ISPS Code

What is the ISPS Code?

The International Ship and Port Facility Security Code

In essence, the Code takes the approach that ensuring the security of ships and port facilities is basically a risk management activity and that to determine what security measures are appropriate, an assessment of the risks must be made in each particular case.

The purpose of the Code is to provide a standardized, consistent framework for evaluating risk, enabling governments to offset changes in threat with changes in vulnerability for ships and port facilities.

To begin the process, each Contracting Government will conduct port facility security assessments. Security assessments will have three essential components. First, they must identify and evaluate important assets and infrastructures that are critical to the port facility as well as those areas or structures that, if damaged, could cause significant loss of life or damage to the port facility's economy or environment. Then, the assessment must identify the actual threats to those critical assets and infrastructure in order to prioritize security measures. Finally, the assessment must address vulnerability of the port facility by identifying its weaknesses in physical security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, and other areas within a port facility that may be a likely target. Once this assessment has been completed, Contracting Government can accurately evaluate risk.

This risk management concept will be embodied in the Code through a number of minimum functional security requirements for ships and port facilities. For ships, these requirements will include:

· ship security plans
· ship security officers
· company security officers
· certain onboard equipment

For port facilities, the requirements will include:
· port facility security plans
· port facility security officers
· certain security equipment

In addition the requirements for ships and for port facilities include:
· monitoring and controlling access
· monitoring the activities of people and cargo
· ensuring security communications are readily available

Because each ship (or class of ship) and each port facility present different risks, the method in which they will meet the specific requirements of this Code will be determined and eventually be approved by the Administration or Contracting Government, as the case may be.

In order to communicate the threat at a port facility or for a ship, the Contracting Government will set the appropriate security level. Security levels 1, 2, and 3 correspond to normal, medium, and high threat situations, respectively. The security level creates a link between the ship and the port facility, since it triggers the implementation of appropriate security measures for the ship and for the port facility.

The preamble to the Code states that, as threat increases, the only logical counteraction is to reduce vulnerability. The Code provides several ways to reduce vulnerabilities. Ships will be subject to a system of survey, verification, certification, and control to ensure that their security measures are implemented. This system will be based on a considerably expanded control system as stipulated in the 1974 Convention for Safety of Life at Sea (SOLAS). Port facilities will also be required to report certain security related information to the Contracting Government concerned, which in turn will submit a list of approved port facility security plans, including location and contact details to IMO.

The Company and the Ship
Under the terms of the Code, shipping companies will be required to designate a Company Security Officer for the Company and a Ship Security Officer for each of its ships. The Company Security Officer's responsibilities include ensuring that a Ship Security Assessment is properly carried out, that Ship Security Plans are prepared and submitted for approval by (or on behalf of) the Administration and thereafter is placed on board each ship.

The Ship Security Plan should indicate the operational and physical security measures the ship itself should take to ensure it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the ship itself can take to move to and operate at security level 2 when instructed to do so. Furthermore, the plan should indicate the possible preparatory actions the ship could take to allow prompt response to instructions that may be issued to the ship at security level 3.

Ships will have to carry an International Ship Security Certificate indicating that they comply with the requirements of SOLAS chapter XI-2 and part A of the ISPS Code. When a ship is at a port or is proceeding to a port of Contracting Government, the Contracting Government has the right, under the provisions of regulation XI-2/9, to exercise various control and compliance measures with respect to that ship. The ship is subject to port State control inspections but such inspections will not normally extend to examination of the Ship Security Plan itself except in specific circumstances.

The ship may, also, be subject to additional control measures if the Contracting Government exercising the control and compliance measures has reason to believe that the security of the ship has, or the port facilities it has served have, been compromised.

The Port Facility
Each Contracting Government has to ensure completion of a Port Facility Security Assessment for each port facility within its territory that serves ships engaged on international voyages. The Port Facility Security Assessment is fundamentally a risk analysis of all aspects of a port facility's operation in order to determine which parts of it are more susceptible, and/or more likely, to be the subject of attack. Security risk is seen a function of the threat of an attack coupled with the vulnerability of the target and the consequences of an attack.

