ISPS CODE SB

INTERNATIONAL SHIP INTERNATIONAL SHIP AND PORT FACILITIES AND PORT FACILITIES

SECURITY (ISPS) SECURITY (ISPS) CODECODE

PROGRAMPROGRAM

• History and background

• Link to Solas

• The code and its-elements

• Implementation of the code

History and backgroundHistory and background

International shipping has since the early 90’s suffered increasingly heavy losses due to unlawful acts such as:

- terrorist acts;- increased piracy activity.- Port Facilities are vulnerable to terrorist acts if ships are used as base to launch an attack on the port.

Background

History and backgroundHistory and background• Security issues have been on the agenda for

several years, through IMO Res. A 584 and MSC circ. 443. However the requirements have not been included as requirements in SOLAS.

• The terrorist attacks on WTC renewed the focus and initiated a unified effort on enhancing the security for ships and port facilities against terrorist attacks.

History and backgroundHistory and background70 - 80‘ies - Piracy in S.E. Asia1985 - Achille Lauro, 1 person killed1995 - IMO Athens Convention2000 - USS Cole attack (small boat carrying a bomb)11.09.01 - WTCJan. 2002 - IMO start workSept. 2002 - Intersessional Meeting in IMOOct. 2002 - Terrorists attacked the French oil super-

tanker Limburg in Yemen.Nov. 2002 - Deadline for submission to MSC76Dec. 2002 - MSC 76 - IMO Diplomatic ConferenceJul 1,2004 - Deadline security certification by a RSO

History and backgroundHistory and background (cont.) (cont.)

February 2002

Intersessional

Working Group on

Ship Security

November 2001

Assembly

Resolution

May 2002

Maritime Safety

Committee (MSC 75)

Working Group

September 2002

Intersessional

Working Group on

Ship Security 2

December 2002

Maritime Safety

Committee (MSC 76)

Diplomatic Conference

This is the fastest implementation of any IMO legislation ever.

Link to SolasIMO Proposal - MSC 75/WP.7

The Code will be a standalone instrument, put in force by an amendment to SOLAS chapter XI.

The Code consist of Part A, Mandatory Requirements, and Part B, Recommended Guidance.

Link to Solas (cont.)(cont.)

IMO Proposal - MSC 75/WP.7

Objectives:

•Ensure maritime domain awareness•Ensure a secure maritime operating environment•Provide adequate response to security threats•Mitigate the consequences caused by breach of security


SOLAS XI-2

Part A, Mandatory Requirements (for ships):

Company Security Officer;Ship Security Officer;Ship Security Assessment;Ship Security Plan;International Ship Security Certificate.


Part B, Guidance to a number of items:

Responsibility of Contracting Government;Declaration of Security (DOS);Obligations of the Company (Owner);Ship Security Assessment and Plan;Training, Drills and Exercises;Recognised Security Organisation;The Certification Process.

What the Brief will cover:

Part 1: Overview of the ISPS Code

Part 2: Requirements to ships

Part 3: ISPS Code – Certification of ships

The code and its-elements

The code and its-elements (cont.)(cont.) Part 1: Overview of the ISPS Code

Purpose of the ISPS Code

The purpose of the ISPS Code is to establish an international framework of measures to enhance maritime security and through which ships and port facilities can co-operate to detect and deter acts which threaten security in the maritime transport sector.


Implementation of the Code

The ISPS Code was adopted by the Conference of Contracting Governments in London on 12 December 2002.The Conference decided that the Code (for ships) shall be fullyimplemented not later than 1 July 2004.

All ships shall then carry a valid International Ship Security Certificate (ISSC).

THE ISSC WILL BE A TICKET TO TRADE

The code and its-elements (cont.)(cont.)

Scope of the Code

Part 1: Overview of the ISPS Code

Port Facilities (The port facility is the facility where interaction between the ship and the port takes place);

The following ships in international trade:- Passenger ships (including HSC);- Cargo ships 500 tons+ (including HSC);- Mobile Offshore Units (MOU).

There will be over 56.000 vessels and 20.000 port facilities to be incorporated under the code.


