Surface and Intermodal Security – Oversight Program Description and Delivery - Fiscal Year 2018 to 2019

Table of Contents

  1. Executive summary
  2. 1. Introduction
  3. 2. Operating context
  4. 3. Risks and planning assumptions
  5. 4. Considerations
  6. 5. Initiatives to strengthen oversight
  7. 6. Oversight delivery in 2018 to 2019
  8. 7. Tables, graphics and program-specific data
  9. 8. Organizational contact information
  10. Annex A: Definitions


This document has been developed to standardize the presentation on the web of Oversight Program Description and Delivery for 2018 to 2019. This is part of the Oversight Transparency approach being implemented by Transport Canada in early 2019.

Executive summary

This report documents Transport Canada's (TC) oversight activities that are to be conducted under the Intermodal Surface Security Oversight (ISSO) program, formerly known as the Surface and Intermodal Security program, during fiscal year 2018 to 2019. In addition, this report will include regulatory authorizations performed by the Security Screening Programs (SSP), notably Transportation Security Clearances (TSC).

For the 2018 to 2019 oversight period, the ISSO program will continue to be in transition, with preparations being made to move to a regulatory framework from a voluntary Memorandum of Understanding (MOU) on Railway Security between Transport Canada and the Railway Association of Canada (TC-RAC MOU). The regulatory framework is being developed under two new railway security programs: i). Transportation of Dangerous Goods by Rail Security Regulations (TDG Rail Security Regulations); and ii). Passenger Rail Transportation Security Regulations (PAX Security Regulations). The ISSO program will continue to conduct oversight of international bridges and tunnels through individual MOUs with bridge owners and operators.

Progress has been made in developing the proposed TDG Rail Security Regulations, and in carrying out TDG security training of TC’s Transportation Security Inspectors and some outreach activities to stakeholders. ISSO anticipates that the TDG regulations will be ready to go to Canada Gazette, Part II in spring 2018, and full implementation of the regulations should be done in fiscal year 2018 to 2019. For the first year under the TDG program, ISSO will be conducting outreach activities while inspections are expected to commence in fiscal year 2019 to 2020.

With the anticipated TDG inspections in 2019 to 2020, ISSO will be required to develop a new oversight program for the 2019 to 2020 oversight period. The oversight program will be developed in 2018 to 2019 in conjunction with the TC-RAC and IBT MOU oversight programs. ISSO will therefore be managing three oversight programs simultaneously in 2019 to 2020:

  1. Conducting oversight under the existing TC-RAC MOU
  2. Conducting oversight under the IBT MOUs
  3. Conducting outreach and oversight activities under the new TDG Regulations

Regarding the Passenger Rail Security Regulatory program, ISSO continues to advance work on this program, and is expected to implement it by fiscal year 2019 to 2020.

1. Introduction

Transport Canada’s Intermodal Surface Security Oversight (ISSO) program, part of the Intermodal Surface, Security and Emergency Preparedness (ISSEP) Directorate, works with stakeholders to enhance the security of Canada’s intermodal and surface transportation – rail, urban transit, and international bridges and tunnels (IBT). A large part of this process involves TC conducting risk-based oversight planning, and providing functional guidance to operators.

Fiscal year 2017 to 2018 saw the commencement of the transition from a voluntary MOU framework (TC-RAC MOU) to a regulatory one, with two new rail security regulations under development: (i) Transportation of Dangerous Goods by Rail Security Regulations (TDG by Rail Security Regulations); and (ii) Passenger Rail Transportation Security Regulations (PAX Security Regulations). Fiscal year 2018 to 2019 will see further implementation of the new regulatory regimes, especially that of TDG, which is further advanced than the Passenger Regulatory regime.

ISSO initiated the transition to a regulatory regime in fiscal year 2017 to 2018 by: i) conducting oversight under the existing MOUs TC-RAC and IBTs) as in years past; and ii) conducting education, outreach and awareness activities in anticipation of the new TDG Rail Security Regulations. Nine (9) new security inspectors were hired and trained, and began conducting outreach and awareness activities in 2017 to 2018. For fiscal year 2018 to 2019, ISSO will continue these outreach and awareness activities, and work to develop the oversight program, which will be required, once the regulations are in force. Oversight under the existing MOUs will continue to take place in fiscal year 2018 to 2019.

Security Screening Programs (SSP) as part of the ISSEP directorate is responsible for assessing the risk posed by individuals who require access to restricted areas of airports and marine ports due to the nature of their work and marine workers who conduct certain functions. These regulatory authorizations are conducted under the Transportation Security Clearance (aviation sector) and the Marine Transportation Security Clearance programs.

