Ship

Security
Assessment
Aim

To discuss the requirements of the ISPS

Code in respect of the Ship Security
Assessment (SSA).
Objective

By the end of the module delegates will

be able to describe:

• Assessment Methodology.
• Assessment Tools.
• An On Scene Survey.
• Assessment Documentation
Ship Security Assessment
Part A Para 8

• Essential and integral part.

• Persons with appropriate skills (may be RSO).
• Must include an on scene survey.
• Existing security measures.
• Key shipboard operations.
• Threats.
• Weaknesses.
• Must be documented and retained.
Responsibilities

CSO is responsible for ensuring the SSA is

carried out (Part B Para 8.1).
CSO should ensure available information is
gathered (Part B Para 8.2).
• Vessel activity (threats at ports of call ).
• Previous reports.
• Meet appropriate persons.
• Specific guidance.
Actions by the CSO

• Establish contact with Port Facility to be visited.

• Identify current status of PF compliance programme.
• Identify areas where co-ordination is appropriate.
• Agree interface procedures (use the Declaration of
Security as a model?).
• Process will assist in SSA and SSP preparation.
• Document the process – use evidence of due
diligence.
SSA should address:
Part B Para 8.3

• Physical security.
• Structural integrity.
• Personnel protection systems.
• Procedural policies.
• Radio and telecommunication systems
including computers.
• Other areas that pose a risk.
Those involved in SSA
Part B Para 8.4

Should be able to draw on expert

assistance in relation to:
• KNOWLEDGE OF CURRENT SECURITY THREATS.
• RECOGNITION AND DETECTION OF WEAPONS.
• RECOGNITION OF PERSONS WHO ARE LIKELY TO THREATEN
SECURITY.
• TECHNIQUES USED TO CIRCUMVENT SECURITY MEASURES.
• METHODS USED TO CAUSE A SECURITY INCIDENT.
• EFFECTS OF EXPLOSIVES.
• SHIP SECURITY.
Information Required
Part B Para 8.5

CSO should obtain and record the

information required to conduct the SSA.
Areas of interest

• Access points (Part B Para 8.6).

• Existing security measures (Part B Para 8.7).
• People and operations (Part B Para 8.8).
• Threats (Part B Para 8.9).
• Vulnerabilities (Part B Para 8.10).
Existing Security Measures
Part B Para 8.7

• Existing security measures.

• Determine security guidance.
• Restricted areas.
• Response procedures:
• Level of supervision.
• Security patrols.
• Access control.
• Security communications.
• Security equipment (doors etc).
People and Operations
Part B Para 8.8

• People.
• Safe navigation and emergency
• Response.
• Cargo.
• Stores.
• Security communications.
• Security surveillance
• Equipment.
Threats
Part B Para 8.9

• Damage or Destruction.
• Hijacking or seizure.
• Tampering.
• Unauthorized access.
• Smuggling weapons or equipment.
• Use of the ship to carry.
• Use of the ship as a weapon.
• Attacks at berth.
• Attacks at sea.
Vulnerabilities
Part B Para 8.10

Conflicts between:

• Safety and security.

• Shipboard duties and security assignments.
• Watch-keeping duties & number of ship’s personnel.
• Crew fatigue.
• Security training deficiencies.
• Security equipment and systems, including
communications.
Completion of the SSA
Part B Para’s 8.12-8.13

Report showing:
• How the assessment was conducted.
• Description of each vulnerability.
• Description of counter measures.
• Protected from unauthorised access or
disclosure.
• Reviewed and accepted by the CSO.
On-scene Security Survey
Part B Para 8.14

Evaluate existing shipboard measures:

• Ship security duties.
• Monitoring restricted areas.
• Access control.
• Monitoring the of ship.
• Controlling embarkation.
• Handling of cargo.
• Delivery of ship’s stores.
• Ship security communication, information, and
equipment.
Access Control Example
Part B Para 8.6
How Many legitimate Access Points?
• Ladders, Gangways, Ramps, Shell Doors, etc = 1
x Gangway.
How Many potential illegitimate Access
Points?
• Mooring Lines, scuttles, windows, low freeboard,
cranes and hoisting gear, etc = 2 x Mooring lines,
1 x Anchor chain.
Access Control Example
Part B Para 8.6

How Many Access Points currently

monitored?
• By Who?
• How?
Answer: 1 x man visually monitors
gangway from the bridge.
Access Control Example
Part B Para 8.6

How is the ship going to monitor access at

each Security Level?
• Level 1 – Raise or control gangway,
monitor rest of ship and area around.
• Level 2 – Double gangway guard,
patrol rest of ship.
• Level 3 – Raise gangway, double
patrol.
Access Control Example
Part B Para 8.6
Manpower
• Level 1 = 1 x Guard/Patrol.
= 1 per Watch x 2 Watches = 2 per 24 hours.
• Level 2 = 2 x Guard, 1 x Patrol.
= 3 per Watch x 2 Watches = 6 per 24 hours.
• Level 3 = 2 x 2 x Patrols.
= 4 per Watch x 2 Watches = 8 per 24 hours.
Manning
• 2 x man, indefinite.
• 6 x man, 24/48 hours Maximum.
• 8 x man, 4 x Men for 12 hours Maximum.
Alternatives

“But I can only spare one man!”