On completion of the analysis, it will be possible to produce an overall assessment of the level of risk. The Port Facility Security Assessment will help determine which port facilities are required to appoint a Port Facility Security Officer and prepare a Port Facility Security Plan. This plan should indicate the operational and physical security measures the port facility should take to ensure that it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the port facility can take to move to and operate at security level 2 when instructed to do so. It should also indicate the possible preparatory actions the port facility could take to allow prompt response to the instructions that may be issued at security level 3.

Ships using port facilities may be subject to port State control inspections and additional control measures. The relevant authorities may request the provision of information regarding the ship, its cargo, passengers and ship's personnel prior to the ship's entry into port. There may be circumstances in which entry into port could be denied.

Responsibilities of Contracting Governments
Contracting Governments have various responsibilities, including setting the applicable security level, approving the Ship Security Plan and relevant amendments to a previously approved plan, verifying the compliance of ships with the provisions of SOLAS chapter XI-2 and part A of the ISPS Code and issuing the International Ship Security Certificate, determining which port facilities located within their territory are required to designate a Port Facility Security Officer, ensuring completion and approval of the Port Facility Security Assessment and the Port Facility Security Plan and any subsequent amendments; and exercising control and compliance measures. It is also responsible for communicating information to the International Maritime Organization and to the shipping and port industries.

Contracting Governments can designate, or establish, Designated Authorities within Government to undertake their security duties and allow Recognized Security Organizations to carry out certain work with respect to port facilities, but the final decision on the acceptance and approval of this work should be given by the Contracting Government or the Designated Authority.

Amendments to SOLAS
The Conference adopted a series of Amendments to the 1974 SOLAS Convention, aimed at enhancing maritime security on board ships and at ship/port interface areas. Among other things, these amendments create a new SOLAS chapter dealing specifically with maritime security, which in turn contains the mandatory requirement for ships to comply with the ISPS Code.

Modifications to Chapter V (Safety of Navigation) contain a new timetable for the fitting of Automatic Information Systems (AIS). Ships, other than passenger ships and tankers, of 300 gross tonnage and upwards but less than 50,000 gross tonnage, will be required to fit AIS not later than the first safety equipment survey after 1 July 2004 or by 31 December 2004, whichever occurs earlier. Ships fitted with AIS shall maintain AIS in operation at all times except where international agreements, rules or standards provide for the protection of navigational information."

The existing SOLAS Chapter XI (Special measures to enhance maritime safety) has been re-numbered as Chapter XI-1. Regulation XI-1/3 is modified to require ships' identification numbers to be permanently marked in a visible place either on the ship's hull or superstructure. Passenger ships should carry the marking on a horizontal surface visible from the air. Ships should also be marked with their ID numbers internally.

And a new regulation XI-1/5 requires ships to be issued with a Continuous Synopsis Record (CSR) which is intended to provide an on-board record of the history of the ship. The CSR shall be issued by the Administration and shall contain information such as the name of the ship and of the State whose flag the ship is entitled to fly, the date on which the ship was registered with that State, the ship's identification number, the port at which the ship is registered and the name of the registered owner(s) and their registered address. Any changes shall be recorded in the CSR so as to provide updated and current information together with the history of the changes.

New Chapter XI-2 (Special measures to enhance maritime security)
A brand-new Chapter XI-2 (Special measures to enhance maritime security) is added after the renumbered Chapter XI-1.

This chapter applies to passenger ships and cargo ships of 500 gross tonnage and upwards, including high speed craft, mobile offshore drilling units and port facilities serving such ships engaged on international voyages.

Regulation XI-2/3 of the new chapter enshrines the International Ship and Port Facilities Security Code (ISPS Code). Part A of this Code will become mandatory and part B contains guidance as to how best to comply with the mandatory requirements.

