AVSEC - Civil Aviation Security

Foto ilustrativa da Plataforma da t-Risk em um dispositivo eletrônico

About the t-Risk Platform

The t-Risk Platform is a SaaS solution available since 2015, developed to transform risk management in organizations. It combines technological innovation with the best global regulatory practices, especially the guidelines of ISO 31000 and ISO 31050 standards. Fully aligned with international standards, t-Risk offers an analytical and practical approach, supporting companies in all stages of corporate risk management: identification, analysis, evaluation, prioritization, and treatment. Available in Portuguese, Spanish, and English, the platform increases organizational productivity by up to 80%, delivering efficiency and accuracy.

Besides strengthening regulatory compliance and optimizing processes, t-Risk empowers its clients to transform challenges into opportunities by providing valuable information for strategic decision-making. Whether to reinforce organizational resilience or drive sustainable growth, t-Risk is an indispensable ally for facing an increasingly dynamic and complex risk landscape.

Discover how t-Risk can revolutionize risk management in your organization. Explore the power of our solutions and strengthen your strategy with a tool that goes beyond technology: a true partner in your journey towards transformation.

The current challenge of civil aviation

Improve the safety and facilitation of global civil aviation. This Strategic Objective reflects the need for ICAO to lead in aviation security, facilitation, and related border security.

Improve operational safety of global civil aviation. This Strategic Objective mainly focuses on the State’s regulatory oversight capability.

Increase capacity and improve efficiency of the global civil aviation system, mainly through modernization of air navigation infrastructure and aerodromes.

Foster the development of a strong and economically viable civil aviation system, harmonizing the air transport framework, focusing on economic policies and supporting activities.

Minimize adverse environmental effects of civil aviation activities, in all related environmental actions.

Our strategic response

Based on ISO 31000, a fundamental pillar of modern risk management, and expanded with the guidelines of ISO 31050, focused on emerging risks and organizational resilience — an approach that will become increasingly indispensable in volatile and complex environments.

Aligned with the guidelines of the ICAO (Annex 17, Doc. 9859), the ANAC Brazil, and the AFAC Mexico, with methodological adaptations integrating the aeronautical regulatory framework with the best international risk management practices.

Applies methodologies adjusted to the real contexts of airports, airlines, terminals, aircraft, and regulatory bodies.

Integrates people, processes, and technologies under a coherent, agile, and auditable structure.

Provides continuous support for strategic decision-making, regulatory compliance, and proactive prevention of critical events.

Applications of the AVSEC module

The AvSec Module of the t-Risk Platform was designed to cover the main risk scenarios in civil aviation, both on the ground and in flight, integrating aspects of Security to protect air transport against acts of unlawful interference.

AVSEC Module Airports

Assessment of threats, vulnerabilities, and risks of unlawful interference;
Support in the preparation and review of Security and Contingency Plans;
Risk assessment and management according to scenarios defined by ICAO and national regulations;
Structured support for the evaluation and updating of Airport Security Programs.

AVSEC Module Aircraft

Identification of threats and analysis of risks associated with routes, operational profiles, and flight characteristics;
Application of operational security controls and risk response and mitigation measures;
Preparation, updating, and evaluation of the Security program.

Operational Safety at Airports

Mapping of operational hazards linked to infrastructure, environmental conditions, or ground processes;
Systematic risk assessment and proposal of preventive measures;
Contribution to supporting documentation for SMS (Safety Management System) programs.

Operational Safety on Aircraft

Risk assessment related to flight operation, dispatch, and maintenance;
Application of quantitative and qualitative criteria to prioritize controls;
Integration with matrices and security plans defined by the organization.

Comparative table of AvSec Module applications

Type of management

Approach

Examples of addressed situations

Airport Security Risk Management

Evaluation and control of security risks in airport facilities.

Intrusions, infrastructure sabotage.

Aircraft Security Risk Management

Evaluation and control of security risks in flights.

Unlawful interference, bomb threats.

Airport Safety Risk Management

Evaluation and control of operational risks in the airport environment.

Runway impacts, hazardous conditions.

Aircraft Safety Risk Management

Evaluation and control of operational risks during flight.

Technical failures, pilot errors.

Approach

Examples of addressed situations

Airport Security Risk Management

Evaluation and control of security risks in airport facilities.

Intrusions, infrastructure sabotage.

Aircraft Security Risk Management

Evaluation and control of security risks in flights.

Unlawful interference, bomb threats.

Airport Safety Risk Management

Evaluation and control of operational risks in the airport environment.

Runway impacts, hazardous conditions.

Aircraft Safety Risk Management

Evaluation and control of operational risks during flight.

Technical failures, pilot errors.

Structured and internationally recognized methodology

The AVSEC Module operates according to a solid, auditable risk management methodology aligned with the best international practices:

ISO 31000 – Defines the general framework of the risk management process: context, identification, analysis, evaluation, treatment, monitoring, and communication.

ISO 31050 – Expands the approach to include emerging risks and organizational resilience, essential in complex environments such as civil aviation.

