(1) For section 81(2)(b) of the Act, a rail transport operator's security management plan for railway operations must--
(a) include a list of the risks to safety of persons arising, or potentially arising, from a security incident; and
(b) include a description of the measures mentioned in section 81(2)(a) of the Act, including a description of--
(i) the policies and procedures, and the equipment and other physical resources, that will be used for implementing the measures; and
(ii) the training that will be provided for persons involved in implementing the measures; and
(c) if the rail transport operator shares a location, including, for example, a modal interchange or port, with another transport operator--include a description of any arrangements made with the other transport operator about protecting people from, or responding to, a security incident; and
(d) include procedures for recording, reporting and analysing security incidents that happen in relation to the railway operations; and
(e) identify, by name or title, the person responsible for each role or responsibility mentioned in the plan; and
(f) provide for how, in relation to security incidents, the operator is to liaise, share information, and operate jointly, with--
(i) emergency services; and
(ii) other transport operators who may be affected by the implementation of the plan; and
(g) provide for the evaluation, testing and, if necessary, revision of the measures, policies and procedures mentioned in the plan.
(2) In this section--
security incident means an incident of a type mentioned in section 81(2)(a) of the Act.