ISPS Code

INTRODUCTION
AND
AWARENESS
PRESENT BY
LT RMN (R) ISMAIL BIN YAHYA

KLIH, Kuala Lumpur 7th August 2008

Course Objective

To introduce ISPS Code

and to create an
awareness amongst the
participants on ISPS Code,
its requirements and their
responsibility under the
code.
Course Content

1. INTRODUCTION
2. ISPS CODE OBJECTIVES
3. MARITIME SECURITY DEVELOPMENT
4. ISPS CODE IMPLEMENTATION
5. SECURITY LEVELS
6. THE SECURITY PLAN
7. DECLARATION OF SECURITY (DoS)
8. DRILLS & EXERCISES
9. THE IMPLICATION
INTRODUCTION
Introduction

What is
ISPS?

International
Ship and Port Facility
Security Code
CODE OBJECTIVE
Code Objective
• To establish an international framework involving co-
operation between Contracting Governments, Government
agencies, local administrations and the shipping and port
industries to detect security threats and take preventive
measures against security incidents affecting ships or port
facilities used in international trade;

• To establish the respective roles and responsibilities of

Contracting Governments, Government Agencies, local
administrations and the shipping and port industries, at
the national and international levels, for ensuring maritime
security; CONTRACTING
GOVERNMENT

PORT
THE COMPANY ISPS CODE FACILI
TY

THE SHIP
Code Objective

• To ensure the early and efficient collection and exchange

of security-related information;

• To provide a methodology for security assessment so as to

have in place plans and procedures to react to changing
security levels; and

• To ensure that confidence, adequate and proportionate

maritime security measures are in place.
MARITIME SECURITY
DEVELOPMENT
MARITIME SECURITY DEVELOPMENT

INTERNATIONAL Pre 9/11 Assessment :

SHIP & PORT FACILITY
SECURITY CODE
Maritime security
threats such as cargo
theft, illegal drug
trafficking, stowaways,
piracy and terrorism
existed long before
9/11
MARITIME SECURITY DEVELOPMENT

Pre 9/11 Assessment :

INTERNATIONAL
SHIP & PORT FACILITY  ship, cruise, ferry or
tourist vessel, seen as
SECURITY CODE
possible target of attack
or hijack.

 ship used for gun running

or to carry other
equipment and personnel.

 ship used in trade to help

finance terrorist activities
MARITIME SECURITY DEVELOPMENT

1986 – IMO adopted measures to

prevent unlawful acts which 5
threaten the safety of ships and the 9 8
1
= =
security of their passengers and
crews.

1988 - IMO adopted the

"Convention for the Suppression of
Unlawful Acts Against the Safety
of Maritime Navigation (Rome
Hijacking of the Achille Lauro in
1985
First mention of “security” in any
IMO treaty, convention or resolution.

1988)", known as the SUA

Convention
MARITIME SECURITY DEVELOPMENT

 MSC Circular 443 (1986)

 The focus of MSC advice in Circular 443 (IMO Resolution

A.584(14)) was on cruise ships and the ports they used. It
included:
 a Designated Authority was to be appointed within
the Government, responsible for cruise ship and
cruise port security;
 appointment of an Operator Security Officer;
 appointment of a Ship Security Officer for each
cruise ship;
MARITIME SECURITY DEVELOPMENT

SUA CONVENTION

Based on aviation (ICAO) practice, SUA

seeks to ensure that appropriate judicial
action is taken against persons committing
unlawful acts against ships. It requires
Contracting Governments either to
extradite or prosecute alleged offenders.
MARITIME SECURITY DEVELOPMENT

1996 – IMO issued IMO Circular 754 entitled "Passenger

Ferry Security“. It advised additional application of the
principles in 443 to international passenger ferry services.

1997 – IMO Resolution A.872(20). It introduced guidelines for

the prevention and suppression of the smuggling of drugs,
psychotropic substances and precursor chemicals on ships
engaged in international maritime traffic.

