The International Ship and Port facility Security Code was drafted and agreed at the same time as the new SOLAS Regulations and provides further detail and guidance on the measures outlined in the Regulations. The Code has two parts: Part A which contains mandatory requirements and Part B which contains detailed guidance. Contracting Governments must implement the mandatory requirements of the Code, taking into account the guidance, by 1st July 2004.
Who is responsible for implementing the ISPS Code in the UK?
Transport Security Division (TRANSEC), part of the Department for Transport (DfT), has overall responsibility for implementing IMO requirements and will deal primarily with port facility and passenger ship security. The Maritime and Coastguard Agency (MCA) is responsible for cargo and freight ship security.
What are the requirements of the ISPS Code?
- Responsibilities of Contracting Governments, e.g. setting security levels and providing guidance for protection from security incidents ,establishing the requirements for a Declaration of Security, testing the effectiveness of ship security plans and or port facility security plans and exercising control and compliance measures in accordance with SOLAS X-1 2/9;
- A Declaration of Security addressing the security requirements that could be shared between a port facility and a ship (or between ships) and stating the responsibility each shall take.
- Obligations of the company to "ensure the ship security plan contains a clear statement emphasizing the master’s authority" and "ensure the company security officer, the master and the ship security officer are given the necessary support to fulfil their duties and responsibilities".
- Ship security with activities defined as to how a ship is required to act upon security levels set by Contracting Governments.
- Ship Security Assessments to be "carried out by persons with appropriate skills to evaluate the security of a ship" and to include an on-scene survey and a number of other elements.
- Ship Security Plan approved by the Administration and carried on board ship.
- Records of certain "activities addressed in the ship security plan shall be kept on board for at least the minimum period specified by the Administration" These records to be protected from unauthorised access or disclosure.
- Provisions for designated company security officers and ship security officers.
- Training, drills and exercises concerning ship security.
- Verification and certification for ships.
Other requirements under Amendments to SOLAS chapters V and XI include:
- Carriage requirements for ship borne navigational systems and equipment.
- Requirements as to where and how the ship’s identification number will be permanently marked.
- Every ship to which chapter I of SOLAS applies must have a Continuous Synopsis Record containing specified information.
- Provision of a ship security alert system as specified in SOLAS XI-6
Which Ships need to comply with the ISPS Code?
The ISPS Code and the Amendments to SOLAS apply to the following types of ships engaged on international voyages:
- Passenger ships, including high-speed passenger craft.
- Cargo ships, including high-speed craft, of 500 gross tonnage and upwards, and also including commercial yachts carrying over 12 fare paying passengers.
- Mobile offshore drilling units (MODUs).
They also apply to port facilities serving such ships engaged on international voyages.
Certain vessels were given an MCA dispensation from ISM Compliance because they were built under the 1969 rules and when the conversion from GRT to GT took place, they fell above the 500 GT line. Do they have to comply?
No. If an administration recognises the old tonnage (as the MCA Does) then it is applicable to apply compliance requirements for the old tonnage. So in this case the ship need not comply.
The proviso is that the administration should issue the ship with a letter or some other form of authority to continue using the old tonnage.
To what extent does the ISPS code apply to commercial and private yachts?
The ISPS Code will apply to commercial yachts over 500 GT. It will not apply to commercial yachts under 500GT or to private yachts.
A yacht carrying over 12 fare paying passengers will be classed as a passenger vessel. If it is also over 500 gt and engaged on international voyages, then the ISPS Code will apply.
The reference to this in the code is ISPS Code reference is A/3.1.1.
Where can I purchase a copy of the ISPS Code?
From International Maritime Organisation, details as follows:
Product: International Ship and Port Facility Code
Tel: + 44 (020) 7735 7611
What is the objective of the EU Regulation?
The objective of the EU Regulation (currently in draft) is to introduce and implement Community measures aimed at enhancing the security of ships used in international trade and domestic shipping and associated port facilities in the face of threats of intentional unlawful acts. The Regulation is also intended to provide a basis for the harmonised interpretation and implementation and Community monitoring of SOLAS security amendments and the ISPS Code.
Will there be security measures for all other ships?
The EU Regulation is expected to be authorised by the European Parliament
and the Council of the European Union in October 2003.
The Regulation will expect Domestic Class A passenger ships to apply the SOLAS amendments and the ISPS Code in full by 1 July 2005.
Other domestic ships must apply the SOLAS amendments and the ISPS Code by 1 July 2007. Member States may decide, on the basis of the results of a security risk assessment, not to apply these provisions to other domestic ships provided that the overall level of security is not comprised.
