SafetyISPS

Security
Code ISPS
- Elements
Code – Elements
Health Environment
ISPS Code – Elements
After the world trade center attacks on 9/11, a strategy was developed to monitor and
track vessels, to ensure the security of vessels and ports, to verify the identity of seafarers
and to secure containerized cargo. The strategy was adopted at the IMO Maritime Safety
Committee meeting in December 2002.

A series of amendments to the 1974 SOLAS Convention was adopted including changes in
existing SOLAS Chapter XI (Special measures to enhance maritime safety). Chapter XI-2
enshrines the International Ship and Port Facilities Security Code (ISPS Code) consisting of
part A and part B. Part A of the Code is mandatory and Part B contains guidance as to how
best to comply with the mandatory requirements.

Apart from IMO’s initiative a number of other mandatory national initiatives such as the
Marine Transportation Security Act 2002 and 33 Code of federal regulations sub-chapter H
were undertaken by the United States and are mandatory for vessels leaving, arriving and
passing through the United States. The United States also interprets part B of ISPS code as
a mandatory requirement for US bound-vessels.

The ISPS code applies to passenger ships and cargo ships of 500 gross tonnages and
upwards, including high speed craft, mobile offshore drilling units and port facilities serving
such ships engaged on international voyages.

The principal responsibility of the company under the ISPS code is to ensure that each
vessel it operates obtains an International Ship Security Certiicate (ISSC). This certiicate
is issued by the lag state administration of the vessel or by a recognized security
organization (RSO)such as the classiication society on the lag state’s behalf.

Other amendments to SOLAS

• Chapter V – Safety of navigation – AIS Installation (Automatic Identiication

System). The deadline for AIS installation was advanced from 2008 to 31st
December 2004.

• Chapter XI-1 – Special measures to enhance maritime safety

1
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment
Regulation XI-1/3 require ship’s identiication numbers to be permanently marked in a
visible place either on the ship’s hull or superstructure at the irst scheduled dry docking of
the ship after July 2004.

Regulation XI-1/5 requires ships to be issued with a Continuous Synopsis Record (CSR)
which is intended to provide an on-board record of the history of the ship. The CSR shall be
issued by the Administration and shall contain information such as the name of the ship and
of the state whose lag the ship is entitled to ly, the date on which the ship was registered
with that state, the ship’s identiication number, the port at which the ship is registered
and the name of the registered owner(s) and their registered address. Any changes shall
be recorded in the CSR so as to provide updated and current information together with the
history of the changes.

Functional requirements of ISPS Code:

• gathering and accessing information regarding security threats

• requiring ship and port security plans based upon security assessments

• requiring maintenance of communication protocol between the ship and port

• preventing unauthorized access to the ship and port facility

• preventing the introduction of unauthorized weapons, devices or explosives to ship

or port facility

• providing means for raising the alarm in reaction to security threats or incidents

• requiring training and drills to ensure familiarity with security plans and procedures

The ISPS Code outlines the following steps required for the issue of a ship
security certiicate:

• designating a company security oficer – CSO

• undertaking a ship security assessment (SSA), including an on-site survey for every
vessel

2
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment
• developing a lag state approved ship security plan (SSP) that references the ship’s
SSA and containing all the elements required by the code

• designating a ship security oficer (SSO)

• providing adequate training for the CSO, SSO and crew who are engaged in security
duties

• ensuring that drills and exercises are carried out

• ensuring that vessel is equipped as outlined in the SSP

• ensuring that all record keeping requirements are met as per the code

The matrix shown below will help comparison of the requirements under ISPS/SOLAS and
the US code of federal regulation 33 CFR 101-1-6