1997 – IMO Resolution A.871(20). It introduced guidelines on

the allocation of responsibilities to seek the successful resolution
of stowaway cases.
MARITIME SECURITY DEVELOPMENT

1997 – Piracy and Armed Robbery

MSC (IMO) also developed

guidance on preventing piracy
and armed robbery against ships
(now MSC/Circ.623/Rev3)
and parallel guidance to
Contracting Governments (now
MSC/Circ.622/Rev1).
 SEVERAL
TERRORIST ACT
AGAINST THE
MARITIME
INDUSTRIES
MARITIME SECURITY DEVELOPMENT

USS COLE
October 12,
2000
Bombed by
terrorists in the
Gulf of Aden
17 US crewmen
died, 38 others
injured
MARITIME SECURITY DEVELOPMENT

LIMBUR
G

French Super Tanker,

LIMBURG
06 Oct.2002
MARITIME SECURITY DEVELOPMENT

11 SEP 2001
INCIDENT LED TO
DEMANDS FOR
ENHANCED
MARITIME
SECURITY ntre
C e 01
d e 20
Tr a e r
d m b
o rl te
W Sep
11
MARITIME SECURITY DEVELOPMENT

ISPS TIMELINE
Extraordinary session following Sep 11
MSC Nov. 2001 disaster, IMO agree to develop measures
relating to security of ships and port facilities

1st meeting of the MSC Intercessional working

ISWG Feb. 2002
group on maritime security

Ad hoc working group established to develop

MSC Mar. 2002
proposal by the ISWG

ISWG Sep. 2002 Further development of proposals

Final version of proposed texts considered

MSC Sep. 2002
and agreed

Adoption of amendments to SOLAS which

Diplomatic Conference
includes AIS acceleration, ships ID number,
Dec. 2002
CSR and the ISPS Code.
MARITIME SECURITY DEVELOPMENT

MARINE DEPARTMENT DIRECTIVE

MARITIME SECURITY DEVELOPMENT

Dec 2002, ISPS introduced

July 2003, Malaysia
adopted ISPS
July 2004, Enforcement of
ISPS Code worldwide
MARITIME SECURITY DEVELOPMENT

Code Applies to
 International Going
 Passenger Ships
 Cargo Ships of more then 500 GT
 Mobile offshore Drilling Units

 Port Facility Serving Such Ships on

International Journey
MARITIME SECURITY DEVELOPMENT

Primary intent of SOLAS Chapter XI-2

and the ISPS Code is to
detect and deter
acts of maritime security threats
ISPS CODE IMPLEMENTATION
ISPS Code Implementation
International Maritime
Organization (IMO)

Contracting Government
(Government of Malaysia)
FLOW OF
RESPONSIBILITY Designated Authority
(Marine Department)

Port Area Security Officer

Port Facility Security Officer

ISPS Code Implementation

Contracting Governments
• To designate an authority through the
government mechanism (Ministry of
Transport) to be responsible for ensuring
the implementation of the provisions in the
ISPS Code pertaining to Port Facility security
and ship/port interface, from the point of
view of the Port Facility.

 The Designated Authority (DA) for Peninsular Malaysia is

Marine Department Peninsular Malaysia.
 ISPS Code Implementation

Contracting Governments Responsibiliti

 To set Security Levels

 To provide guidance for protection from
security incidents
 To issue appropriate instruction and
provide security related information when
the Security Level is raised to 3
 ISPS Code Implementation

Designated Authority (DA) Responsibilit

1. approving the Port Facility Security Assessment
(PFSA) and subsequent amendments to an
approved assessment;

2. determining the port facilities which will be

required to designate a Port Facility Security
Officer (PFSO);

3. approving the Port Facility Security Plan (PFSP)

and subsequent amendments to an approved
plan;

4. exercising control and compliance measures;

5. testing approved plans or it’s amendments; and

 ISPS Code Implementation

Port Area Security Officer (PASO)

An officer appointed by the Port Administrator /
Port Authority to:

• facilitate the development, implementation,

review and maintenance of a Port Area
Security Plan; and

• liaise with PFSO and SSO to facilitate

administration and improve communication

PASO is not in the ISPS Code and is not one of its requirements.

PASO was established by Malaysian DA to perform the above function in a specific

area within Malaysia.
ISPS Code Implementation

Port Facility Security Officer (PFSO)

• The port facilities which have to comply with the
requirements of Chapter X1-2 & Part ‘A’ of this
code, are required to designate a PFSO.

• The duties, responsibilities & training requirements

of these officers & requirements for drills &
exercises are defined in Part ‘A’ of the code.