How do UK registered ships gain a UK International Ship Security Certificate (ISSC)?
The following steps need to be taken:
- Appoint and organise approved training for, the Company Security Officer and Ship Security Officers.
- Ensure a Ship Security Assessment (ISPS Code A/8.2) is undertaken for each ship by people with appropriate skills. This will include as on-scene survey of the ship (ISPS Code A/8.4) and could involve the use of a consultant.
- Approve the Ship Security Assessment (ISPS Code A/8.5)
- Develop a Ship Security Plan (ISPS Code A/9.4) taking into account the findings of the Ship Security Assessment. This could involve the use of a consultant.
- Implement Ship Security Plan (SSP) and submit SSP and Ship Security Assessment for approval to TRANSEC for passenger ships or MCA for cargo ships. The UK is not authorising Recognised Security Organisations.
- Arrange for an internal review of the ship security system prior to verification visit.
Why do ships need to have a Ship Security Assessment and a Ship Security Plan?
The Ship Security Assessment (SSA) is an essential and integral part of the process of developing and updating Ship Security Plans (SSP).
What language does the Ship Security Plan need to be in?
The SSP is to be developed from the SSA written in the working language of the ship. If that language is not English, French or Spanish a translation into one of these languages shall be included. The reason for the translation is that different parts of the plan could be inspected by port state officers if clear grounds for non-compliance are established.
Is a ship visit required before an SSP is approved?
There is currently no requirement in either SOLAS XI-2 or the ISPS Code for this to take place. MCA have based their maritime security process on the basis of a single ship visit for the verification. However, for training purposes a limited number of ship visits will be made to liaise with CSO regarding SSA and SSP.
No mention is made here of SSP approval.
No mention is made here of SSP approval
ISPS Part A
Section 9.1 Requires Administration to approve SSP
Section 9.3 Requires SSPs submitted for approval to be accompanied by SSA (8.4 SSA shall include an on-scene survey by persons with appropriate skills - 8.3)
Section 9.5 Requires administrations to specify which changes to SSP require approval
ISPS Part B
Para 9.6 Requires SSP security measures to be in place before initial verification
When do we need to have Ship Security Alert Systems?
Ship Security Alert Systems should be fitted after the ships first radio survey after 1stJuly 2006.
Are IMO Numbers required before the first dry-dock after July 2004?
IMO Numbers do not need to be fitted until first dry-dock after July 2004. Please note if dry-docking before then it would be suggested that they are applied sooner rather than later
How should the Ships Identification Number (SIN) be marked on a Ship?
The marking shall be plainly visible and painted in a contrasting colour in the form of "IMO XXXXXXX". On ships constructed of steel or metal the marking shall be made by:
- raised lettering, or
- cutting it in, or
- centre-punching it, or
- any equivalent method of marking which is not easily expunged.
Where should the marking of the SIN go?
Externally the permanent marking shall be clear of any other markings on the hull and shall be not less than 200 mm high (width proportionate to the height). The positioning of the external marking is subject to a range of options:
• on the stern of the ship, or
• either side of the hull, amidships port and starboard, above the deepest assigned load line, or
• either side of the superstructure port and starboard, or
• on the front of the superstructure, or
• In the case of passenger ships, on a horizontal surface visible from the air.
Internally the permanent marking shall be in an easily accessible place and shall be not less than 100 mm high (width proportionate to the height). The positioning of the internal marking is also subject to a range of options:
• on either end of the transverse bulkheads of machinery spaces as defined in regulation II-2/3.30, or
• one of the hatchways or
• in the case of tankers in the pump room, or
• In the case of ships with ro-ro spaces as defined in regulation II-2/3.41, on one of the end transverse bulkheads of the ro-ro space.
Why is there a need for a Company Security Officer and Ship Security Officer?
Shipping companies are required to designate a Company Security Officer (CSO) to co-ordinate the security activities of the company and its ships on one hand and port facilities and Governments on the other. The CSO is also responsible for ensuring the security systems are fully maintained and internally audited. Each ship is to have a designated Ship Security Officer (SSO), who may be the ships master.
The CSO and SSO are required to have knowledge of the security system and to have received appropriate training; this also applies to other personnel assigned security duties. In addition to maintaining the SSP they are to ensure its effective implementation by carrying out drills and exercises at appropriate intervals. The guidance gives a three month interval for drills, or within a week of changing more than 25% of the crew (if they have not participated in a drill on that ship within 3 months) and annual exercises.