Code Structure

The Code is an extension of the SOLAS 74 Code as amended:

•Ship Identification Numbers, •Ship Security Alert System, •Active (Long Range) Identification System•Continuous Synoptic Record in SOLAS XI-1;

Mandatory Requirements (Part A) and Recommended Guidance (Part B) in SOLAS XI-2


Part A : Mandatory Requirements

Mandatory requirements for ships:

Company Security Officer;Ship Security Officer;Ship Security Assessment;Ship Security Plan;International Ship Security Certificate.

Part A also defines the “Security Levels”.


Main items in Part A- General, Definitions;- Application and Responsibilities of Contracting Governments;- Declaration of Security;- Obligations of the Company;- Company Security Officer

- Ship SecurityShip Security Assessment;Ship Security Plan;Ship Security Officer;Training, Drills and Exercises;Verification and Certification including regulations for Interim Certification.


Part B: Guidance to Part APart B gives guidance to a number of items:Responsibility of Contracting Government;Declaration Of Security (DOS);Obligations of the Company (Owner);Ship Security Assessment and Plan;Training, Drills and Exercises;Recognised Security Organisation;The Certification Process.


Part B: Guidance to Part AAll relevant requirements given in part B of the ISPS is considered by DNV to be mandatory for the purpose of ship security certification.

The reason for this is that there are strong indications that the major port states will require that part B is fully complied with.

The code and its-elements (cont.)(cont.) Part 2: ISPS Code Requirements to Ships

Setting the Security Level

It is the responsibility of the Contracting Governments to set the Security Level within its area of authority, based on evaluation of:- threat information that is credible;- threat information that is corroborated;- threat information that is specific;- consequences of a security incident.

A ship is required to act accordingly.


Definition of Security Levels 1-2

Security Level 1 means the level for which minimum appropriate protective security measures shall be maintained at all times.

Security Level 2 means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of heightened risk of a security incident.


Definition of Security Level 3

Security Level 3 means the level for which further specific protective security measures shall be maintained for a limited period of time when a security incident is probable or imminent, although it may not be possible to identify the specific target.


Declaration Of Security (DoS)“Declaration of Security” (DoS) means a written record of the understanding reached between ship security officer and port facility security officer to indicate compliance with the security measures, required by the ISPS Code, for the ship/port interface.

The DoS shall address the security requirements that could be shared between a port facility and a ship (or between ships), and shall state the responsibility for each.

The main purpose of the DoS is to ensure agreement between ship and port facility or ship to ship.


Contracting Governments shall determine when a DoS is required by assessing the risk the ship/port interface or ship to ship activity poses to people, property and the environment.

The need for a DoS may be indicated by the Administration or by the ship as a result of the Ship Security Assessment (SSA).

Contracting Governments shall specify the minimum period DoS shall be kept valid in its territory or on board ships.

A ship can request completion of a DoS under specific circumstances.

Declaration Of Security (DoS)


Responsibilities of the Company

The Company shall ensure that the:

Master has the overriding authority and responsibility to make decision with respect to safety and security of the ship.

Company Security Officer (CSO), Master and Ship Security Officer (SSO) are given the necessary support to fulfil their duties and responsibilities under the ISPS Code.


The Company Security Officer

The Company shall designate a Company Security Officer (CSO).

A person designated as CSO may act as CSO for more than one ship.

A Company may, depending on the number or types of ships they operate, designate several persons as CSO provided it is clearly identified for which ship each person is responsible.


Responsibilities of the CSO- Advise the level of threats likely to be encountered by the ship;

- Ensuring that the Ship Security Assessment (SSA) is carried out (by a person with appropriate skills to evaluate the security of the ship);

- Ensuring that the Ship Security Plan (SSP) is developed, submitted and approved;

- Ensure that the SSP is correctly modified and updated;


- Arrange for internal audits and reviews of security activities;

- Arrange for verification of the ship (SSP);

- Ensure that deficiencies and non-compliance are corrected;

- Enhance security awareness and vigilance;

- Ensure adequate training for security personnel on board;

Responsibilities of the CSO


- Ensure effective communication and co-operation between Ship Security Officer and relevant port facility security officers;

- Ensure consistency between security requirements and safety requirements;

- Ensure that the plan for each ship reflects the ship-specific information accurately.