ICAO Methodology (Annex 17 and Doc. 8973) – Applies specific principles for threat, vulnerability, and residual risk assessment.

Mandatory Circular COSA 17.16 – Mandatory Circular COSA 17.16 – establishes the methodology for threat assessment and risk management in civil aviation security in Mexico.

ANAC Organizational Risk Management Manual – Complements the approach with criteria applicable to Brazilian operators.

The tool applies an integrated and adaptable workflow:

2. IDENTIFICATION OF THREATS OR HAZARDS

4. PROPOSAL OF CONTROLS AND MITIGATION MEASURES

1. CONTEXT DEFINITION

3. RISK ANALYSIS AND EVALUATION

5. RECORDING, TRACEABILITY AND MONITORING OF CONTROLS AND RESULTS

Comparative matrix – ISO, ICAO, AFAC and ANAC

REFERENCE

SCOPE

METHODOLOGICAL APPROACH

APPLICATION IN THE AVSEC MODULE

ISO 31000

Management of any type of risk in any organization.

Interactive risk management process: context, identification, analysis, evaluation, treatment, monitoring.

Structural basis of the risk assessment and control management process.

ISO 31050

Management of emerging risks with focus on resilience.

Application of the intelligence cycle for anticipation of emerging risks.

Complementary framework for analysis of non-obvious or unmanageable risks.

ICAO

Civil aviation security against unlawful and operational acts.

Assessment of threats, vulnerabilities, and residual risk; mitigation measures.

Reference for ARII, PSA, ASP, and threat control.

AFAC

Risk management in organizational processes of regulatory operators.

Model based on ISO 31000 adapted to the Mexican aeronautical sector context.

Alignment with the Airports Law and PNSAC requirements.

ANAC

Risk management in organizational processes of regulatory operators.

Model based on ISO 31000 adapted to the Brazilian aeronautical sector context.

Alignment with local regulators and PNAVSEC requirements.

Imagem representativa de um homem em um aereoporto com sua mala de viagem

Compliance and regulatory intelligence

The AVSEC Module was developed in alignment with the main international and national regulatory frameworks, providing technical and methodological support to those responsible for risk management in civil aviation. Main references:

ICAO – Annex 17 and Doc. 9859. Establish minimum standards and recommended methods for assessing threats, vulnerabilities, and risks of unlawful interference, as well as guiding the planning of preventive measures.

AFAC – CO SA 17.16. Methodology for threat assessment and risk management in civil aviation security for airport concessionaires and permit holders in Mexico, as established in PNSAC.

Organizational Risk Management Manual – ANAC (Brazil). Applies the principles of ISO 31000 in the context of organizational processes linked to civil aviation, incorporating governance, three lines of defense, and structured risk categorization.

Strategic benefits for operators and airports

The AVSEC Module provides tangible results that strengthen institutional and operational management of civil aviation security:

OPERATIONAL EFFICIENCY

Automation of matrices, criteria, and risk reports;
Reduction of time in analysis, review, and documentation;
Intelligent prioritization of preventive measures and applied controls.

ENHANCED SECURITY

Early vision of threats and hazards;
Greater consistency between risk assessments and security policies;
Integration of international standards and local regulations.

GOVERNANCE AND COMPLIANCE

Clear evidence for inspections and audits;
Complete traceability in decisions and actions;
Reduction of exposure to regulatory non-compliance.

INSTITUTIONAL REPUTATION

Proactive demonstration of commitment to security;
Strengthening of image before authorities, clients, and partners;
Contribution to a risk-oriented organizational culture;
Risk managed with intelligence becomes a competitive advantage and sustainable trust.

Differentials of the t-Risk Platform

Developed based on decades of experience in regulated risk management, the t-Risk Platform positions itself as a robust, intelligent, and adaptable solution for the aeronautical sector.

APPLIED INTELLIGENCE

AI engine to support risk analysis and suggest controls;
Smart dashboards for prioritization, visualization, and decision making;
Interoperable modules that communicate integrally.

SECURITY AND COMPLIANCE

Cloud infrastructure with high data protection level;
Auditable architecture according to ISO standards and authorities’ requirements in each country;
Automated registration of traceability and changes.

MULTILINGUAL AND MULTIREGIONAL SCOPE

Available in Spanish, Portuguese, and English;
Adaptable to regulatory contexts of different countries;
Specialized technical support and personalized service.

USER EXPERIENCE

Modern and friendly interface;
Remote access, 100% web, no installation required;
Constant and evolutionary updates without data loss;
A platform developed by risk specialists, for professionals demanding precision, trust, and results.

Towards safer, smarter, and more resilient aviation

Civil aviation security cannot be left to chance. In an environment marked by strict regulations, dynamic threats, and complex operations, managing risks with method, technology, and strategic vision has become essential.

The AVSEC Module of the t-Risk Platform is a solution developed for those who lead responsibly:

Assess and mitigate risks with regulatory support;
Demonstrate compliance with clear and auditable evidence;
Transform data into decisions, threats into actions, and risks into resilience.

Imagem ilustrativa de um avião estacionado na linha amarela da pista do aeroporto