The regulation requires Administrations to set security levels and ensure the provision of security level information to ships entitled to fly their flag. Prior to entering a port, or whilst in a port, within the territory of a Contracting Government, a ship shall comply with the requirements for the security level set by that Contracting Government, if that security level is higher than the security level set by the Administration for that ship.

Regulation XI-2/4 confirms the role of the Master in exercising his professional judgment over decisions necessary to maintain the security of the ship. It says he shall not be constrained by the Company, the charterer or any other person in this respect.

Regulation XI-2/5 requires all ships to be provided with a ship security alert system, according to a strict timetable that will see most vessels fitted by 2004 and the remainder by 2006. When activated the ship security alert system shall initiate and transmit a ship-to-shore security alert to a competent authority designated by the Administration, identifying the ship, its location and indicating that the security of the ship is under threat or it has been compromised. The system will not raise any alarm on-board the ship. The ship security alert system shall be capable of being activated from the navigation bridge and in at least one other location.

Regulation XI-2/6 covers requirements for port facilities, providing among other things for Contracting Governments to ensure that port facility security assessments are carried out and that port facility security plans are developed, implemented and reviewed in accordance with the ISPS Code.

Other regulations in this chapter cover the provision of information to IMO, the control of ships in port, (including measures such as the delay, detention, restriction of operations including movement within the port, or expulsion of a ship from port), and the specific responsibility of Companies.

Resolutions adopted by the conference
The conference adopted 11 resolutions, the main points of which are outlined below.

Conference resolution 1 (Adoption of amendments to the annex to the international convention for the safety of life at sea, 1974, as amended), determines that the amendments shall be deemed to have been accepted on 1 January 2004 (unless, prior to that date, more than one third of the Contracting Governments to the Convention or Contracting Governments the combined merchant fleets of which constitute not less than 50% of the gross tonnage of the world's merchant fleet, have notified their objections to the amendments) and that the amendments would then enter into force on 1 July 2004.

Conference resolution 2 (Adoption of the International Ship and Port Facility Security (ISPS) Code) adopts the International Ship and Port Facility Security (ISPS) Code, and invites Contracting Governments to the Convention to note that the ISPS Code will take effect on 1 July 2004 upon entry into force of the new chapter XI-2 of the Convention;

Conference resolution 3 (Further work by the international maritime organization pertaining to the enhancement of maritime security) invites the International Maritime Organization to develop, as a matter of urgency, training guidance such as model courses for ship security officers, company security officers and port facility security officers; performance standards for ship security alarms; performance standards and guidelines for long-range ship identification and tracking systems; guidelines on control of ships; and guidelines on "Recognized security organizations", and to adopt them in time before the entry into force of the amendments to the Convention adopted by the Conference.

Conference resolution 4 (Future amendments to Chapters XI-1 and XI-2 of the 1974 SOLAS Convention on special measures to enhance maritime safety and security) recommends that future amendments to the provisions of chapters XI-1 and XI-2 of the Convention should be adopted by either the Maritime Safety Committee of the International Maritime Organization or by a Conference of Contracting Governments to the Convention.

Conference resolution 5 (Promotion of technical co-operation and assistance) strongly urges Contracting Governments to the Convention and Member States of the Organization to provide, in co-operation with the Organization, assistance to those States which have difficulty in meeting the requirements of the adopted amendments; and to use the Integrated Technical Co-operation Program of the Organization as one of the main instruments to obtain assistance in advancing effective implementation of, and compliance with, the adopted amendments.

It also requests the Secretary-General of the Organization to make adequate provision, within the Integrated Technical Co-operation Program, to strengthen further the assistance that is already being provided and to ensure that the Organization is able to address the future needs of developing countries for continued education and training and the improvement of their maritime and port security infrastructure and measures; and invites donors, international organizations and the shipping and port industry to contribute financial, human and/or in-kind resources to the Integrated Technical Co-operation Program of the Organization for its maritime and port security activities.