• Reduce number of access points.

• Raise gangway at night or when not in use.
• Cage off hawse pipes, mooring lines.
• Use CCTV to monitor ship.
• Use security systems to monitor ship.
Alternatives

“But I can only spare one man!”

• Port Facility provides access control at gate.

• Declaration of Security.
• Contract Security.
• Use Ships Agent.
Alternatives

“But I can only spare one man!”

LEAVE PORT
The SSA Process
(Based on the NSO Guide)

• Identify Motives.
• Identify critical operations, people.
• Identify existing security measures.
• Identify scenarios.
• Assess likelihood and consequences.
• Develop a survey checklist.
• Carry out survey.
• Identify needs.
• Write Ship Security Plan.
Step One
Potential Threats
External factors:
• Political.
• Economic.
• Fear.
• Symbolic.
• Regional.
• Other.
Step Two:
Key Shipboard Operations
• Access to the ship.
• Safe navigation.
• Cargo handling.
• Ships stores handling.
• Security monitoring.
• Emergency response.
• Bunkering.
Step Three:
Existing Security Measures

Desktop assessment.
Use your key shipboard operations list to
identify existing security measures.
Step Four:
Threat Scenarios

• Identify relevant threats to the ship.

• Use at least the 9 threats in the code.
• If motives do exist, address in detail.
• Prioritise threats.

Anything is possible, but is it probable!

Step Four:
Example Threat Table
Hijack or Damage or Plants Explosive
destroy the ship - Device
take explosives
control of Damage or •Takes control and
ship and…. destroy the ship – runs aground
malicious act •Open Valves
Create Pollution •Release toxic
Incident cargo
•Override
interlocks
Take Hostages •Demands
Ransom
•Kill all Hostages
Consequence Assessment

• Evaluated each scenario in terms of the

potential consequences of the attack.
• Three elements that could be included in the
consequence assessment:

• Death and injury.

• Economic.
• Environmental impact.
Consequence Score
Assign a rating of:
CATASTROPHIC: numerous loss of lives or injuries,
major national or long term economic impact, complete
destruction of aspects of the eco-system over a large
area= 3.
SIGNIFICANT: multiple loss of life or injuries, major
regional economic impact, long-term damage to a
portion of the eco-system=2.
MODERATE = little or no loss of life, minimal
economic impact, or some environmental damage =1.
Vulnerability Assessment

Each scenario should be evaluated in terms of the

vessel’s vulnerability to an attack.
Two elements of the vulnerability score are:
• Accessibility.
• Elements.
(Elements may be addressed for each scenario).
Vulnerability Assessment

Accessibility
• Accessibility of the vessel to the attack
scenario.
• Physical and geographic barriers that
• Deter the threat without organic security.
Organic security
• The ability to deter the attack. Includes
security plans, communication capabilities,
guard force, intrusion detection systems and
outside law enforcement.
Vulnerability Score
Category Accessibility Organic
Security
3 No deterrence No deterrence
capability

2 Good Deterrence Good Deterrence

Capability

1 Excellent Excellent
Deterrence Deterrence
Capability
MITIGATION

You should next determine which scenarios

might have mitigation strategies (protective
Measures) implemented.

This is accomplished by determining where

the scenario falls based on the consequence
And vulnerability assessment results.
Vulnerability & Consequence
Matrix
Vulnerability Score
2 3-4 5-6
3 Consider Mitigate Mitigate
CONSEQUENCE
Score
2 Document Consider Mitigate

1 Document Document Consider

Mitigation Determination
Worksheet

Step 1 Step 2 Step 3 Step 4

Scenario Consequence Score Vulnerability Mitigation
(Table 2) Score (Table 3) Results
Accessi Organic Total (Table 4)
bility Security Score

Death Economic Environment Mitigate

1. Consider
Document
2.
Step Six:
On Scene Survey Checklist

• Build your own checklist.

• Use generic checklist as guide.
• Identify operations, areas, systems etc.
• Add Security Measures and gaps.
• Identify additional areas from your own
experience.
Step Seven:
On Scene Survey
Carry out survey using your own
checklist to Identify weaknesses:

• Conflict between safety and security.

• Manpower issues.
• Manning constraints.
• Training deficiencies.
• Poor security equipment.
Step Eight:
Identification of Weaknesses

Security improvements listed.

Proposals for remedial action.

Summary:
SSA Flow Chart
TAKE ADVANTAGE
OF INFORMATION
ADDRESS Physical SECURITY

OBTAIN & RECORD

INFORMATION REQUIRED

CONSIDER WHAT TO PROTECT

Summary:
SSA Flow Chart

CONSIDER ALL THREATS

TAKE INTO ACCOUNT
VULNERABILITIES

CARRY OUT ‘ON SCENE’ SURVEY

PRODUCE
SHIP SECURITY ASSESSMENT
 STAGE 4. FORMALITY
s
STAGE 3. CREDIBILITY

s
STAGE 2. TECHNICALITY

A
STAGE 1. PRACTICALITY
Any Questions ?