The International Ship and Port Facility Security Code, 2002

In essence, the Code takes the approach that ensuring the security of ships and port facilities is basically a risk management activity and that to determine what security measures are appropriate, an assessment of the risks must be made in each particular case.

The purpose of the Code is to provide a standardized, consistent framework for evaluating risk, enabling governments to offset changes in threat with changes in vulnerability for ships and port facilities.

To begin the process, each Contracting Government will conduct port facility security assessments. Security assessments will have three essential components. First, they must identify and evaluate important assets and infrastructures that are critical to the port facility as well as those areas or structures that, if damaged, could cause significant loss of life or damage to the port facility's economy or environment. Then, the assessment must identify the actual threats to those critical assets and infrastructure in order to prioritise security measures. Finally, the assessment must address vulnerability of the port facility by identifying its weaknesses in physical security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, and other areas within a port facility that may be a likely target. Once this assessment has been completed, Contracting Government can accurately evaluate risk.

This risk management concept will be embodied in the Code through a number of minimum functional security requirements for ships and port facilities. For ships, these requirements will include:

· ship security plans

· ship security officers

· company security officers

· certain onboard equipment

For port facilities, the requirements will include:

· port facility security plans

· port facility security officers

· certain security equipment

In addition the requirements for ships and for port facilities include:

· monitoring and controlling access

· monitoring the activities of people and cargo

· ensuring security communications are readily available

Because each ship (or class of ship) and each port facility present different risks, the method in which they will meet the specific requirements of this Code will be determined and eventually be approved by the Administration or Contracting Government, as the case may be.

In order to communicate the threat at a port facility or for a ship, the Contracting Government will set the appropriate security level. Security levels 1, 2, and 3 correspond to normal, medium, and high threat situations, respectively. The security level creates a link between the ship and the port facility, since it triggers the implementation of appropriate security measures for the ship and for the port facility.

The preamble to the Code states that, as threat increases, the only logical counteraction is to reduce vulnerability. The Code provides several ways to reduce vulnerabilities. Ships will be subject to a system of survey, verification, certification, and control to ensure that their security measures are implemented. This system will be based on a considerably expanded control system as stipulated in the 1974 Convention for Safety of Life at Sea (SOLAS). Port facilities will also be required to report certain security related information to the Contracting Government concerned, which in turn will submit a list of approved port facility security plans, including location and contact details to IMO.

The Company and the Ship

Under the terms of the Code, shipping companies will be required to designate a Company Security Officer for the Company and a Ship Security Officer for each of its ships. The Company Security Officer's responsibilities include ensuring that a Ship Security Assessment is properly carried out, that Ship Security Plans are prepared and submitted for approval by (or on behalf of) the Administration and thereafter is placed on board each ship.

The Ship Security Plan should indicate the operational and physical security measures the ship itself should take to ensure it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the ship itself can take to move to and operate at security level 2 when instructed to do so. Furthermore, the plan should indicate the possible preparatory actions the ship could take to allow prompt response to instructions that may be issued to the ship at security level 3.

Ships will have to carry an International Ship Security Certificate indicating that they comply with the requirements of SOLAS chapter XI-2 and part A of the ISPS Code. When a ship is at a port or is proceeding to a port of Contracting Government, the Contracting Government has the right, under the provisions of regulation XI-2/9, to exercise various control and compliance measures with respect to that ship. The ship is subject to port State control inspections but such inspections will not normally extend to examination of the Ship Security Plan itself except in specific circumstances.

The ship may, also, be subject to additional control measures if the Contracting Government exercising the control and compliance measures has reason to believe that the security of the ship has, or the port facilities it has served have, been compromised.

The Port Facility

Each Contracting Government has to ensure completion of a Port Facility Security Assessment for each port facility within its territory that serves ships engaged on international voyages. The Port Facility Security Assessment is fundamentally a risk analysis of all aspects of a port facility's operation in order to determine which parts of it are more susceptible, and/or more likely, to be the subject of attack. Security risk is seen a function of the threat of an attack coupled with the vulnerability of the target and the consequences of an attack.

On completion of the analysis, it will be possible to produce an overall assessment of the level of risk. The Port Facility Security Assessment will help determine which port facilities are required to appoint a Port Facility Security Officer and prepare a Port Facility Security Plan. This plan should indicate the operational and physical security measures the port facility should take to ensure that it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the port facility can take to move to and operate at security level 2 when instructed to do so. It should also indicate the possible preparatory actions the port facility could take to allow prompt response to the instructions that may be issued at security level 3.

Ships using port facilities may be subject to port State control inspections and additional control measures. The relevant authorities may request the provision of information regarding the ship, its cargo, passengers and ship's personnel prior to the ship's entry into port. There may be circumstances in which entry into port could be denied.

Responsibilities of Contracting Governments

Contracting Governments have various responsibilities, including setting the applicable security level, approving the Ship Security Plan and relevant amendments to a previously approved plan, verifying the compliance of ships with the provisions of SOLAS chapter XI-2 and part A of the ISPS Code and issuing the International Ship Security Certificate, determining which port facilities located within their territory are required to designate a Port Facility Security Officer, ensuring completion and approval of the Port Facility Security Assessment and the Port Facility Security Plan and any subsequent amendments; and exercising control and compliance measures. It is also responsible for communicating information to the International Maritime Organization and to the shipping and port industries.

Contracting Governments can designate, or establish, Designated Authorities within Government to undertake their security duties and allow Recognised Security Organisations to carry out certain work with respect to port facilities, but the final decision on the acceptance and approval of this work should be given by the Contracting Government or the Designated Authority.

Amendments to SOLAS

The Conference adopted a series of Amendments to the 1974 SOLAS Convention, aimed at enhancing maritime security on board ships and at ship/port interface areas. Among other things, these amendments create a new SOLAS chapter dealing specifically with maritime security, which in turn contains the mandatory requirement for ships to comply with the ISPS Code.

Modifications to Chapter V (Safety of Navigation) contain a new timetable for the fitting of Automatic Information Systems (AIS). Ships, other than passenger ships and tankers, of 300 gross tonnage and upwards but less than 50,000 gross tonnage, will be required to fit AIS not later than the first safety equipment survey after 1 July 2004 or by 31 December 2004, whichever occurs earlier. Ships fitted with AIS shall maintain AIS in operation at all times except where international agreements, rules or standards provide for the protection of navigational information."

The existing SOLAS Chapter XI (Special measures to enhance maritime safety) has been re-numbered as Chapter XI-1. Regulation XI-1/3 is modified to require ships' identification numbers to be permanently marked in a visible place either on the ship's hull or superstructure. Passenger ships should carry the marking on a horizontal surface visible from the air. Ships should also be marked with their ID numbers internally.

And a new regulation XI-1/5 requires ships to be issued with a Continuous Synopsis Record (CSR) which is intended to provide an on-board record of the history of the ship. The CSR shall be issued by the Administration and shall contain information such as the name of the ship and of the State whose flag the ship is entitled to fly, the date on which the ship was registered with that State, the ship's identification number, the port at which the ship is registered and the name of the registered owner(s) and their registered address. Any changes shall be recorded in the CSR so as to provide updated and current information together with the history of the changes.

New Chapter XI-2 (Special measures to enhance maritime security)www.imo.orgThe ISPS Code staus update:

Staff Author