The views and opinions expressed here are solely those of the original author or contributor. These views and opinions do not necessarily represent those of the UK P&I Club.

OCIMF published the third edition of its Tanker Management and Self-Assessment guide (TMSA3) in April 2017. As of 1 January 2018, this will replace the TMSA2 and tanker owners will be required to follow the new self-assessment procedure. 

Well actually, yes. The latest TMSA version introduces an entirely new element - Maritime Security (element 13). The new element aims "to establish and maintain policies and procedures in order to respond to and mitigate identified security threats covering all company activities including cyber security."

In complying with the aim, security plans should be put in place, which also address cyber security risks, and should cover shored-based locations, vessels and personnel. 

Yes, resources are available and the best thing is they are free!

IET Standards in conjunction with the Department for Transport have created a comprehensive code of practice for cyber security onboard ships. This code follows on from previous work the Department for Transport has done on port cyber security.

Additionally, an industry working group (which included OCIMF) have created Guidelines on Cyber Security onboard Ships. 

Elements 6, 6A and 10 have all had revisions, with element 10 now incorporating the OCIMF Energy Efficiency and Fuel Management paper that had previously been a supplement to TMSA2. Additionally TMSA3 also has 19 more KPIs than TMSA2 showing the focus on continuous improvement.

• https://www.gov.uk/government/publications/ship-security-cyber-security-code-of-practice
• https://www.gov.uk/government/publications/ports-and-port-systems-cyber-security-code-of-practice
• http://www.ics-shipping.org/docs/default-source/resources/safety-security-and-operations/guidelines-on-cyber-security-onboard-ships.pdf?sfvrsn=16