Responsibilities of the CSO


The Ship Security Officer (SSO)

The SSO is the person on board, accountable to the Master, designated by the Company as responsible for the security of the ship, including implementation and maintenance of the Ship Security Plan and for liaison with the Company Security Officer and Port Facility Security Officer.


Responsibilities of the SSO- To undertake regular security inspections of the ship to ensure that appropriate security measures are maintained;- Maintain and supervise implementation of the Ship Security Plan, including necessary updates and amendments;- Co-ordinate security aspects of handling of cargo and ship stores;- Propose modifications to SSP;- Enhance security awareness and vigilance on board;- Report all security incidents;


Responsibilities of the SSO

- Ensure adequate training of crew;- Report to CSO all deficiencies and non-conformities to SSP;- Co-ordinate implementation of the SSP with the CSO and relevant Port Facility Security Office;- Ensure that security equipment is properly operated, tested, calibrated and maintained.


The Ship Security Assessment (SSA)The SSA is a mandatory part of the certification process to obtain the Ship Security Certificate;The Company Security Officer shall ensure that the SSA is carried out by persons with appropriate skills (the CSO may not be necessarily the person undertaking the SSA; the Company should be able to consult experts) or by a Recognised Security Organisation (RSO);The SSA will form basis for the Ship Security Plan.

The SSA is not subject to approval, but an evaluation of the assessment will be carried out during the SSP review and approval.


The Ship Security Assessment (SSA)

The SSA shall cover at least the following:- Identification of existing security measures, procedures and operations;- Identification and evaluation of key ship board operations that it is important to protect;- Identification of weaknesses, including human factors in infrastructure,policies and procedures;


The Ship Security Assessment (SSA)

- Identification of possible threats to the key ship board operations and the likelihood of their occurrence (trading areas, cargo type etc.), in order to establish and prioritise security measures;- The SSA shall be documented, reviewed, accepted and retained by the Company.


The Ship Security Plan (SSP)

The SSP is a plan developed to ensure the application of measures designed to protect persons on board, cargo, cargo transport units, ship’s stores or the ship from the risk of a security incident.Each ship shall carry on board a SSP approved by the Administration (or a Recognised Security Organisation).



The Plan shall address:

- Measures to prevent weapons, dangerous substances and devices intended for use against people, ships or ports and the carriage of which is not authorised from being taken on board the ship;- Identification of restricted areas and measures to prevent unauthorised access;



- Measures for prevention of unauthorised access to the ship;- Procedures for responding to security threats or breaches of security, including provisions for maintaining critical operations of the ship or ship/port interface;- Procedures for responding to any security instructions Contracting Governments may give for security level 3;- Procedures for evacuation in case of security threats or breaches of security;



- Duties for ship board personnel assigned to security responsibilities and of other shipboard personnel on security aspects;- Procedures for auditing security activities;- Procedures for training, drills and exercises associated with the SSP;- Procedures for interfacing with port facility security activities;- Procedures for periodic review and updating of the SSP;


The Ship Security Plan (SSP)- Procedures to report security incidents;- Identification of Ship Security Officer;- Identification of CSO (24 hours);- Identification of locations where the Ship Security Alert System is located on board;- Procedures for testing, calibrating etc of security equipment on board.



The company should establish procedures to restrict thedistribution, disclosure, and availability of information contained in the SSP. Access to the SSP should be restricted to those persons with an operational need to know.

The SSP is not subject to inspection by officers authorised by contracting government.



The code requires that records of security activities shall be kept onboard.

Port States have limited access to the SSP and inspection of records is a means to verify compliance to the code.


Verification

The verification shall ensure:

- That the security system and any associated security equipment of the ship fully complies with the requirements of the Code;

- That it is in satisfactory condition and fit for the service for which the ship is intended.



Verification

The verification shall be based on:

- Verification that the Ship Security Plan is in accordance with the regulations of the ISPS Code;

- That security measures (procedures, installations etc.) described in the Ship Security Plan is fully and successfully implemented and maintained.



