(a) The Area Maritime Security (AMS) Committee will ensure that a risk based AMS Assessment, is completed and meets the requirements specified in § 103.310 of this part and § 101.510 of this subchapter, incorporating the elements specified in § 103.405 of this part.
(b) AMS Assessments can be completed by the COTP, the AMS Committee, a Coast Guard Port Security Assessment team, or by another third party approved by the AMS Committee.
(c) Upon completion of each AMS Assessment, a written report, which is designated sensitive security information, must be prepared consisting of:
(1) A summary of how the AMS Assessment was conducted;
(2) A description of each vulnerability and consequences found during the AMS Assessment; and
(3) A description of risk reduction strategies that could be used to ensure continued operation at an acceptable risk level.
(a) The AMS Assessment must include the following elements:
(1) Identification of the critical Marine Transportation System infrastructure and operations in the port;
(2) Threat assessment that identifies and evaluates each potential threat on the basis of various factors, including capability and intention;
(3) Consequence and vulnerability assessment for each target/scenario combination; and
(4) A determination of the required security measures for the three MARSEC Levels.
(b) In order to meet the elements listed in paragraph (a) of this section, an AMS Assessment should consider each of the following:
(1) Physical security of infrastructure and operations at the port;
(2) Structures considered critical for the continued operation of the port;
(3) Existing security systems and equipment available to protect maritime personnel;
(4) Procedural policies;
(5) Radio and telecommunication systems, including computer systems and networks;
(6) Relevant transportation infrastructure;
(7) Utilities;
(8) Security resources and capabilities; and
(9) Other areas that may, if damaged, pose a risk to people, infrastructure, or operations within the port.
(c) AMS Assessments are sensitive security information and must be protected in accordance with 49 CFR part 1520.
The persons carrying out the AMS Assessment must have the appropriate skills to evaluate the security of the port in accordance with this part. This includes being able to draw upon expert assistance in relation to:
(a) Knowledge of current security threats and patterns;
(b) Recognition and detection of dangerous substances, and devices;
(c) Recognition, on a non-discriminatory basis, of characteristics and behavioral patterns of persons who are likely to threaten security;
(d) Techniques used to circumvent security measures;
(e) Methods used to cause a transportation security incident;
(f) Effects of dangerous substances and devices on structures and port services;
(g) Port security requirements;
(h) Port business practices;
(i) Contingency planning, emergency preparedness, and response;
(j) Physical security measures;
(k) Radio and telecommunications systems, including computer systems and networks;
(l) Transportation and civil engineering;
(m) Vessel and port operations; and
(n) Knowledge of the impact, including cost impacts of implementing security measures on port operations.