• A PFSO shall be designated for each port facility. A

person may be designated as the PFSO for one or
more port facilities.
ISPS Code Implementation

PFSO Responsibilities
• Conduct initial security survey of the port
facility taking into account the relevant
PFSA;
• Develop, maintain, implement and
exercising the PFSP;
• Undertake security inspections of the port
facility and to ensure the continuation of
appropriate security measures;
• Recommend and incorporate changes to
improve the PFSP;
• Enhancing security awareness to the port
facility personnel;
• Ensure adequate training for the port
ISPS Code Implementation

Security Personnel
They should know :
• The current security threats and patterns;
• How to recognise and detect weapons,
dangerous weapon and devices;
• Techniques used to implement security
measures;
• Crowd control techniques;
• Security-related communications;
• How to operate, test, maintain and
calibrate security equipment and
systems;
• How to conduct inspection, control and
monitoring; and
•
ISPS Code Implementation

Other Port Facility Personnel

They should know :

• Meaning and the consequential
requirement of the different
Security Level;
• How to recognise and detect
weapons, dangerous weapon and
devices;
• How to recognise the character
and behavioural patterns of
persons who are likely to
threaten the security;
Security Levels
Security Level

Security Levels
SOLAS Ch XI-2 REGULATION 1.14

“Security level” means the

qualification of the degree of risk
that a security incident will be
attempted or will occur
Security Level

• A Port Facility is required to act upon

the Security Levels set by Contracting
Government within whose territory it is
located.

• Security measures and procedures

shall be applied in such a manner as to
cause a minimum of interference with,
or delay to, the ship, ship’s personnel ,
ship’s visitors, good and services.

• The Port Facility Security Plan (PFSP)

shall make provisions for three
Security Levels, as defined in the Part
Security Level
Ships and Port Facilities will
have three (3) security levels

Security
Level 3
(High)
Port
and Security
Ship Level 2
securit (Medium)
y
Levels A dynamic
Security
1, 2 & process where the
Level 1 security level (1-
3 (Low) 3) is set by the
Contracting
Government
Additional
Security
measures
Security Level

Setting Security
Level
Setting of the Security Level at
any particular time, is the
responsibility of Contracting
Government and can apply to
ships and port facility. Changes
of the Security Level will be
announced to the ships or port
facility through it’s specified
channels.
Security Level

Factors to be considered in setting the appropriate

security level include:-

• The degree that the threat information is

credible
• The degree that the threat information is
corroborated
• The degree that the threat information is
specific or imminent.
• The potential consequences of such a
security incident.
Security Level
Security Level One
• The level for which minimum appropriate protective
security measures shall be maintained at all times

Security Level Two

• The level for which appropriate additional protective
security measures shall be maintained for as long as
there is a heightened risk of a security incident

Security Level Three

• The level for which further specific protective measures
shall be maintained for a period of time when a security
incident is probable or imminent, although it may not be
possible to identify a specific target
Security Level

SECURITY MEASURES
(in relation with the Security Level)

Security Level 1 Security Level 2 Security Level 3

Appropriate measures shall be Additional protective measures Further specified protective
carried out in order to identify shall be implemented for each measures shall be implemented
and take preventive measures activity. for each activities
against security incident:

1. Controlling access to the Port Facility;

2. Monitoring the security of the Port Facility including anchoring and berthing area;
3. Controlling the restricted areas to ensure that only authorized persons have access;
4. Supervising the handling of cargo;
5. Supervising the handling of ship’s stores; and
6. Supervising the handling of unaccompanied baggage.
THE PLAN
(PFSP)
Security Plan

Statement of
Compliance
Security Plan
MAJOR CHANGES

SECURITY ASSESSMENT REVIEW, AUDIT RESULT

PORT FACILITY IMPLEMENTATION

RELEVANT
SECURITY ASSESSMENT OF PFSP

NEED CHANGES
NO

APPROVAL BY STATEMENT OF PFSP AMENDMENT

THE DA COMPLIANCE

YES
YES

PORT FACILITY APPROVAL BY

SECURITY PLAN NO THE DA

PFSP
IMPLEMENTATION OF PFSP VERIFICATION
FLOW CHART
PORT FACILITY SECURITY PLAN BY THE DA
Security Plan
Port Facility Security Assessment

A Port Facility Security Assessment :

• identifies vulnerabilities that may lead to a

security breach and may suggest options to
eliminate or mitigate those vulnerabilities;

• is an essential and integral part of the process

of developing a Port Facility Security Plan, and

• has to be submitted to, and approved by, the

Designated Authority of the Contracting
Government.
Security Plan
Port Facility Security Assessment