The Verification Process


The code and its-elements (cont.)(cont.) Part 3: ISPS Code – Certification of ships

Certification

The International Ship Security Certificate (ISSC) shall be issuedby:

- The Flag Administration for the ship, or;- A Recognised Security Organisation (RSO) duly authorised to act on behalf of that Flag Administration.

The Company is not subject to certification, but an efficient implementation of the security system onboard relies on company active participation in the process.


Recognised Security Organisation (RSO)

An RSO may provide assistance to Companies on Ship Securitymatters. This can include completion of a Ship Security Assessment or Plan.If an RSO has done so in respect to Ship Security Assessment or Plan, that RSO should not be authorised to approve that ShipSecurity Plan.


ISSC – Non-Conformities

There are no provisions for accepting non-conformities in the ISPS code.

All non-conformities detected shall be reported to Flag Administration.


ISSC – Preliminary Ship Security Plan Review

Preliminary Ship Security Plan Review (not mandatory) may be done when Company has performed Ship Security Assessment and is in the process of or have finished Ship Security Plan.

The Company’s security procedures should be in place.

The purpose of the preliminary review is to serve as a qualification process of the SSA and as an initial review of theShip Security Plan in order to ensure an efficient approval process.


ISSC – Ship Security Plan Approval

The SSP should clearly state criteria on which the SSA and theSSP is based.

All requirements in SOLAS Ch. XI-2 and ISPS Code part A mustbe complied with.

All relevant requirements given in ISPS Code part B is considered as mandatory for the Ship Security Certification.


ISSC – Ship Security Plan Approval

When the SSP is approved by DNV, it will be stamped, sealedand returned to Company for implementation on board.

If any non-conformities are identified, the SSP will be returned to Company for evaluation and corrective action.


ISSC – Shipboard ImplementationThe ISPS does not refer to a specific implementation period. However DNV suggest 3 months implementation. During this period at least one internal audit and one security drill should be performed and noted in the ship’s records.

When Company considers the SSP to be properly implementedon board the ship, a request for verification of implementation shall be issued to DNV.

Verification of on board implementation is expected to last 1–2 days (+), depending on ship type, complexity and size.


ISSC – Issuing the Certificate

When the implementation of the SSP on board is found to be tothe satisfaction of DNV, the International Ship Security Certificate will be issued.

The Certificate will be valid for 5 years, with at least oneintermediate survey between the 2nd and 3rd anniversary.

The code and its-elements (cont.)(cont.) Part 3 B: Training of Personnel

The ISPS Code A/13 and B/13 requires training to be provided on Ship Security for:

- Company Security Officers- Ships Security Officers and - Shipboard personnel

Competence requirements are not specific and not yet includedin the STCW Convention.

Implementation of the code

General 1:

• Planning the process

• Creation of internal expertise

• Preparation of documentation

• Internal Document Reviews


General 2:

- Implementation

- Internal audits(s)

- Initial RSO shipboard verification

- Post certification process• improvement• internal audits• RSO intermediate shipboard verification


Specific 1:

1. Prepare an overall planning

2. Basic security training for company senior

managers

3. Appoint Company Security Officer


Specific 2:

4. Train the Company Security Officer

5. Appoint Ship Security Officers

6. Train the Ship Security Officers


Specific 3:

7. Prepare Ship Security Assessments

- Ship specific

- Trade

- Ship type

8. Internal review of SSA’s


Specific 4:

9. Prepare Ship Security Plans

•Ship specific•SSA’s as a basis•ISPS code

10. Internal reviews of SSP’s


Specific 5:

11. Issue SSA and SSP for review/approval to RSO

12. Remarks (NCN’s/OBS’s) to be corrected

13. Final (approved) version of SSA and SSP


Specific 6:

14. Implement the plans on board

- Training

- Drills & exercises

15. Internal audit(s)

- NCN’s to be corrected

- OBS’s to be looked upon


Specific 7:

16. Request for initial verification to RSO

17. RSO to perform initial verification

18. RSO to issue certificate

- Validity 5 years

- Intermediate verification between 2nd /3rd year


Specific 8:

19. Train, drill and exercise, as per plan

20. Plan and perform internal audits

ISPS CODE SB

Documents

Transcript of ISPS CODE SB