CONTRACTING GOVERNMENTS/
SOLAS ISPS-A ISPS–B
ADMINISTRATIONS

Obligations of Contracting Ch XI-2, Sec 1.22

Governments Reg 13

Responsibilities of Contracting Ch XI-2, Sec 4 Sec 1, 4

Governments Reg 3

Designated Authorities Ch XI-2, Sec 4.2

Reg 1.11

Recognized Security Organizations Ch XI-2,

Sec 4.3 101.500
(RSOs) Reg 1.16

Ch XI-2, Sec 1.8,

MARSEC Levels 101.200
Reg 3 4.8

Threats to Ships, other Incidents at Ch XI-2,

Sec 4.21
Sea Reg 7

3
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

Manning Level Sec 4.28

Compliance and Control Measures Sec 4.29 101.410

Ch XI-2, Sec 1.9,

Company and Ship Responsibility Sec 6 104.200, .220
Reg 5 6

Requirements for Ships and Ch XI-2,

Sec 7 Sec 7 104.200, .220
Companies Reg 4

Company Security Oficer Sec 11 Sec 11 104.210

AIS Ch V, Reg 19 Part 161

Ship Security Assessment Sec 8 Sec 8 104-Subpart C

Ship Security Plan Sec 9 Sec 9 104-Subpart D

Ship Security Oficer Sec 12 Sec 12 104.215

Training, Drills and Exercises Sec 13 Sec 13 104.230

Ch XI-2,
Pre-Arrival Notice Ch XI Sec 4.37 160.203
Reg 4, 9

Ch XI-1,
Ship ID
Reg 3

Ch XI-1,
Continuous Synopsis Record
Reg 5

Crew Appointment Sec 6.1

Fix Vessel Use

Signs Charter

Masters Discretion Ch XI-2,Reg 8 104.205

4
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment

Ship Security Alert System Ch XI-2,Reg 6 101.310

104.255,
Declaration of Security Sec 5 Sec 5
101.505

Records Sec 10 Sec 10 104.235

Veriication and Certiication of Ships Sec 19 Sec 19

US Vessel Security Requirements 104-Subpart B

Flag state and Port state responsibilities

• setting the applicable security level

• approving the Ship Security Plan and relevant amendments to a previously approved
plan

• verifying the compliance of ships with the provisions of SOLAS chapter XI-2 and part
A of the ISPS Code and issuing the International Ship Security Certiicate

• determining the security requirements of the port facilities, designating a Port Facility
Security Oficer (PFSO) and implementing measures as per the Port Facility Security
Plan

• exercising control and compliance measures

• communicating information to the International Maritime Organization (IMO) and to

the shipping and port industries.

Security levels (MARSEC levels)

In order to communicate the threat at a port facility or for a ship, the lag state or a port
state will set the appropriate security level. Security levels 1, 2, and 3 correspond to normal,
medium, and high threat situations, respectively. The security level creates a link between
the ship and the port facility, since it triggers the implementation of appropriate security
measures for the ship and for the port facility.

5
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment
Security level 1: normal, the level at which the ship or port facility normally operates. This
level is when there is a possibility of a threat against shipping (in general) and this security
level should always be maintained during normal working conditions.

Security level 2: heightened, the level applying for as long as there is a heightened risk
of a security incident. This is where ‘intelligence’ from a reliable source has been received
indicating that a threat against shipping or ports / terminals has been given to a respective
operating area or type of ship although no speciic target has been identiied.

Security level 3: exceptional, the level applying for the period of time when there is the
probable or imminent risk of a security incident. This security level indicates that a speciic
ship or port / terminal have been identiied and that the threat is highly probable. Security
levels may change from security level 1, through security level 2 to security level 3; it is also
possible that the security levels will change directly from security level 1 to security level 3.

Security levels may change from security level 1, through security level 2 to security level 3;
it is also possible that the security levels will change directly from security level 1 to security
level 3.

Some administrations have already advised their procedure for informing security level,
which should be incorporated into SSP accordingly. So far, many lag administrations have
decided to require record-keeping for the last ten port calls, or three or ive years, however,
there is an administration which requires seven years.

Company Responsibilities
• designating a company security oficer (CSO) and providing all support and resources
to fulill duties and responsibilities as CSO

• performing a documented ship security assessment (SSA) including on-scene security

survey for each individual ship

• designating a ship security oficer (SSO) for each individual ship

• developing a ship security plan (SSP) for each individual ship

6
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment
• ensuring that the SSP contains a statement emphasizing the master’s authority with
respect to ship security and ensuring that appropriate resources are provided for all
personnel concerned

• ensuring that the SSP together with the documented SSA is submitted to lag
administration for review and approval

• ensuring the implementation and maintenance of the SSP onboard by the CSO and
SSO

• ensuring that the training drills and exercises on ship security are carried out for all
relevant personnel

• ensuring that records of the activities addressed in the SSP are kept onboard

• ensuring that the declarations of security are completed, if required according to ISPS

• ensuring that the ship always acts on the security levels set and ensuring the
implementation of the security measures appropriate for these security levels

• ensuring that there is onboard veriication of the security system by lag state

• ensuring that a valid ISSC is issued and maintained onboard the ship after successful
completion of the veriication

• establishing a reporting and recording system for incidents and passing that
information to the authorities

• recognizing that additional security requirements may impose additional burdens on

masters and crews

• supporting the master in his authority to make independent security decisions and
asking for assistance where necessary.

Ship requirements
• conducting a Ship Security Assessment - SSA

7
 Safety Security
ISPS Code -ISPS
Elements
Code – Elements
Health Environment
• developing a Ship Security Plan - SSP

• undergoing periodic veriications and obtaining an international ship security

certiicate - ISSC

• company security oficer – CSO

• ship Security oficer – SSO

• onboard equipment – communication, ship security alert system etc

Since each ship (or class of ship) presents different risks, the method in which they will
meet the speciic requirements of this Code will be determined and eventually be approved
by the lag state administration.

Implementation process
For a new vessel, the initial implementation involves the following process.

Ship Security Assessment

Security Plan Development

Security Plan Approval

Security Plan Initial Veriication

International Ship Certiicate Issuance

Ship Security Assessment

The Ship Security Assessment (SSA) identiies the weaknesses that may lead to a security

8
 Safety Security
ISPS CodeISPS
- Elements
Code – Elements
Health Environment
breach and suggests options to eliminate or mitigate the risks identiied. The assessment
forms an essential and integral part of the process of developing and updating a ship
security plan.

