AAR, ASLRRA to TSA: CRM Regulations ‘Not Necessary’
The Association of American Railroads (AAR) and the American Short Line and Regional Railroad Association (ASLRRA) “believe regulation is not required, particularly considering the extensive efforts of the industry to mitigate risk, and the ongoing implementation of Security Directives (SDs) by industry,” the two associations wrote to the Transportation Security Administration (TSA) on Feb. 1 as part of their submitted comments concerning the agency’s advance notice of proposed rulemaking (ANPRM) focused on cyber risk management (CRM) in the pipeline and rail sectors.