009 management of Pakistan
CAA has decided to establish a separate Directorate to operate & control all four management
systems from one single office and so the Directorate of Safety & Quality Management System was
came into being headed by Director SQMS, who reports directly to the Director General of Pakistan
CAA. Later on Pakistan CAA has added two more standards i.e. ICAO Security Management System
and Information Security Management System. The successful implementation of these fundamental
management system standards will open new avenues in the success of Civil Aviation Authority. The
Directorate of SQMS would certainly move forward for the acquisition of other international
management standards in future.

Roles of SQMS
The Directorate of SQMS primarily focuses on sustainable development, effective implementation
and continual improvement of Integrated Management System (IMS) of the organization which
includes ICAO’s Aviation SMS (Safety Management System), Security Management system, QMS
(Quality Management System – ISO 9001:2008), EMS (Environmental Management System – ISO
14001:2004), OHSMS (Occupational Health & Safety Management System) and Information
Technology Security Management System 27001:2005. The compliance with ICAO SMS requirements
and acquisition of international standards are planned with the philosophy of integrating all
management standards under one umbrella with a commitment to move CAA towards a Total Quality
Management (TQM) Organization. This Directorate also performs the performance / system audits of
each and every function of the organization. SQMS Directorate oversees implementation of IMS
Policy, setting & monitoring of overall organizational objectives and tasks / targets and suggests
improvement measures in order to ensure that the organization is focused towards the Vision,
Mission, and Core Values.

SQMS Directorate is Focal Point for:-

 Disaster Risk Reduction (DRR) implementation Committee on behalf of CAA

 ECO (Energy Conservation Organization) : Alternate Energy & Energy Conservation
 To oversee Employee Suggestions System and Voluntary Hazard Reporting System
 Personal Protective Equipment and HSE Monitoring & Measuring Equipment
 CAA Business Plan
 Clean Drinking water facility
 Waste Management System
 Celebrating Earth Day, Earth Hour, World Environment Day, World Quality Day
 Conducting Safety / HSE Workshops
 Disability friendly initiatives
 IMS portal management

SAFETY MANAGEMENT SYSTEM

ANNEX 19
In order to achieve its production objectives, the management of any aviation organization requires
the management of many business processes. Managing safety is one such business process. Safety
management is a core business function just as financial management, HR management, etc. There is
no aviation organization that has been created to deliver only safety. This brings about a potential
dilemma for management of Safety Culture is not an end itself, but a means to achieve an essential
management prerequisite. Safety management can be defined as:

"The reduction of risk to a level that is as low as is reasonably practicable."

SMS provides a systematic way to identify hazards and control risks while maintaining assurance that
these risk controls are effective. SMS is implemented in Air Traffic Services and at Aerodromes based
upon following ICAO Framework:

SMS FRAMEWORK
1. Safety Policy and Objectives
o Management commitment and responsibility
o Safety accountabilities
o Appointment of key safety personnel
o Coordination of emergency response planning
o SMS documentation
2. Safety Risk Management
o Hazard identification
o Risk assessment and mitigation
3. Safety assurance
o Safety performance monitoring and measurement
o The management of change
o Continuous improvement of the SMS
4. Safety Promotion
o Training and education
o Safety communication

QUALITY MANAGEMENT SYSTEM (QMS ISO

9001:2008/2015)
1. The concept of quality as we think of it now first emerged from the Industrial Revolution.
Quality, as a profession and the managerial process associated with the quality function, was
introduced during the second-half of the 20th century, and has evolved since then. Over this
period, few other disciplines have seen as many changes as the quality profession. The quality
profession grew from simple control, to engineering, to systems engineering. Quality control
activities were predominant in the 1940s, 1950s, and 1960s. The 1970s were an era of quality
engineering and the 1990s saw quality systems as an emerging field. Quality has achieved
status as a recognized profession.

2. A quality management system (QMS) is a collection of business processes focused on

achieving quality policy and quality objectives — i.e. what your customer wants and needs. It
is expressed as the organizational structure, policies, procedures, processes and resources
needed to implement quality management. Early systems emphasized predictable outcomes
of an industrial product production line, using simple statistics and random sampling. By the
20th century, labour inputs were typically the most costly inputs in most industrialized
societies, so focus shifted to team cooperation and dynamics, especially the early signaling of
problems via a continuous improvement cycle. In the 21st century, QMS has tended to
converge with sustainability and transparency initiatives, as both investor and customer
satisfaction and perceived quality is increasingly tied to these factors. QMS also focus on
sustainability issues and assume that other quality problems will be reduced as result of the
 systematic thinking, transparency, documentation and diagnostic discipline that sustainability
focus implies.

3. A QMS process is an element of an organizational QMS. The ISO9001:2000 standard requires

organizations seeking compliance or certification to define the processes which form the QMS
and the sequence and interaction of these processes.