What arrangements need to be made in the case of a one ship company where the master is the owner/operator, regarding the appointment of a Company Security Officer (CSO)?
The ISPS Code requires a shore based CSO to be appointed
In the case of a company, for whatever reason, eg small size, appoints another person not a company employee, ie an agency to act as CSO for them, in a similar way as ISM allows this for the DPA function?
The ISPS Code doesn’t specifically disallow this therefore it could be a runner. However the Code does impose some executive powers in the CSO such as ensuring the SSA’s are carried out (A?11.2.2) etc which would need addressing.
Multi flag management companies, Does the CSO have to have an MCA validated certificate?
No, if the number of ships on another flag exceeds the number on the UK flag, then that Flag’s CSO course would be required. You can always check with Seafarer Standards.
What would need to be addressed by a Training Provider regarding a "conversion course" for CSOs to do the SSO Course?Also what would be required from the Training Provider for them to do a combined CSO/SSO Course, if they were approved seperately?
This is being looked over by Seafarer Standards at the moment. The demand for a "conversion course" is not seen as high and has been given low priority. However the possibility of a combined course (duration 5 days) is being investigated.
Does MCA recognise CSO/SSO courses provided by class societies like: Bureau Veritas (BV) Det Norske Veritas (DNV), Germanischer Lloyd (GL) etc?
MCA will recognise them if they have gone through the approval process.
If the CSO moves on, leaves the company etc, if the SSP is sealed then does it have to be returned to the Flag State for amendment?
Do not return the SSP as we could be inundated. It could be amended on board by the first available MCA Surveyor to visit the vessel for any survey as you would for class items, minor changes in certificates etc.
How can I find out who MCA have approved to conduct ISPS related training courses for CSO and SSO?
Please contact mcga.gov.uk for details.
Can a CSO request a Declaration of Security?
A company can instruct the SSO to request a Declaration of Security.
Will there be a vetting procedure for CSOs, SSOs and PFSOs (Port Facility Security Officers)?
CSOs and SSOs will not be vetted. It would be very difficult to vet SSOs in particular bearing in mind most would not be UK citizens.
Regarding PFSOs, bearing in mind the limited numbers of PFSOs it is likely they will be vetted though the final decision remains to be made by TRANSEC.
What should a ship do when entering a Foreign Port?
When ships are intending to enter a foreign port they may be required to provide information by the port state including:
- Confirmation the ship possesses a valid ISSC,
- Security level at which the ship is operating,
- Security level at which the ship operated in the last ten ports of call,
- Special or additional security measures undertaken at the last ten ports of call,
- Confirmation that appropriate procedures were maintained during any ship-to-ship activity between the last ten ports of call,
- Other practical security related information.
When should this information be provided?
When a ship announces its intention to enter the port of a Member State, the competent authority for maritime security of that Member State shall require that the information referred to in paragraph 2.1 of Regulation 9 be provided:
• At least twenty-four hours in advance; or
• At the latest, at the time the ship leaves the previous port, if the voyage time is less than twenty-four hours.
What happens if all necessary information is provided but the member state believes we are not in compliance with the ISPS Code?
If, after receipt of this information, there are clear grounds for believing that the ship is in non-compliance with the ISPS code, port state officers are to attempt to establish communications with and between the ship and its Administration in order to rectify the situation. Should this fail they may take proportionate steps that include:
• A requirement to rectify the non-compliance,
• A requirement that the ship proceed to a location specified in the country’s territorial seas or internal waters,
• Inspection of the ship, if it is within their territorial sea,
• Denial of entry into port.
Will the USCG review/approve Vessel Security Plans submitted by owners and operators of non-US ships that expect to call at US ports for compliance with US regulations promulgated under the MTSA, if so requested by the submitter?
We have consistently taken the position that security plans for foreign flag SOLAS vessels do not have to be submitted to the Coastguard. The regulations we published on July 1st and then finalised last month make this clear. We have also gone on record with that position with our oversight committees in Congress. The Coastguard fully intends to abide by the reciprocal obligations in SOLAS and the ISP code regarding ISSCs and security plans. The Coastguard will not approve foreign SOLAS vessel security plans even if requested by the owners or operators. The US Administration is convinced that the SOLAS amendments and the ISPS Code provide an excellent framework for minimising the threat of terrorism in the maritime community. The United States should not alone battle this world wide threat. We need the help of the 102 signatories.
Does the USG concur with the contention that a foreign ship owner that fails to comply with the security plan requirements of the MTSA runs the risk of not limiting its liability in the event of a terrorist attack involving the vessel in US waters?
