CAAM Aviation Reporting System - CAReS

Aviation Security (AVSEC) Incident Report

Reporting of security occurrences by individuals, entities and organizations in the aviation system is necessary to collect information that may be analyzed by CAAM for security incidents, or preparatory acts of unlawful interference

AVSEC Incident Report

Submit a report as private individual. Report can also be submitted on behalf of an individual for anonymity.

Security Occurrences and Security Incidents

Events and activities that appear to be abnormal, unusual, strange, etc. should be reported internally or directly to through this channel by any person. This is the example of a witness informing airport staff or the police about the piece of luggage left unaccompanied in public area. This could also be the case of an access door kept open when it should be securely closed. If that observation, impression, feeling, or activity is not reported, then it is lost even if it could have been a good indicator or precursor for security analysts.

Security incidents are security occurrences reported by staff, crew, ground personnel, subcontractors, media, the public and/or passengers that are analyzed by a security subject matter expert, for example the security official or manager of the entity who received report, or the authorities in case of direct reporting. A security incident is potentially threatening and could lead to harming the public, staff, and/or crew, to disruption of service, to loss of reputation, and should always be taken seriously.



Security Occurrence:

Any security-related event that may result in a reduced security outcome, may increase the operational risks or endangers the safety of passengers, crew, ground personnel and the general public, or is a potential compliance breach. This includes the identification or observation of a vulnerability in the protection of civil aviation against acts of unlawful interference.

Security Incident:

A designation given to a security occurrence which affects or could affect the safety of passengers, crew, ground personnel and the general public. Security incidents are designated by a security official or manager to a reported security occurrence based on an analysis of the occurrence and a determination that additional action is required. A security incident may also result in an act of unlawful interference that would require additional reporting to ICAO (Annex 17 Standard 5.3.2 and Appendix 42 to the ICAO Aviation Security Manual refer).

Accidents, serious incidents and occurrences in civil aviation in the Malaysian territory must be reported in accordance with Civil Aviation (Security) Regulation 2019, Annex 17 and National Civil Aviation Security Programme (NCASP).

Reporting of security occurrences by individuals, entities and organizations in the aviation system is necessary to collect information that will be analyzed by AVSEC CAAM for security incidents, or preparatory acts of unlawful interference, leading to:

a) identifying threats and vulnerabilities in the aviation security system;

b) informing the entity to update their risk assessment and changes thereto;

c) informing location specific and national risk assessment and changes thereto;

d) monitoring of trends and patterns in aviation security;

e) analyzing root causes and causal/contributing factors of security occurrences or incidents;

f) reinforcing relevant information sharing between authorities and industry stakeholders for enhancing respective risk assessments; and

g) bolstering the security culture among all aviation stakeholders.


This reporting platform has been structured and harmonized with processes developed and/or required by CAAM and clearly defined in the National Civil Aviation Security Programmes (NCASP). This is to ensure practical and timely reporting to the relevant authorities, taking into account protection of sensitive aviation security information.

In order to encourage the open and transparent reporting of security occurrences from all entities, it is vital that CAAM will not issuing findings and taking other regulatory action until after official oversight activities are completed (i.e. investigation and analysis).

Global harmonization of aviation security reporting processes could improve consistency for industry stakeholders in submitting reports to different national authorities. Harmonization could also create opportunities for sub-regional, regional and international analysis of security incidents based on interlinked taxonomies.

a) All aviation-related company agencies and/or person (staff, crew, ground personnel, etc.) who is approved or certified by CAAM to carry out responsibilities and performs a function concerning aviation security at the airport, cargo, mail and catering and aircraft, in Malaysia; and

b) Public and/or passengers who witnesses or receives information that indicates the committal of an act of unlawful interference.

However, CAAM encourages the use of company reporting systems, with a responsible person(s) within the organisation being nominated to receive all reports and to establish which reports meet the desired criteria for an occurrence report to CAAM.

Individuals may submit an occurrence report directly to CAAM, but in the interest of flight security they are strongly advised also to notify their employers, preferably by a copy of the report, unless confidentiality is considered essential. 

Occurrence reports are treated confidentiality to maintain full and free reporting and protect the identity of the individual and/or organization.


Welcome to occ2m

Voluntary  Occurrence Report (VOR)

Voluntary Occurrence Reports (VORs) are classed as:

  • Occurrences not captured by the mandatory reporting system
  • Other safety related information which is perceived by the reporter as an actual or potential hazard to aviation safety