4. QMS helps organizations need to demonstrate its ability to consistently provide product that
meets customer and applicable statutory and regulatory requirements and aims to enhance
customer satisfaction through the effective application of the system, including processes for
continual improvement of the system and the assurance of conformity to customer and
applicable statutory and regulatory requirements.

PDCA CYCLE ON ITS BASIS QUALITY MAANGMENT SYSTEM IS BASED

ENVIRONMENTAL MANAGEMENT SYSTEM (EMS ISO

14001:2004)
An Environmental Management System (EMS) is a set of processes and practices that enable an
organization to reduce its environmental impacts and increase its operating efficiency. It is a
framework that helps an organization to achieve its environmental goals through consistent control of
its operations. The assumption is that this increased control will improve the environmental
performance of the company. The EMS itself does not dictate a level of environmental performance
that must be achieved; each organization's EMS is tailored to the organization's business and goals
An Environmental Management System (EMS) determines and continuously improves an
organization’s environmental position and performance. It follows an outline and is managed like any
other facet of a business; quality, safety, etc, and provides a framework for implementing
improvements or to meet regulatory requirements. Ideally, it is built on an existing quality
management system. (ISO 9001).

EMS specifies requirements for an environmental management system to enable an organization to

develop and implement a policy and objectives which take into account legal requirements and other
requirements to which the organization subscribes, and information about significant environmental
aspects. It applies to those environmental aspects that the organization identifies as those which it
can control and those which it can influence. It does not itself state specific environmental performance
criteria.EMS is applicable to any organization that wishes to establish, implement, maintain and
improve an environmental management system, to assure itself of conformity with its stated
environmental policy, and to demonstrate conformity with ISO 14001:2004 by:

a. making a self-determination and self-declaration, or

b. seeking confirmation of its conformance by parties having an interest in the organization, such
as customers, or
c. seeking confirmation of its self-declaration by a party external to the organization, or
d. seeking certification/registration of its environmental management system by an external
organization.

All the requirements in ISO 14001:2004 are intended to be incorporated into any environmental
management system. The extent of the application will depend on factors such as the environmental
policy of the organization, the nature of its activities, products and services and the location where
and the conditions in which it functions.

 Environmental management system requirements

 Environmental policy
 Planning
 Implementation and operation
 Documentation
 Control of documents
 Emergency preparation and response
 Checking
 Internal Audit
 Management Review

INFORMATION SECURITY MANAGEMENT SYSTEM

(ISMS ISO/IEC 27001:2005)
An ISMS is a systematic approach to managing sensitive company information so that it remains
secure. It includes people, processes and IT systems by applying a risk management process.

An ISO 27001 information security management system is a systematic and pro-active approach to
effectively managing risks to the security of your company’s confidential information. The system
promotes efficient management of sensitive corporate information, highlighting vulnerabilities to
ensure it is adequately protected against potential threats. It encompasses people, process and IT
systems.

Like other ISO management system standards, certification to ISO/IEC 27001 is possible but not
obligatory. Some organizations choose to implement the standard in order to benefit from the best
practice it contains while others decide they also want to get certified to reassure customers and
clients that its recommendations have been followed. ISO does not perform certification.
Information is an asset which, like other important business assets, has a value to an organization
and consequently needs to be suitably protected. This standard helps organization to coordinate all
security efforts both electronically and physically, coherently, cost effectively and with consistency
and prove to potential customers that you take the security of their personal / business information
seriously. The main benefits include:

 Cost reductions due to avoiding incidents

 Smoother running operations as responsibilities and processes are clearly defined
 Improved business image in the marketplace – customers have peace of mind that the
company is trustworthy
 Working with a trustworthy provider maintains the company’s own integrity to the
safeguarding of its data
 Installs confidence further down the supply chain resulting in stronger customers / supplier
relationships

ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating,

monitoring, reviewing, maintaining and improving a documented Information Security Management
System within the context of the organization's overall business risks. It specifies requirements for
the implementation of security controls customized to the needs of individual organizations or parts
thereof.ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate
security controls that protect information assets and give confidence to interested parties.ISO/IEC
27001:2005 is intended to be suitable for several different types of use, including the following:

 use within organizations to formulate security requirements and objectives;

 use within organizations as a way to ensure that security risks are cost effectively managed;
 use within organizations to ensure compliance with laws and regulations;
 use within an organization as a process framework for the implementation and management
of controls to ensure that the specific security objectives of an organization are met;
 definition of new information security management processes;
 identification and clarification of existing information security management processes;
 use by the management of organizations to determine the status of information security
management activities;
 use by the internal and external auditors of organizations to determine the degree of
compliance with the policies, directives and standards adopted by an organization;
 use by organizations to provide relevant information about information security policies,
directives, standards and procedures to trading partners and other organizations with whom
they interact for operational or commercial reasons;
 implementation of business-enabling information security;
 use by organizations to provide relevant information about information security to customers.
 Information security management system
 Management responsibility
 Internal ISMS audit
 Management review of the ISMS
 ISMS improvement

OCCUPATIONAL HEALTH & SAFETY ASSESSMENT

OHSAS (officially 'BS OHSAS 18001:2007') is an internationally-applied British Standard for
occupational health and safety management systems. It exists to help all kinds of organizations put
in place demonstrably sound occupational health and safety performance. It is a widely recognized
and popular occupational health and safety management system. Organizations worldwide recognize
the need to control and improve health and safety performance and do so with occupational health
and safety management systems (OHSMS).