Specifically with regard to the limitation of liability issue, the MTSA and our regulations do not address third party liability. We have concluded however, that the requirements of the MTSA are satisfied through participation in the international regime and that an owner’s ability to limit liability is not in jeopardy by complying with the MTSA regulations. In our view, compliance with a plan will not only prevent a TSI (Transport Security Incident) but also will allow an owner of a SOLAS vessel who has complied with the SOLAS amendments and the ISPS Code to limit liability. This can be accomplished by those responsible for security effectively implementing its plan so that the requirements of the ISPS Code are met. Of course we re-emphasise the point that this assumes the plan being implemented fully complies with the SOLAS amendments and the ISPS Code and takes into account the relevant provisions of Part B. We will be vigorously overseeing this implementation through a very active port state control regime and through our foreign country audit program.
Can the USCG advise us of the additional requirements for Vessel Security Plans in the MTSA in relation to those for the Ship Security Plan in the ISPS Code which would need to be included in the Ship Security Plan to comply with the requirements of MTSA?
An International Ship Security Certificate issued under the ISPS Code will be accepted as prima facie evidence that the ship is in compliance with the MTSA and its implementing regulations, with the exception of 33 CFR Parts 104.240, 104.255 and104.295 as appropriate. We will verify implementation of the ship security plan through our robust port state control regime.
Concerning offshore installations, is a UK ship travelling from a UK Port to an installation in the UK sector considered to be on a domestic voyage, and if the installation is in a foreign sector, on an international voyage?
A UK ship travelling from a UK port to an installation in the UK sector (of the North Sea) would not be travelling to a port, so this is not an international voyage. Even if the installation was in a foreign sector of the North Sea, it would still not be a port. The word port’ is not defined in SOLAS Chapter 1, however it is considered that it would be stretching the natural meaning too far to make it include an offshore installation.
What is the ISPS definition of a MODU?
The reference to MODU is shorthand for that contained in SOLAS XI-2/1. MODU means a Mechanically propelled Offshore Drilling Unit as defined in regulation 1X/1 not on location.
Regulation IX/1 defines MODU as "a vessel capable of engaging in drilling operations for the exploration or exploitation of resources beneath the sea-bed such as liquid or gaseous hydrocarbons, sulphur or salt".
IMO’s Maritime Safety Committee at its 77th session, which met in May 2003 after the ISPS Code was ratified, agreed that Floating Production Storage and Offloading (FPSO) units and Floating Storage Units (FSU) were not subject to the ISPS Code. It was also agreed that Single Buoy Moorings (SBM) would be covered either by the security regime of the offshore facility or port facility as appropriate.
Will all MODUs be required to obtain ISSCs?
If a MODU is mechanically propelled " ie able to make a voyage as opposed to being just able to move around a wellhead " it will need an ISSC, with no exceptions.
The MCA been delegated to do?
The MCA have been delegated the tasks of;
- Approving ships’ security assessments and security plans, the associated verification activities for cargo ships and the issuing of ISSCs.
- Undertaking inspections of foreign flagged ships visiting UK ports MCA’s through Port State Control Officers.
- Issuing ships’ Continuous Synopsis Records. This is a document that remains with the ship for its whole life detailing, the ships’ identification number, name changes, ownership, operating company, ISM and ISPS issuing and maintaining authorities.
- Communicating security levels set by TRANSEC to ships; both UK ships world-wide and foreign ships in UK waters.
- Monitoring ships operating at higher security level than those set for UK Port Facilities.
- Approving training courses for Company Security Officers and Ship security Officers.
Where can I purchase a copy of the ISPS Code?
From the International Maritime Organisation, details as follows:
Product: International Ship and Port Facility Code
You can contact us by: Telephone: 02380329320
Other useful sites are:
International Maritime Organisation - www.imo.org
Department for Transport – www.dft.gov.uk
Where can information on piracy be obtained?
International Chamber of Commerce (International Maritime Bureau) run a website at http://www.iccwbo.org/ccs/menu_imb_bureau.asp IMO publish monthly, quarterly and annual reports of piracy and armed robbery against ships at MSC Circulars. The Latest annual report is MSC.4/Circ.32 which can be found at: http://www.imodocs.imo.org
Need help ?
Feel free to contact the yacht management department who aim to taking the stress away from yacht ownership
We provide yacht charter, yacht brokerage, crew training, crew placement and yacht management. We are a full service luxury yachting company that creates strong and lasting relationships with clients and crew