The different stages of ship security assessment are:

Summary of ship security assessment

Stage 1

Identify possible threat motives and potential

security risks for the ship
Stage 2

Identify key shipboard operation that it is important

to protect

Identify possible threat scenario to key shipboard

Stage 3

operations and assess likelihood of those

occurrences
Stage 4

On-scene Security Survey

(A/8.4.4, B/8.5, B/8.14)

Identify possible threat scenario to key shipboard

Stage 5

operations and assess likelihood of those

occurrences

The ship security assessment ensures that the key ship board operations are assessed
for possible threat scenarios. The on-scene survey is conducted to examine and evaluate
existing vessel protective measures, procedures, and operations related to security.

Third parties may be used in any aspect of the SSA if they have the appropriate skills and if
the Company Security Oficer (CSO) reviews and accepts their work.

9
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment
The following background information is to be provided to the person carrying out the
assessment:

• general lay-out of the ship – potential point of access, cargo spaces, stores, spaces
which require restricted access

• list of ports or area in which the vessel operates

• emergency equipment

• number of personnel, security duties, training practices

• existing safety and security equipments

• any agreement with private security companies and exiting security measures and
procedures on board such as identiication system, alarms, lighting, communication
systems etc.

Example of different stages of the assessment:

First Stage: Identify possible threat motives and potential security risks for the
ship

Likelihood comments
Security risks Example
Unlikely Probable Likely

1. Political motives

1.1 Does it exist political Cargo (eg

(incl. religious, weapon parts,
ideological, ethnical, explosives,
nationalistic) motives radio active and
related to the ship (lag, trade area/port
owner, crew) or trade (eg Middle East,
(cargo, passengers, US)
trade area or port)?

10
Powered by TCPDF (www.tcpdf.org)
 Safety ISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

1.2 Does your ship trade in Countries

an area with unstable with elections,
political situation? demonstrations,
civil war, riots
(West Africa,
Middle East)

Add other relevant

questions:

2. Symbolic motives

2.1 Can your ship be used Well known

as a means to harm buildings,
symbolic structures? statues,
bridges, etc.
(Golden Gate,
bridge)

2.3 Can your ship be used Areas for

as means to harm tourism,
important environmental commercial
areas? exploitation
of nature (eg
ish farming,
beaches, coastal
cities, etc.)

2.4 Does your ship itself Ship carries

represent or carry a special cargo
symbolic value? (eg LNG),
support
operations

11
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

(eg military
supplies),
represent
wealth
(eg cruising).

2.5 Does the visibility or Because of

the proile of your ship, your policy
company or brand (exploitation of
represent a motive for labour, political
unlawful acts? attitudes), the
operations you
are involved
in (natural
resources,
weapons).

Add other relevant

questions:

3. Economical damages

3.1 Does your ship carry Plutonium,

special cargo? equipment
for mass
destruction

3.2 Is it likely that terror Smuggling

related smuggling takes of people /
place from ports your goods from
ship is visiting? Africa to Italy.
(intelligence)

12
 SafetyISPS
Security
Code -ISPS
Elements
Code – Elements
Health Environment

3.3 Is it likely that your Ethnical /

crew can take part in or religious
embrace terror related motives and
smuggling? common cause.

3.4 Is your ship trading in an See Annual

area known for piracy? Piracy Report

3.5 Does your ship, cargo Valuable ship,

or passengers represent cargo and
risk for hijacking? passengers
used for threats
and ransom
demands.

Add other relevant

questions:

4.0 Damage to Society/

Industry

4.1 Can your ship be used Block ports or

to damage important canal, collide
nodal points for trade or with bridges
commercial activity? or offshore
installations,
etc. (eg
Singapore
Strait)

4.2 Is the trade your ship Critical

represents critical to equipment
society? to industry
projects (e.g.
pipelines,
offshore

13
 Safety ISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

installations,
etc.), or for
industry
production
(gold, silver,
silicates, etc.)

4.3 Will an unlawful act Reduced market

against your ship or due to reduced
trade harm the state of trust (cruise,
the industry? passenger
transport, etc.)

Add other relevant

questions:

5. Fear & others

5.1 Can your ship be used Explosion,

as a means to escalate collision with
consequences and construction,
thus create fear in the ammonia
society? discharge, etc.
because of the
consequences
(numerous
fatalities of
passengers,
discharge of
radioactives,
etc.)

Add other relevant

questions:

14
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

Second Stage: Identiication & evaluation of key shipboard operations that it is important
to protect

Operations with related systems, areas Criticality Are security Existing

and personnel measures in measures,
place? procedures,
operations

Low High Low High

1. Access Control – personnel, passengers, visitors, etc.

1.1 Access ladders

1.2 Access gangways

1.3 Access ramps

1.4 Access doors, side scuttles, windows

and ports

1.5 Mooring ropes and anchor chains

1.6 Cranes and hosting gear

1.7 Access by ship side (freeboard)

1.8 Equipment and baggage brought

onboard

1.9 Unaccompanied baggage found

onboard

Add issues you ind relevant:

2. Restricted Areas on the Ship

2.1 Navigation bridge

2.2 Navigational means (radio, radar,

GPS, etc.)