 OH&S management system requirements

 Implementation and operation
 Documentation
 Checking
 Evaluation of compliance
 Incident investigation, nonconformity, corrective action and preventive action
 Management review

ICAO SECURITY MANAGEMENT SYSTEM

Security management is the identification of an organization's assets (including information assets),
followed by the development, documentation, and implementation of policies and procedures for
protecting these assets. An organization uses such security management procedures as information
classification, risk assessment, and risk analysis to identify threats, categories assets, and rate
system vulnerabilities so that they can implement effective controls and prevention of losses.

Loss prevention focuses on what your critical assets are and how you are going to protect them. A
key component to loss prevention is assessing the potential threats to the successful achievement of
the goal. This must include the potential opportunities that further the object (why take the risk
unless there's an upside?) Balance probability and impact determine and implement measures to
minimize or eliminate those threats.

Management of security risks applies the principles of risk management to the management of
security threats. It consists of identifying threats (or risk causes), assessing the effectiveness of
existing controls to face those threats, determining the risks' consequence(s), prioritizing the risks
by rating the likelihood and impact, classifying the type of risk and selecting and appropriate risk
option or risk response.

Security Management Systems (SeMS) protects facilities. It is a security solutions for organization of
every size. The main focus of Security SMS is keeping facilities and data secure.

The Security Management System (SeMS) is an application that organization will use to grant their
staff access to secured information. The role of Security Manager is important. ICAO has implemented
Security Management System in Aviation Business., which is being implemented in Pakistan CAA.

FUTURE PLAN
 Achieve, comply and exceed the requirements / standards set by ICAO and International
Management System Standards
 Enabling the organization to work as a single unit with unified objectives with each function
aligned behind a single goal i.e. performance improvement of the entire organization
 Facilitating all CAA functions to fulfill / adhere to their Regulatory, Statutory, Legal and other
requirements
 Identifying and implementing additional international management system standards and
helping CAA to become one of the leading aviation organizations in the World

Following standards earmarked to be acquired in the future

 ISO 26000 (Social Responsibility)

  ISO 28001 (Security Management)
 ISO 31000 (Risk Management)
 ISO 10001 (Customer Satisfaction)
 ISO 51000 (Energy Management
 BSI 26999 (Business Continuity)

AGL = above ground level

MSL = mean sea level

On airport = towards airport / away from airport (at or below 200 feet on approach)

Climb (to or at 500 feet)

Near airport (201 – 1000 feet AGL approach)

For climb (501-1500 feet)

Off airport (approach > 1000 feet)

For climb (>1500 feet)

Past Questions
1. Overrun runway length? a) 500ft b) 1000ft c) 1500 d) 2500ft e) 3000 ft
2. Total weight a craft can carry while standing still is called?
3. Downstream speed of a boat is 100 KM/hr. Upstream speed is 75KM in 15 hrs. speed of stream?
4. Heathrow airport in which city?
5. Area no public access and movement is allowed near runway? a) public safety b) ....... c) restricted zone
6. limit of Public safety zone from center line of runway? a) 1KM b) 2KM c) 4 KM d) 6KM
7. 8 % of (8% of X) if added into X, what would be the multiple of X?
8. Age of A is 2B, 8 year ago, thrice the age of B is one year more than current age of A. Ages of A and B?
9. horizontal distance b/w datum and arm of craft?
10. what is datum? ans: imaginary vertical plane
11. Datum is parallel to the ....... a) lateral axis b) longitudinal c) cant recall other options
12. Accidents which occur in vicinity of airport a) under shoot b) overshoot c) veer-off accidents
13. which polarization is less affected from rain used by radars a) horizontal b) vertical c) circuilar d) cant recall this
one
14. OHSAS current standard ?
15. Safety awareness and safety plans are responsibility of a) Safety management b) Quality management c) Airport
safety management
16. in ISO standards are maintained by ??
17. in ISO standards, "Quality" means, a) after sales services b) standard of product c) cant recall
18. Battle field of Europe ? a). bhutan b). belgium c). japan d).Greece
19. In past , Spain has also been known for a). skin of bull b) Gold mine c). cant recall
20. Shape of basketball court ? a) circular b) oval c) rectangular d) triangular

Hethrow is an airport of?

FAA standards questions thay biche mein
Battlefield of Europe is

maximum weight on aircraft while standing