This document has been prepared as a guide for conducting a security risk assessment for small to medium rail transport operators (RTOs).  The approach taken in the handbook recognises that, RTOs are best placed to determine the vulnerabilities and threats to their assets (being their people, property, information, operations, reputation and environment), as well as identifying appropriate preventative security measures and/or procedures and to develop appropriate security risk management plans (SRMP).

This handbook has been developed to expand on information available in Security Handbook Vol 1 Managing Security Related Risks in RTOs. In addition to providing a systematic process, it also explains how that process fits with the overall management of security in an RTO and provides direction on how to make use of the process outcomes to demonstrate the management of risk to So Far As Is Reasonably Practicable (SFAIRP)


his handbook has been developed by the Rail Industry Safety and Standards Board (RISSB) to assist smaller to medium sized RTOS with effectively managing security related risks to RTOs. It should be read in conjunction with Handbook 1, which provide guidance in the implementation of security strategies.

This handbook sets forth a more bespoke framework for the application of security risk management in the Australian and New Zealand rail industries, to support less-complex operations. It is a fluid document that will be monitored and refined in order to maintain international best practice for rail transport security.

This handbook is subordinate to any relevant legislation or regulation concerning transport security.