15
 SafetyISPS
Security
Code -ISPS
Elements
Code – Elements
Health Environment

2.3 Machinery spaces, power supplies,

steering rooms

2.4 Control rooms

2.5 Galley/pantry

2.6 Ventilation and air conditioning

system

2.7 Spaces with access to potable water

tanks, pumps or manifold

2.8 Hull, ballast tanks

2.9 Rudder and propeller

Add issues you ind relevant:

3. Cargo Handling

3.1 Cargo access points (hatches, ports,

piping)

3.2 Cargo storage spaces (incl. access

points)

3.3 Spaces containing dangerous goods or

hazardous substances

3.4 Cargo handling equipment

Add issues you ind relevant:

4. Ship Stores Handling

4.1 Access points for delivery to ship

4.2 Storage spaces

4.3 Access points to storage spaces

Add issues you ind relevant:

16
 SafetyISPS
Security
Code -ISPS
Elements
Code – Elements
Health Environment

5. Security Monitoring

5.1 Lighting

5.2 Watch-out (voyage)

5.3 Security guards and deck watches,

including patrols

5.4 Automatic intrusion detection device

5.5 Surveillance monitoring

5.6 Security and surveillance equipment

spaces

Add issues you ind relevant:

6. Safety Operations

6.1 Life boats and life belts

6.2 Alarms, signals and marking

6.3 Evacuation routes

6.4 Fire ighting system

6.5 Add issues you ind relevant:

Third Stage & Fifth Stage: Identify possible threat scenario to key shipboard operations
and assess likelihood of those occurrences

Possible 5th
Relevant Likelihood 3rd stage
consequences stage
Yes No Mod High Extre Unlik Like Vul measu new
Possible threat
erate 2 me 3 ely 1 ly 2 ner res for vulne
scenarios
1 ability mitiga rabili
score tion ty
score

1. Damage to, or destruction of, the ship (bombing, arson, sabotage, vandalism)

17
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

1.1 Conceal 3rd 3rd

explosives
onboard,
trigger with 5rd 5rd
timer or
remote device

Bring 3rd 3rd

explosives
onboard,
suicidal/high 5rd 5rd
risk action

Place 3rd 3rd

explosives in
cargo, trigger
with timer or 5rd 5rd
remote device

Attach 3rd 3rd

explosives to
hull, trigger
with timer or 5rd 5rd
remote device

Open bow, 3rd 3rd

side or stern
ports, cargo
hatch to sink 5rd 5rd
or capsize

2. Tampering with cargo, essential ship equipment or systems or ship's store

18
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

Contaminate 3rd 3rd

drinking
water, food or
airconditioning 5rd 5rd

Contaminate 3rd 3rd

cargo

5rd 5rd

3. Unauthorized access or use including presence of stowaways

Stowaways 3rd 3rd
sneaking
onboard,
concealment 5rd 5rd
in cargo/
service or
storage spaces
(including
containers)
Boarding 3rd 3rd
ship at port
or during
voyage as 5rd 5rd
“passenger” or
“crew”
Boarding ship 3rd 3rd
at port or
during voyage
as “pilot”, 5rd 5rd
“supplier”,
“surveyor”,
fake castaway

19
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

4. Smuggling weapon or equipment, including weapons of mass destruction

Conceal 3rd 3rd

weapons/
equi pment
in cargo/ 5rd 5rd
service or
storage spaces
(including
containers)

4th Stage: On-scene Security Survey

Checklist for Initial Onscene Yes No Observation Countermeasures

Security Survey (including possible to be taken
vulnerabilities)

1. Access to the Ship

1.1 Does the SSP contain

security measures covering
the access to the ship?

1.2 Are access ladders

identiied and monitored?

1.3 Are access gangways

identiied and monitored?

1.4 Are access ramps identiied

and monitored?

1.5 Are access doors, side

scuttles, windows, hatches
and ports identiied and
monitored?

20
Powered by TCPDF (www.tcpdf.org)
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

1.6 Are mooring ropes and

anchor chains identiied
and monitored?

1.7 Are cranes and hoisting

gear identiied and
monitored?

1.8 Are other access points

identiied?

1.9 Are identity documents

of all persons seeking to
board the ship checked?

1.10 Are there procedures and

records available for how to
check this?

1.11 Are the reasons for the

people boarding the ship
conirmed by checking
joining instructions,
passenger tickets, boarding
passes, work orders etc?

1.12 Are the personal effects of

passengers controlled?

1.13 Is the embarkation of crew

controlled?

On-scene security survey examines and evaluates the existing shipboard protective
measures, procedures and operations for:

• ensuring the performance of all ship security duties

21
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

• monitoring restricted areas to ensure access only by authorized persons

• controlling access to the ship, including any identiication systems

• monitoring of deck area and area surrounding the ship

• controlling the embarkation of persons and their effects

• supervising the handling of cargo and delivery of the ship’s store

The report of the assessment identiies the remedial action that is needed to be
implemented based on the conclusion of the vulnerability assessment and on-scene security
survey and recommends the security measures that are to be included in the Ship Security
Plan (SSP). The completed SSA and SSA report are submitted together with the SSP for
approval by the lag state administration.

