• There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

API SECURITY GUIDELINES : 2005

Withdrawn
Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

SECURITY GUIDELINES FOR THE PETROLEUM INDUSTRY
Withdrawn date

01-02-2024

Published date

01-04-2005

Executive Summary
1.0 Introduction
1.1 Scope and Objective
1.2 Organization of the Document
1.3 Underlying Basis of this Guidance
1.4 Other Guidelines and Security References
2.0 Overview of Terrorism and the Petroleum Industry
2.1 Background on Terrorism and Security
2.2 Threat to the Petroleum Industry
3.0 Threat Assessment
3.1 The Value of Threat Assessment
3.2 Threat Assessment Process
3.3 Security Alert Level Systems
      3.3.1 Introduction
      3.3.2 Department of Homeland Security Alert System (HSAS)
      3.3.3 U.S. Coast Guard Maritime Security Levels
      3.3.4 International Ship and Port Facility Security (ISPS)
             Alert Levels
4.0 The Security Management System Process
4.1 Initial Screening
4.2 Data Gathering
4.3 Initial SVA
4.4 Example Elements of a Security Plan
      4.4.1 Security Administration & Organization of the
             Facility
      4.4.2 Personnel Training
      4.4.3 Drills and Exercises
      4.4.4 Record and Documentation
      4.4.5 Response to Change in Alert Level
      4.4.6 Communications
      4.4.7 Security Systems and Equipment Maintenance
      4.4.8 Security Measures for Access Control, Including
             Designated Public Access Areas
      4.4.9 Protected/Controlled/Restricted Areas
      4.4.10 Security Measures for Monitoring
      4.4.11 Security Incident Procedures
      4.4.12 Audits and Security Plan Amendments
      4.4.13 Security Vulnerability Analysis (SVA) Report
5.0 Security Vulnerability Assessment (SVA) Concepts
5.1 Security Vulnerability Assessment Overview
5.2 Steps in the SVA Process
5.3 Estimating Risk Using SVA Methods
5.4 Definition of SVA Terms
      5.4.1 Risk Definition for SVA
      5.4.2 Consequences (C)
      5.4.3 Threat (T)
      5.4.4 Vulnerability (V)
      5.4.5 Target Attractiveness (A[T])
5.5 Characteristics of a Sound SVA Approach
5.6 First Step in the SVA Process
5.7 SVA Strength and Limitations
5.8 Recommended Times for Conducting and Reviewing the SVA
5.9 Risk Control and Mitigation
5.10 Risk Screening
6.0 Security Conditions and Potential Response Measures
6.1 Low Condition-Green
6.2 Guarded Condition-Blue
6.3 Elevated Condition-Yellow
6.4 High Condition-Orange
6.5 Severe Condition-Red
7.0 Information (Cyber) Security
7.1 Introduction
7.2 Specific Security Guidelines
      7.2.1 Security Policies, Standards and Procedures
      7.2.2 Security Awareness and Education
      7.2.3 Accountability and Ownership
      7.2.4 Data/Information Classification
      7.2.5 Security Vulnerability Assessments
      7.2.6 Physical and Environmental Security
      7.2.7 Access Controls and Identity Management
      7.2.8 Network Security
      7.2.9 Systems Development
      7.2.10 Change Control
      7.2.11 Viruses and other Malicious Code
      7.2.12 Intrusion Detection and Incident Management
      7.2.13 Business Continuity, Business Resumption and Disaster
             Recovery
      7.2.14 Regulatory Compliance
      7.2.15 Audit (Compliance and Assurance)
Appendix A Security Regulations Affecting the U.S. Petroleum
           Industry
Appendix B Glossary and Terms
Appendix C Communication of Security Intelligence
Appendix D References

Describes general guidance to owners and operators of U.S. domestic petroleum assets for effectively managing security risks and provide a reference of certain applicable Federal security laws and regulations that may impact petroleum operations.

DocumentType
Standard
ProductNote
This product is unavailable in Cuba, Iran, North Korea, Syria
PublisherName
American Petroleum Institute
Status
Withdrawn

NFPA 30 : 2018 FLAMMABLE AND COMBUSTIBLE LIQUIDS CODE
API 781 : 2016 FACILITY SECURITY PLAN METHODOLOGY FOR THE OIL AND NATURAL GAS INDUSTRIES
API 2221 : 2011 CONTRACTOR AND OWNER SAFETY PROGRAM IMPLEMENTATION
API 780 : 2013 SECURITY RISK ASSESSMENT METHODOLOGY FOR THE PETROLEUM AND PETROCHEMICAL INDUSTRIES
API 2220 : 2011 CONTRACTOR SAFETY PERFORMANCE PROCESS
API 2220 CHINESE : 2011 CONTRACTOR SAFETY PERFORMANCE PROCESS

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.