The final rules will be implemented through the Indirect Air Carrier Standard Security Program (IACSSP), which is available for TSA certified IAC's on the TSA's Indirect Air Carrier Management System. That can be accessed here: https://extranet.tsa.dot.gov/iac/

We have highlighted some of the relevant provisions, you can click here to read the final Air Cargo Rule in full.

• Enhance security requirements for IAC's Currently, all IACs are required to maintain a program known as IACSSP - this rule will expand the definition of IAC to include businesses engaged in the indirect transport of cargo on larger commercial aircraft, regardless of whether the operation is conducted on a passenger aircraft or all-cargo aircraft. TSA will vet IACs more thoroughly via a centralized system for validation, strengthen a requirement for periodic recertification, and increased requirements for accepting and processing cargo. Upon implementation of this rule, all IACs will be required to use the system to obtain approval and recertification. This system will be used to notify TSA of any business changes and to renew IAC status.

  In addition to this, a comprehensive training system will be put in place for IACs. This covers procedures for accepting, accessing and handling cargo, as well as record keeping, acceptance and maintenance of SSI -- these training materials should be available to IACs shortly after rules are implemented. If IACs do not already have a Security Coordinator, the rules will require the appointment of an individual. They will implement the security program and be the point of contact with TSA.

• Require security threat assessments for individuals with unescorted access to cargo: Requires background checks (defined as checks of existing intelligence-based records and databases to ensure any person posing a threat does not have access to cargo) for all employees that have unescorted access to cargo. This changes the current rule which requires only individuals working aviation to submit to a criminal background check. While TSA recognizes the number of people who have access to cargo is large and is therefore limiting the Security Threat Assessment program described above, this is nonetheless a substantial burden on IACs. Operators must submit name, date, place of birth, SSN and a description of measures taken to verify the identity. There is also a fee structure attached to this standardized background check process -- the final rule will assign that cost per person and determine the funding structure for IAC and other operating entities.
• Codify cargo screening requirements: This authorizes TSA to require operators to inspect a portion of air cargo, including that offered by known shippers.
• Codify and further strengthen the Known Shipper program: The improvements to Known Shipper are extensive -- TSA will centralize and automate the vetting of applicants by proposing all IACs, shippers and carriers be required to submit an electronic application to TSA for vetting against terrorist and law enforcement data. When TSA requires, carriers can submit data electronically into the secure database, ensuring up-to-date, accurate information.
• Require aircraft operators under a full or all-cargo program to accept cargo only from an entity with a comparable security program or directly from the shipper.