The SSA is reviewed and revalidated and the SSA report is updated each time the SSP is
submitted for approval.

Ship Security plan

Based on the report of the SSA, a ship security plan is developed which addresses the
vulnerabilities identiied in the vessel security assessment. The plan describes the security
measures for each security level (MARSEC level), identiies the CSO and SSO and the
communication links.

The SSP is developed to ensure the application of measures on board the ship that are
designed to protect persons on board, ship, cargo and ship’s stores from the risks of a
security incident.

The plan contains the following:

• measures to prevent unauthorized weapons, dangerous substances and devices

intended for use against persons, ships or ports from being taken on board

• identiication of the restricted areas and measures for the prevention of unauthorized
access

22
 SafetyISPS
Security
Code -ISPS
Elements
Code – Elements
Health Environment
• procedures for responding to security threats or breaches of security, including
provisions for maintaining critical operations of the ship or ship/port interface,
evacuating persons on board, and reporting on incidents

• procedures for responding to any security instructions from the administration

• duties of shipboard personnel assigned security responsibilities and of other

shipboard personnel on security aspects

• procedures for auditing the security activities, and for ensuring the inspection,
testing, calibration, and maintenance of any security equipment provided on board

• procedures for training, drills and exercises associated with the plan

• procedures for interfacing with port facility security activities

• procedures for the periodic review of the plan and for updating

• procedures, instructions and guidance on the use of the ship security alert system,
including the testing, activation, deactivation and resetting and to limit false alerts

• instructions indicating that the master has overriding authority and responsibility
to make decisions with respect to the safety and security of the ship and to request
assistance as may be necessary

The ship security plan should be audited as follows:

• annually, beginning no later than one year from the initial date of approval

• when there is a change in the company’s or vessel’s ownership or operator

• when there have been modiications to the vessel, including physical structure,
emergency response procedures, security measures, or operations. This audit can be
limited to those sections of the SSP affected by the vessel modiications.

Personnel conducting internal audits must:

• have knowledge of methods of conducting audits, and control and monitoring

techniques

23
 Safety Security
ISPS CodeISPS
- Elements
Code – Elements
Health Environment
• not have regularly assigned security duties

• be independent of any security measures being audited.

If the results of an audit require amendment to the SSP, the SSP should be submitted to
the lag state for review and approval along with the SSA.

Veriication and certiication for ships

The SSP along with the SSA is submitted to the lag state administration or the RSO for
the approval. On approval, the security measures are implemented, equipment itted and
training provided to the crew. A ship security oficer (SSO) is appointed on board and is
responsible for the implementation of the measures as per the ship security plan.

The lag state administration or RSO will verify that all measures as per SSP are
implemented, ship staff are able to demonstrate that they are able to carry out the security
related duties as per the plan. On successful veriication an International Ship Security
Certiicate (ISSC) is issued.

This certiicate is valid for a maximum of ive years, however, extensions can be granted in
the case where:

• renewal veriication has been completed but a new certiicate cannot be issued
or placed on board the ship before the expiry date of the existing certiicate. The
existing certiicate could then be extended for a maximum of ive months beyond
the expiry date

• a certiicate expires while a ship is in a port where veriication cannot be conducted.

The certiicate could be extended for a maximum of three months, but only to allow
the ship to complete its voyage to a port where it can be veriied

A certiicate issued to a ship engaged on short voyages that has not been previously
extended may be granted a period of grace of up to one month.

A certiicate may cease to be valid in any of the following cases:

• if the relevant veriications are not completed within the period speciied

24
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment

• if the certiicate is not properly endorsed

• when a ship owner assumes the responsibility for the operation of a ship not
previously operated by that ship owner

• when a ship is transferred to the lag of another State.

Interim International Ship Security Certiicate

Under the ISPS Code, an Interim International Ship Security Certiicate can be issued for:

• a ship without a certiicate, on delivery or prior to its entry or re-entry into service

• the transfer of a ship from the lag of a Contracting Government to the lag of
another Contracting Government

• the transfer of a ship to the lag of a Contracting Government from a State which is
not a Contracting Government

• when a ship owner assumes the responsibility for the operation of a ship not
previously operated by that ship owner

This certiicate will only be valid for a maximum of six months and cannot be extended.

Control and compliance measures under ISPS code

While the vessel is in a port of a foreign country, authorized oficials (eg USCG) or the
port state control oficers have the right to board the vessel and verify that the required
certiicates are in proper order. Then, if there are clear grounds to believe the ship does not
comply with the code, control measures such as additional inspections or detentions may
be taken. Expulsion of a ship from a port is also possible if there are clear grounds that the
ship is not in compliance with the Code.

Control measures like boarding may be implemented prior to the ship entering port, by
contracting governments to better ensure security or based on clear grounds for believing
that the ship does not comply with the Code.