2. Operating context

To help enhance railway security across Canada, ISSO’s authority to conduct oversight activities on rail and international bridges and tunnels (IBT) operations stems from the TC-RAC MOU and individual MOUs with owners/operators of IBTs. TC negotiated and signed its first rail security MOU with the RAC in 1997, which was revised and re-signed in November 2007. MOUs with individual IBT owners/operators commenced a few years later, and still continues. To date, a total of nine IBT owners/operators, accounting for 12 IBTs, have signed agreements with TC. Under these MOUs, signatories are required to:

  • Conduct risk assessments
  • Develop security plans
  • Implement a security awareness training program
  • Conduct exercises
  • Report security incidents to Transport Canada

ISSO continues to work with MOU signatories to address security gaps and inefficiencies, and to build on security improvements seen to date.

The Transportation of Dangerous Goods by Rail Security Regulations under the Transportation of Dangerous Goods Act, 1992 (TDG Act) aims to enhance the security of dangerous goods transported by rail in Canada. The proposed Regulations are partially aligned with the U.S. hazardous materials rail security regulations. They were developed in consultation with industry with preliminary consultations held between 2011 and 2013, and reengagement held between spring 2015 and spring 2016. The Passenger Rail Transportation Security Regulations under the Railway Safety Act aims to enhance passenger rail security in Canada. Industry consultations began November 2016.

3. Risks and planning assumptions

The ISSO oversight program uses, for the most part, a risk-based approach to oversight planning. In 2015, ISSO developed a three-year risk methodology to determine its annual minimum inspection schedules from 2016 to 2017 to 2018 to 2019. This fiscal year, 2018 to 2019, represents the final year of this risk methodology. ISSO is expected to develop a new one by fall 2018 in order to plan for the 2019 to 2020 oversight period.

The risk-based oversight planning process involved conducting risk analyses to rank ISSO’s 557 railway sites across Canada. To determine the risk level at each site, a total of 16 risk criteria were assigned numeric values based on the weight of their contribution to vulnerability/likelihood and impact of a terrorist attack. Risk levels were assessed using the general risk formula:

Risk = Impact + Vulnerability/Likelihood

As part of the risk-based planning process, regional managers and inspectors conducted a detailed research of their respective region to identify all passenger and freight rail sites. All sites were then ranked from extreme high risk to negligible risk using the 16 risk criteria. From here, the risk-based planning process helped ISSO determine at which rail sites oversight activities are to be conducted, and at what frequency. For example, a rail station that is at greater risk for an attack will be inspected more frequently. Similarly, a site/station that handles high passenger volume will be inspected more often than one that handles freight only. This process serves as the basis for the current national oversight plan.

The MEDIUM threat level for passenger rail in Canada, established by ITAC in 2015, under the direction of the Canadian Security Intelligence Service (CSIS), resulted in several changes to the ISSO oversight planning since 2016 to 2017. In addressing the threat level, ISSO increased their inspection activities at passenger rail lines and facilities, and the level of these activities will continue in 2018 to 2019.

As noted earlier, the ISSO oversight program is largely risk-based. However, some activities under the program are not risk-based. These include:

  • Reactive inspections
  • Education and outreach to transportation stakeholders
  • Security Plan reviews
  • Interviews with security managers

In addition, ISSEP performs oversight activities in the form of regulatory authorizations conducted by SSP in relation to the Transportation Security Clearance and Marine Transportation Security Clearance Programs. The authorities to operate these programs are supported by the Aeronautics Act and the Marine Transportation Security Regulations. The key function of these regulatory authorities is to assess the risk posed by individuals who require access to restricted areas of airports and marine ports due to the nature of their work and marine workers who conduct certain functions. The regulatory authorities support TC in protecting public safety in Canada’s aviation and marine transportation systems.

4. Considerations

To calculate the total salary cost for oversight work carried out by TC inspectors, the total number of inspection hours (including travel time) was multiplied by the hourly rate of a TI-06 inspector salary at $41.04. Operational travel costs were then added to calculate total inspection cost for each rail site.

Total inspection cost = Salary cost + Operational travel cost (OOC)

In order to maximize efficiency and minimize travel costs, inspections were planned strategically, e.g., visit more than one inspection sites per trip, or drive fleet vehicle instead of flying.

5. Initiatives to strengthen oversight

The ISSO program has several strategic initiatives in place to strengthen oversight planning, delivery and reporting during the 2018 to 2019 oversight period. They include:

  • Modernization efforts: the Transportation Security Information System (TSIS)
  • Risk-based planning
  • Multi-year planning
  • Time standards

The Transportation Security Information System

The Transportation Security Information System (TSIS) is the central repository of inspection results for ISSO. This system has a new component that streamlines planning and reporting.

In coordination with Aviation Security (and currently in the process of on-boarding TDG), Transport Canada received capital funding to migrate TSIS from a program to an application which will provide inspectors with the ability to work in TSIS in both an online and offline mode. This new application will be tablet and mobile friendly, allowing inspectors to work from any location and even take voice notes to accommodate Occupational Health and Safety (OHS) concerns.