Port Facility Security Assessment includes :

• the identification of assets and

infrastructures it is important to protect;

• the identification of vulnerabilities, including

human factors, infrastructure, policies and
procedures;
Security Plan
Port Facility Security Assessment

Port Facility Security Assessment includes :

• the identification of possible threats, their

likelihood of occurring and their consequences,
in order to determine and prioritize security
measures, and

• the identification of security measures that

could reduce vulnerability.
Security Plan
Port Facility Security Plan

The Port Facility Security Plan is prepared on the

basis of the approved Port Facility Security
Assessment and should include security measures
and procedures for the 3 Security Levels.

The plan is designed to ensure the application of

measures to protect the port facility and ships,
persons, cargo, cargo transport units and ship's
stores within the port facility from the risks of a
security incident.
Security Plan
Port Facility Security Plan

Security measures should include :

• Prevention of weapons, explosives etc being brought into the
port facility and on board ship;
• Prevention of unauthorized access to the port facility, ships
or restricted areas;
• Ensuring the security of the Plan itself, and
• Ensuring the security of cargo and cargo handling equipment
within the port facility.
Security Plan
Port Facility Security Plan

Security procedures should include procedures:

• to respond to security threats or breaches;

• to respond to instructions given at Security Level 3;
• for evacuation in the event of security threats or breaches;
• for the security interface with ships;
• for the reporting of security incidents;
• to respond to the activation of a Ship Security Alert System,
and
• to facilitate shore leave for ship’s personnel.
Security Plan

MAINTENANCE AND MODIFICATION OF PFSP

The PFSP is intended to

address security measures for
each of the 3 Security Levels,
but on further inspection it can
be seen that the PFSP is a
living document and will
require modification over time
in maintaining its effectiveness
and contributing to positive
DECLARATION OF
SECURITY
(DoS)
Declaration of Security (DoS)

The DoS is an agreement

between the ship and the port
facility or with other ships
with which it interfaces as to
details the respective security
measures of which each party
will undertake in accordance
with the provisions of their
respective approved security
Declaration of Security (DoS)

The DoS shall address the

security
requirements that could be
shared between a port facility
and a ship (or between ships)
and shall state the
responsibility for each.
Declaration of Security (DoS)

Example of
DoS
SECURITY DRILL & EXERCISE
Security Drill & Exercise

SECURITY DRILL & EXERCISE

 TO ENCOURAGE ALERTNESS AND AWARENESS OF
THE SECURITY OF THE PORT FACILITY

 TO ENSURE THAT PORT FACILITY PERSONNEL ARE

PROFICIENT IN ALL ASSIGNED SECURITY DUTIES
AT ALL SECURITY LEVEL

 TO IDENTIFY ANY SECURITY RELATED

DEFICIENCIES WHICH NEED TO BE ADDRESS

 TO ENSURE EFFECTIVE IMPLEMENTATION OF THE

PROVISION OF THE PORT FACILITY SECURITY
PLAN
Security Drill & Exercise

SECURITY DRILL & EXERCISE

 DRILL SHOULD BE CONDUCTED AT LEAST

EVERY THREE MONTH

 EXERCISE SHOULD BE CARRIED OUT AT LEAST

ONCE EACH CALENDER YEAR WITH NO MORE
THAN 18 MONTHS BETWEEN THE EXERCISES
Security Drill & Exercise

Objectives

To ensure that port facility

personnel are proficient in all
assigned security duties, at all
security levels and to identify
any security- related
deficiencies which need to be
addressed.
The IMPLICATION
The IMPLICATION

NON-COMPLIANCE
1. IMO does not state that complying with the ISPS
Code as a mandatory requirement.

2. Malaysian government through it’s Designated

Authority (Peninsular Malaysia Marine
Department) has advised the shipping companies
and port facilities to comply with the Code.

3. Failing to comply with the Code, the port facility

may result ships not calling at the port facility;
while the ships may be denied access by the port
or being detained or subject to additional
inspections.

4. The non-compliance port facility may lost their

The IMPLICATION

NON-Conformance
1. The non-conformance port facility is as bad as non-
compliance port.

2. SoCPF will be revoked and the name of the port will

be updated in the IMO website.

3. The port facility may have to spend extra expenses in

order to reassess the port facility and to redevelop the
Security Plan.
ANY FURTHER
QUESTION?