25
 Safety Security
ISPS CodeISPS
- Elements
Code – Elements
Health Environment
Examples of Clear Grounds
The following are examples of clear grounds for a detailed inspection by a port state oficer:

• invalid ISSC or the Interim ISSC

• defective security equipment

• serious deiciency in documentation or arrangements required by chapter XI-2 and

part A of the ISPS Code

• a report or complaint containing reliable information indicating that the ship does not
comply with the requirements of chapter XI-2 or part A of the ISPS Code

• evidence or information that the ship has embarked persons, stores or goods at
a port or from another ship where either the port or the other ship is in violation
of chapter XI-2 or part A of the ISPS Code, and the ship has not completed a
Declaration of Security, nor taken appropriate, special or additional security
measures or has not maintained appropriate ship security procedures

• failure by the ship to provide information as requested by the port

• the security system and security equipment of the ship does not correspond with the
requirements of the code.

The SSP is a security sensitive document and is not subjected to inspection by Port
State Control (PSC) oficers. However, if there are clear grounds that the ship is not in
compliance, limited access to the speciic sections of the plan can be carried out with the
agreement of the ship’s master or of the administration.

The following table shows the provisions of plan which may be inspected by the port state

Provisions of Plan which may be inspected with consent of the lag state or of
the master of the ship

Provisions of Plan ISPS Code Reference

Prevention of introduction of non-authorized articles A/9.4.1
Prevention of unauthorized access to the ship A/9.4.3

26
 Safety Security
ISPS CodeISPS
- Elements
Code – Elements
Health Environment

Evacuation of the ship A/9.4.6

Auditing security activities A/9.4.8
Training, drills and exercises A/9.4.9
Interfacing with port facility security activities A/9.4.10
Review of ship security plan A/9.4.11
Reporting security incidents A/9.4.12
Identiication of the ship security oficer A/9.4.13
Identiication of the company security oficer A/9.4.14
Frequency of testing or calibration of security equipment A/9.4.16
Security of Ship Security Plan A/9.6
Security activities not covered by ISPS Code B/9.51

Provisions of plan which may be inspected only with the consent of the lag
state.

Provisions of Plan ISPS Code Reference

Restricted areas A/9.4.2

Responding to security threats or breaches of security, including
A/9.4.4
frequency of inspection data
Responding to any security instructions at security level 3 A/9.4.5
Duties of those assigned security responsibilities A/9.4.7
Procedures for maintenance of security equipment A/9.4.15

Ship security alert system A/9.4.17 and .18

According to the US coast guard NAVIC -06-2003, the initial threat assessment is itself not
suficient to maintain the ship in compliance with ISPS. The US Coast Guard has clearly
interpreted that the ISPS code assumes that an ongoing and dynamic threat assessment
component is well maintained and continuously updated. It will serve as the foundation for
the establishment of security levels onboard. The SSP is to be a “living” document and be
maintained accordingly.

27
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

The vessel is subject to boarding and inspection by the port state if the ship security
assessment is not updated to relect the current voyage and threats. Initial security
assessment only allows for the initial assessment before implementation of the code and
the SSP is prepared on that basis.

Threat situation can change based on recent civil/political activity, national threat
levels, security and safety issues - in particular ports, terminals, facilities etc. - and also
changes in sensitivities of cargoes, crews, types of ships, routings etc. Threat assessment
has to be updated every voyage and especially before entering US ports. The initial
threat assessment performed to obtain the ship ISPS certiicate is the foundation—new
information must be added continuously.

The CSO and the superintendent should provide the threat assessment information to the
ships, and responsible for seeing that the results of the threat assessment are appropriately
implemented.

If there is any failure of security equipment or systems, or suspension of a security

measure that compromises the ship’s ability to operate at security levels 1 to 3, it should
be reported immediately together with proposed remedial actions, to the lag state
administration or the RSO and the port facility the ship is using, or the authorities of any
coastal State that the ship intends to transit.

If there is any failure of security equipment or systems, or suspension of a security

measure that does not compromise the ship’s ability to operate at security levels 1 to 3, it
should be reported immediately to the lag state administration or the RSO. If required by
the administration, the details of the equivalent alternative security measures along with an
action plan specifying the timing of any repair or replacement is to be provided.

The Administration or the RSO may approve the alternative security measures being
taken and the action plan, require amendments to such measures, require additional or
alternative measures, speedier repair or replacement or take other appropriate action.

The International Ship Security Certiicate will be withdrawn or suspended if:

• the alternative security measures are not, in fact, in place; or

28
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

• a approved action plan has not been complied with.

As the superintendent, you should be aware of the possible cumulative effect of individual
failures or suspensions which could impair the ship’s ability to operate at different security
levels as required by the lag state administration or the port facility.

During the security veriication, the technical system speciied in the ship security plan will
be veriied 100% every time and the operational security measures will be veriied by a
sample audit.

Record Keeping
Records of the following activities addressed in the Ship Security Plan are to be maintained
on board:

• training, drills and exercises

• declaration of security

• security threats and security incidents

• breaches of security

• changes in security level ( at least 10 ports of call)

• any special or additional security measures taken by the vessel in any previous port
where it has concluded a ship/port interface

• communications relating to the direct security of the ship such as speciic threats to
the ship or to port facilities

• internal audits and reviews of security activities

• periodic reviews of the Ship Security Assessment and the Ship Security Plan

• implementation of any amendments to the plan

• maintenance, calibration and testing of any security equipment provided on board

including testing of the ship security alert system

29
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment
So far, many lag administrations have decided to require record-keeping for three or ive
years, however, there is an administration which requires seven years.