It also invites the Secretary General to give early consideration to establishing a Maritime Security Trust Fund for the purpose of providing a dedicated source of financial support for maritime security technical-co-operation activities and, in particular, for providing support for national initiatives in developing countries to strengthen their maritime security infrastructure and measures.

Conference resolution 6 (Early implementation of the special measures to enhance maritime security) refers to the difficulties experienced during implementation of the International Safety Management (ISM) Code and draws the attention of Contracting Governments and the industry to the fact that chapter XI-2 of the Convention does not provide for any extension of the implementation dates for the introduction of the special measures concerned to enhance maritime security. It urges Contracting Governments to take, as a matter of high priority, any action needed to finalize as soon as possible any legislative or administrative arrangements, which are required at the national level, to give effect to the requirements of the adopted amendments to the Convention relating to the certification of ships entitled to fly their flag or port facilities situated in their territory.

It also recommends that Contracting Governments and Administrations concerned designate dates, in advance of the application date of 1 July 2004 by which requests for certification should be submitted in order to allow for completion of the certification process and for companies and port facilities to rectify any non-compliance. It also recommends that Contracting Governments and the industry should take early appropriate action to ensure that all necessary infrastructure is in place in time for the effective implementation of the adopted measures to enhance maritime security on board ships and ashore.

Conference resolution 7 (Establishment of appropriate measures to enhance the security of ships, port facilities, mobile offshore drilling units on location and fixed and floating platforms not covered by chapter XI-2 of the 1974 SOLAS Convention) invites Contracting Governments to establish, as they might consider necessary, appropriate measures to enhance the security of ships and of port facilities other than those covered by chapter XI-2 of the Convention; it also encourages Contracting Governments to establish and disseminate, in an appropriate manner, information to facilitate contact and liaison between company and ship security officers and the authorities responsible for the security of port facilities not covered by Chapter XI-2, prior to a ship entering, or anchoring off, such a port;

Conference resolution 8 (Enhancement of security in co-operation with the International Labor Organization) invites the ILO to continue the development of a Seafarers' Identity Document as a matter of urgency, which should cover, among other things, a document for professional purposes; a verifiable security document; and a certification information document, and invites IMO and the ILO to establish a joint ILO/IMO Working Group to undertake more detailed work on comprehensive port security requirements.

Conference resolution 9 (Enhancement of security in co-operation with the World Customs Organization) invites the WCO to consider urgently measures to enhance security throughout international closed CTU movements and requests the Secretary-General of IMO to contribute expertise relating to maritime traffic to the discussions at the WCO.

Conference resolution 10 (Early implementation of long-range ships' identification and tracking) recalls that long-range identification and tracking of ships at sea is a measure that fully contributes to the enhancement of the maritime and coastal States security and notes that Inmarsat C polling is currently an appropriate system for long-range identification and tracking of ships. It urges Governments to take, as a matter of high priority, any action needed at national level to give effect to implementing and beginning the long-range identification and tracking of ships and invites Contracting Governments to encourage ships entitled to fly the flag of their State to take the necessary measures so that they are prepared to respond automatically to Inmarsat C polling, or to other available systems. It also requests Governments to consider all aspects related to the introduction of long-range identification and tracking of ships, including its potential for misuse as an aid to ship targeting and the need for confidentiality in respect of the information so gathered.

Conference resolution 11 (Human element-related aspects and shore leave for seafarers) urges Governments to take the human element, the need to afford special protection to seafarers and the critical importance of shore leave into account when implementing the provisions of chapter XI-2 of the Convention and the International Ship and Port Facility (ISPS) Code. It also encourages Governments, Member States of IMO and non-governmental organizations with consultative status at the Organization to report to the Organization any instances where the human element has been adversely impacted by the implementation of the provisions of chapter XI-2 of the Convention or the Code. It also requests the IMO Secretary-General to bring to the attention of the Maritime Safety Committee and the Facilitation Committee of the Organization, any human element related problems, which have been communicated to the Organization as a result of the implementation of chapter XI-2 of the Convention or the Code.