A lot of companies out there are regulated by government entities that conduct random audits of screening procedures and training records. These unannounced audits cause a great deal of stress on supervisors and managers involved in gathering last minute reports with hopes it’s enough to satisfy auditors and receive a passing grade.
Truth be told, there’s no way of knowing what elements auditors will inspect when they arrive, but that doesn’t mean you can’t be proactive to boost likelihood of success during an inspection. These training and administration best practices can apply to many aviation and cargo security training programs including:
- TSA Certified Cargo Screening Program (CCSP)
- TSA Aircraft Operator Standard Security Program (AOSSP)
- TSA Indirect Air Carrier Standard Security Program (IACSSP)
- TSA Full All-Cargo Aircraft Operator Standard Security Program (FACAOSSP)
- TSA Model Security Program (MSP)
- EU Air Cargo or Mail Carrier operating into the Union from a Third Country Airport (ACC3)
- EU Commission Regulation No. 185/2010
- UK Regulated Agent Air Cargo Security Training Programme
1. Use Syllabi and Matrices to Demonstrate Compliance
There’s a high probability that you will be asked how your training program complies with regulatory requirements. If you organize your training information into a syllabus and matrix for both initial and recurrent training, you’ll have an easier time demonstrating compliance to an auditor.
The syllabus serves as a high level outline of all training program elements you use. Include:
- The list of regulatory requirements your training satisfies
- A summary for hands-on and on-the-job training
- The student assessment process
- Additional screening supervisor training info
- Individual course summaries, objectives, and time durations
The matrix details how and where each regulatory requirement is addressed within your training. Using a chart, list the:
- Regulatory training requirements
- Origin of each requirement (regulation, amendment, section, page, etc.)
- Training courses compliant with each requirement
- Specific training objectives from the courses that address the requirement
Keep in mind you will have four documents total to help verify compliance: the initial training syllabus, initial training matrix, recurrent training syllabus, and recurrent training matrix. Using these documents, you’ll be able to provide auditors with an overview of your entire training program as well as pinpoint specifics as to how each regulatory requirement is satisfied.
2. Incorporate Amendments as they’re Released
Take proper steps to ensure all training elements are updated to incorporate new mandates and amendments within the timeframe noted by the regulator. This includes any:
- CBT courses
- Classroom training materials
- Instructor materials
- Job aids
- Workbooks and exercises
By addressing amendments as they are released by the regulator, you’ll be protecting the company. Let’s face it, no one wants to get hit with a huge fine or be faced with a shutdown for falling out of compliance.
3. Understand Training Requirements for Third Party Contractors
Although not technically an employee of your company, you could be responsible for providing third party contractors with initial and recurrent training. Contractors may play a large role with responsibilities similar to your employees or they may play a limited role but require access to secure areas.
Either way, the responsibility falls on you to know which third party contractors require training and to ensure they comply with ongoing training requirements. Realize that if a contract worker falls out of compliance, you may also fall out of compliance.
4. Develop a System for Managing Ongoing Training
We’ve seen companies receive violations because employees have only ever taken initial training or they’ve taken recurrent training but far past their due date. Don’t let this happen. Verify initial and recurrent training timeframes for your training program. Most programs require personnel to complete initial training their first year and recurrent training on an annual basis thereafter.
Many supervisors and managers find it more difficult to manage recurrent training than initial training. Mainly because it can be challenging to track which employees require recurrent training and when it should be completed by. To manage ongoing training:
- Setup automated notifications (such as the first of every month)
- Notifications list all employees due for recurrent training in the following month
- As notifications appear, remind students to complete training by their individual due date
- Give students ample time to complete recurrent training
- Verify students have completed training in full and in a timely manner
- Identify students who have fallen outside the recurrent training timeframe (They will most likely have to complete initial training all over again)
5. Verify Proper Student Assessment
For many programs, all students are required to take an assessment exam after receiving initial or recurrent training. Any who do not take the exam or fall under a certain minimum percentage are in violation. In any TSA security program, personnel must pass with a minimum score of 85%. Be sure to confirm the minimum passing score for your training program.Carefully verify students are passing especially if you are administering exams via hard copy. If you are using an automated CBT program that tracks this information, it is still recommended to periodically conduct spot checks on an ongoing basis. Remember, students can only be certified if they are taking the exam within the required timeframe and are passing exams with the appropriate score.
6. Establish an Electronic Filing System
Chances are you’ll have some amount of hard copy paperwork even if you utilize CBT. An electronic filing system is a safeguard that helps you find what you need quickly – an important provision when auditors arrive onsite and ask to see training records for program participants.
Depending on how many employees you have to train, you could have an overwhelming amount of records per student especially as the data grows over time. Establish and implement a system or repository for storing records.
Be sure your documents reside on a secure server that cannot be access by just anyone. A plan to regularly back up this server should also be established. Documents you may want to store electronically will most likely have signatures from students and/or instructors or show completion of a certain training activity. This may include:
- Attendance rosters
- On-the-job training logs
- Hands-on training logs
Take a second look at these 6 valuable best practices. It could mean the difference between a passing grade for your company or being fined with the possibility of a shutdown. Do everything you can to ensure you pass. Be proactive. Be prepared. You never know when an auditor could pay a visit.
What are your best practices when preparing for an audit? Let us know some of your tips in the comments section.