Drills and Exercises

As per the Code, shipboard personnel having speciic security duties should understand
their responsibilities and duties, and should have suficient knowledge and ability to
perform their assigned duties.

Security drills should be conducted at least once every three months. In a case where more
than 25% of the ship’s personnel has been changed, at any one time, with personnel that
have not previously participated in any drill on the ship within the last three months, a drill
should be conducted within one week of the change.

In case of the vessel out of service due to repairs or other reasons, then a drill must be
conducted within one week of reactivation. Security drills may be conducted in conjunction
with other non security drills.

Drills are to be conducted to test the individual elements of the security plan such as :

• damage to the ship or port facilities, by explosive devices, arson, sabotage or

vandalism

• hijacking or seizure of the ship or persons on board

• tampering with cargo, essential ship equipment or systems or ship stores

• unauthorized access and stowaways

• weapons or equipment smuggling

• use of the ship to cause a security incident

• use of the ship itself as a weapon or as a means to cause damage or destruction

• attacks from seaward whilst at berth or at anchor

• attacks whilst at sea.

30
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

Exercises should be conducted at least once each calendar year, with no more than 18
months between exercises. Exercises are full test of the security program including the
active participation of relevant company and vessel security personnel. It may also include
the facility security personnel and government authorities depending upon the scope and
natures of the exercises.

It may be full scale or live exercise or tabletop simulation or seminar. It can be also
combined with other appropriate exercises or can be a combination of a live exercise and
simulation exercise. Each exercise should test communication and notiication procedures,
and element of coordination, resource availability and response.

Vessels are required to maintain records of the date, list of participants and description
of the on-board training, drill or exercise conducted. Records will be reviewed by the port
state control oficer to ensure drills and exercises are taking place as required by the code.

During the inspection, the port state control oficer can ask for a security drill if there is
evidence or reliable information that the vessel has failed to meet drill requirements.

Port entry Requirements

Prior to entering a port or while in a port within the territorial waters, the vessel should
comply with the requirements for the security level set by the Government, if such security
level is higher than the security level set by the Flag State Administration for that vessel.
The vessel should be able to respond without undue delay to any change to a higher
security level.

Where a vessel is not complying with the requirements of the ISPS code, or cannot comply
with the requirements of the security level set by the lag state or the port state then the
superintendent should notify the appropriate competent authority prior to entering a port.

A port state may require the following information from a ship intending to enter the port
(regulation XI-2/9.2.1, chapter XI-2 of SOLAS):

• the vessel possesses a valid ISSC or a valid Interim ISSC. the name of its issuing
authority

31
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment
• the security level at which the ship is currently operating

• the security level at which the ship operated in the previous ten calls at ports

• any special or additional security measures that were taken by the ship in any
previous port eg declaration of security

• conirmation that appropriate ship security procedures were maintained during any
ship-to-ship activity during the vessel’s previous ten calls at ports eg ship to ship
transfer, rescue operation

• information contained in the continuous synopsis record

• location of the ship at the time the report is made

• expected time of arrival of the ship in port

• crew list

• general description of cargo aboard the ship

• passenger list

• information regarding who is responsible for appointing the crew members

• information regarding who is responsible for deciding the employment of the ship in
cases where the ship is employed under the terms of charter party(ies), who are the
parties to such charter party(ies)

Declaration of Security
Declaration of security means an agreement reached between a ship and either a port
facility or another ship with which it interfaces, specifying the security measures each will
implement. This declaration is to be completed by the master or the ship security oficer
and the port facility security oficer or by a shore–side security oficer on behalf of the port
facility

A ship can request completion of security when:

32
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment
• the ship is operating at a higher security level than the port facility or other ship

• there is an agreement on a declaration of security between governments

• there has been a security threat or security incident involving the ship or port facility

• the ship is at a port where there is no approved port facility plan

• the ship is conducting ship- to- ship transfer with a ship without approved security
plan

U.S. Code of Federal regulations requires cruise ships and cargo vessels carrying certain
dangerous cargo as speciied under the regulation, to complete declaration of security at
security level – 1.

Ship security alert system (SSAS)

The ship security alert system, when activated:

• initiates and transmits a ship-to-shore security alert to a competent authority

designated by the Administration and the company, identifying the ship, its location
and indicating that the security of the ship is under threat or has been compromised

• does not send the ship security alert to any other ships

• does not raise any alarm on-board the ship

• continues until deactivated and/or reset.

A ship security alert system is required for the following ships

• ships constructed on or after 1 July 2004, passenger ships, including high-speed

passenger craft, oil tankers, chemical tankers, gas carriers, bulk carriers and cargo
high speed craft, of 500 gross tonnage and upwards by July 2004

• other cargo ships of 500 gross tonnage and upward and mobile offshore drilling
units, not later than the irst survey of the radio installation after 1 July 2006.