Currently, TSIS is a database in which inspectors upload their oversight activities which are recorded on paper. The new application will allow TSIS to also be a platform for scheduling activities, time recording, tracking, reporting, and trend analysis. As well, TSIS will be more user friendly, allowing managers to conduct proper quality control of oversight activities.

Risk-based planning

ISSO’s risk-based methodology helps in providing guidance for the development of its Minimum Inspection Schedules for each region across Canada. The MISs identify and rank all rail sites that inspectors will visit to conduct oversight activities during the period.

Inspection frequency is also determined by the risk-based process. A rail station that is assigned a greater security risk will be inspected more frequently than one that is assigned a lower risk.

ISSO is currently in the process of revising the current risk methodology to incorporate the risk planning under the new TDG by Rail Security program to commence fiscal year 2019 to 2020.

Multi-year planning

ISSO carries out three-year oversight planning in its minimum inspection schedules. This oversight period, 2018 to 2019, is the final year of its three-year plan, and is based on the three-year cycle for security plan reviews. This long-range planning allows regions to plan to conduct oversight activities on all rail sites during any three-year cycle.

Each MIS template includes the following types of oversight activities:

  • security plan review
  • security manager interview
  • comprehensive inspections
  • selected inspections
  • monitoring
  • reactive inspections

Time Standards

ISSO participated in Transport Canada Safety and Security working groups for risk criteria and time standards. This influenced how ISSO approached its risk-based oversight planning. ISSO also collaborated with Aviation Security on a time-per-inspection process to determine a nationally consistent time standard for each type of oversight activities. The principles established by these working groups helped create ISSO’s risk-based methodology. ISSO will continue to work on time standards, including developing a proposal to incorporate time standards with each inspection entry in TSIS and updating Standard Operating Procedures with time standards to better reflect the current oversight environment.

6. Oversight delivery in 2018 to 2019

As per the Oversight Transparency Integration Plan, ISSO will report on how it delivers planned risk-based inspections, reactive inspections and regulatory authorizations through the Canadian Center on Transportation Data (CCTD).

The oversight that ISSO delivers, and the explanations for any variance in its planning, will be consistent with the data and information in the Safety and Security 2018 to 2019 Integrated Q4 Program Oversight Delivery Dashboard, as approved by the ISSEP Director General.

7. Tables, graphics and program-specific data

All relevant tables, graphics and program specific data will be reported in Safety and Security’s Integrated Program Oversight Delivery Dashboard, and will be published through the Canadian Center on Transportation Data.

8. Organizational contact information

Transport Canada welcomes your comments on this report.


Annex A: Definitions

Required field Description


How Transport Canada promotes, monitors or enforces compliance with our safety and security requirements.

Regulatory authorizations

Given when a regulated party (for example, a railway company or vehicle manufacturer) applies for permission to do a regulated activity, or be exempt from it. We may give permission in various forms, including a permit, licence or certification. Transport Canada does not control the number of regulatory authorizations per planning cycle.


A documented, formal examination of industry compliance with Canadian transportation safety and security rules, regulations and requirements. Authorized Transport Canada officials record the results of each inspection. For the purposes of this document, audits are a type of inspection.

*Includes pre-site, onsite, and post-site inspection and oversight activities. Is complete when the inspector submits an approved inspection or oversight activities report. Does not include follow-up action, quality control checks or outreach activities.

Planned, risk-based inspections

All inspections Transport Canada initially commits to doing in a given planning cycle. The SO3 Management Board may authorize updates as needed.

*Include inspections that are announced (and expected), and those that are unannounced. Does not include:

  • estimated numbers of demand-driven activities, such as regulatory authorizations
  • “reactive” or “opportunity” inspections that happen because of a change in oversight

Follow-up activities

Arise from findings of an initial inspection. May include an on-site inspection, requests for more information, or enhanced monitoring.

*Do not include enforcement.

Other activities

Oversight activities that Transport Canada did not initially commit to in a planning cycle, and are not a follow-up to an inspection or audit.


Measures we use to enforce requirements and compel compliance. For example:

  • letters of non-compliance
  • directions or orders
  • ticketing
  • notices of violation
  • administrative monetary penalties
  • prosecutions
  • suspensions or cancellations of certificates or authorizations

Education, outreach and awareness

How we educate the public, and encourage people and companies to comply with the law (for example: industry conferences, air shows, training, web portal)

Quality control

How we ensure inspectors follow policies and procedures, and complete required documentation. Applies to an entire oversight activity, from inspection, to follow-up, to resolving non-compliance. Supervisors and managers are responsible for quality control.

Each program must have:

  • a documented, nationally consistent way of doing quality control
  • a procedure or set of procedures to ensure inspections follow approved standard operating procedures