33
 Safety ISPS
Security
CodeISPS
- Elements
Code – Elements
Health Environment

The system should be capable of being activated from the navigation bridge and in at least
one other location (master’s cabin). The existing radio installation on board may be used
for the alert system.

When the administration receives a ship security alert from the ship, the administration will
immediately notify the coastal states in the vicinity of which the ship is presently operating
to initiate measures.

Since the ship security alert is a covert alert, unlike a distress message which is an
overt alert, no attempt should be made to contact the ship originating the alert and no
communication to be made with the ships within the vicinity of the vessel under threat.

The CSO and the superintendent should liaise with the lag state administration and other
authorities (law enforcement agencies) to facilitate response measures.

In the view of the fact that a security incident may lead to a distress situation or a distress
situation may be followed by a security incident, the situation should be assessed to
determine and prioritize the response to be provided.

List of recipients of ship security alerts and other security related contact points in each lag
administration can be obtained from IMO’s global integrated security information system
(GISIS).

Company Security oficer (CSO)

The company security oficer is the person designated by the company for ensuring that
a ship security assessment is carried out, a ship security pan is developed, submitted for
approval, and thereafter implemented and maintained, and for liaison with port facility
security oficers and the ship security oficer.

Duties and Responsibilities of Company security oficer

• carrying out the initial Security Assessment for each ship

• developing and maintaining the Ship Security Plan for each ship, based on the ship
security assessment and to accurately relect the ship speciic information

34
 Safety Security
ISPS Code ISPS
- Elements
Code – Elements
Health Environment
• modifying the SSP to correct deiciencies and satisfy the security requirements of the
individual ship

• ensuring that any alternate or equivalent arrangements approved for a particular

ship or group of ships are implemented and maintained

• ensuring adequate security training for personnel responsible for the security of the
ship

• promoting security awareness and vigilance

• co-ordination and implementation of Security Plans with the SSO and relevant Port
Facility Security Oficers

• ensuring consistency between security requirements and safety requirements

• liaison with all the relevant external agencies in the industry, port authorities and
law enforcement

• arranging security inspections and independent annual audits

• implementation of all aspects of the Security Plan where deiciencies have been
identiied

• developing the Security Manual and acting as the sole authority for changes and
updates to develop the manual

• arranging annual exercises to conirm eficiency of the SSP

• arranging for initial and subsequent veriication of the ship

• arranging internal audits and reviews security activities

• implementing his authority to set security level, but not less than that set by the
Contracting Government

The CSO should have in his possession suficient documentation of the ship such as general
lay out, access points, restricted areas, emergency equipments, security devices etc to

35
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment

respond to any security incident that may arise.

Security Level and the CSO

The CSO is responsible for evaluating security risks to the ships in his leet and taking
relevant steps to ensure the risks are kept to a minimum. He is responsible for maintaining
and issuing a security level and when a higher security alert is implemented. He has pre-
planned route changes so that destinations can be altered at short notice. The CSO works
with the Ship Master and the Ship Security Oficer (SSO) to implement the necessary
security response for each security level or threat.

Contacting the company security oficer

The position of Company Security Oficer (CSO) is a 24-hour responsibility. However, the
CSO does not have to directly undertake all the duties and responsibilities of the CSO and
their delegation is acceptable. In most instances the direct point of contact between a ship
and its Company will be through the superintendent of the vessel, who, if not the actual
CSO, can alert the CSO or the person undertaking the duties of the CSO.

Ship Security Oficer

Ship security oficer means the person on board the ship, accountable to the master,
designated by the company as responsible for the security of the ship, including
implementation and maintenance of the ship security plan, and for liaison with the company
security oficer and port facility oficers.

There is no stipulation within the code as to who should be the SSO and, it is up to the
Company and the CSO to decide. However it should be noted that the responsibilities
detailed in the Code are such that only a senior oficer will have the experience and
authority on board to satisfactorily carry out the SSO’s duties. The Master has the
overriding authority under the Code and any SSO is answerable to the Master and the CSO.

Duties and Responsibilities of Ship security oficer

• undertake regular security inspections of the ship to ensure that appropriate security
measures are maintained

36
 SafetyISPS
Security
Code ISPS
- Elements
Code – Elements
Health Environment
• maintaining and supervising the implementation of the ship security plan, including
any amendments to the ship

• coordinating the security aspects of the handling of cargo and ship’s stores with
other shipboard personnel and with the relevant port facility security oficers

• proposing modiications to the ships security plan

• reporting to the company security oficer any deiciencies and non-conformities

identiied during internal audits, periodic reviews, security inspections and
veriications of compliance and implementing any corrective actions

• enhancing security awareness and vigilance on board

• ensuring that adequate training has been provided to shipboard personnel as

appropriate

• reporting all security incidents

• coordinating implementation of the ship security plan with the company security
oficer and the relevant port facility security oficer

• ensuring that security equipment is properly operated, tested, calibrated and

maintained.

37
Powered by TCPDF (www.tcpdf.org)