The Master Mariner

for maritime leaders

ISPS Code: Responsibilities and security levels

This page introduces the responsibilities under the ISPS Code. It will then look at the three ship security levels under the ISPS Code.

ISPS Code

Which instrument mandates the ISPS Code?

In 2002, in response to the attacks of 11th September 2001, SOLAS was amended to include Chapter XI, part two of which incorporated the ISPS Code.

On the 1st July 2004, these amendments entered into force and became mandatory for all convention-size ships.

***

To which ships does the ISPS Code apply?

The ISPS Code applies to the following ships engaged in international voyages and port facilities serving these ships:

  • passenger ships of all sizes
  • cargo ships (including high-speed craft) of 500gt and above
  • high-speed craft
  • mobile offshore drilling units.

The code does not apply to warships, naval auxiliaries or other non-commercially operated, government-owned ships.

***

How are non-party ships affected by the ISPS Code?

A ship flying the flag of a state not party to the SOLAS convention is not required to comply with the code. However, the code expressly states that governments should not give favourable treatment to such ships. In effect, this means that the ISPS Code should in fact be applied to those ships too, so that contracting governments’ ships are not disadvantaged by their compliance.

***

Structure of the ISPS Code

The code is a two-part document that sets out minimum standards for the security of ships and ports. The two parts of the ISPS Code are:

Part A: contains mandatory requirements that give life to the provisions of SOLAS XI-2

Part B: contains guidance regarding the provisions of SOLAS XI-2 as well as Part A of the code. The guidance provided in Part B relates primarily to protecting ships operating at the port.

***

What are the responsibilities of the company under the ISPS Code?

Under the ISPS Code, the company ensures that:

  • The Ship Security Plan explicitly states that the ship's master has both the overriding authority and responsibility to decide concerning the security of the ship and to request the assistance of the company or any contracting government as necessary to secure the ship.
  • The CSO, the master and the SSO are given the support to fulfil their duties in accordance with Chapter XI-2 and this part of the Code.

***

What are the responsibilities of the Ship Security Officer (SSO)?

The responsibilities of the SSO include:

  • undertaking inspections of the ship to ensure security measures are observed
  • supervising the implementation of the Ship Security Plan
  • coordinating the security of cargo handling and ship’s stores
  • proposing amendments and continuous improvements to the Ship Security Plan
  • reporting any deficiencies or non-conformities identified during internal audits, periodic reviews, security inspections and verifications of compliance with the CSO and implementing corrective action
  • promoting a culture of security awareness and vigilance on board a ship
  • ensuring that shipboard personnel have been trained
  • reporting all security incidents and threats
  • coordinating the implementation of the Ship Security Plan with the CSO and PFSO as required
  • ensuring that security equipment is properly operated, tested, calibrated and maintained

***

What is a Port Facility Security Officer (PFSO)?

PFSO is the person responsible for the development, implementation, revision and maintenance of the Port Facility Security Plan and for liaising with the SSOs and CSOs.

***

What are the ISPS Code security levels?

Under ISPS there are three security levels. They are:

  • Security level 1, (SL1: normal threat level). SL1 is the level at which the minimum protective and security measures are in permanent effect.
  • Security level 2, (SL2: heightened threat level). SL2 is the level at which, as a result of a heightened threat of a security incident, additional protective security measures are maintained for the duration of the threat.
  • Security level 3, (SL3: exceptional threat level). SL3 is the level at which, when a security incident is probable or imminent, further specific protective security measures are initiated and maintained for a limited period.

***

What measures are required under ISPS Security Level 1?

Ships and port facilities normally operate at ISPS Security Level 1. SL1 ensures that the minimum appropriate measures for identifying and preventing security incidents are in place on board ships. All ships at SL1 must undertake the following actions:

  1. ensure the correct performance of all security routines
  2. control access to the ship
  3. control the embarkation of people and their effects
  4. ensure that only authorised persons have access to restricted areas
  5. monitor deck areas and areas surrounding the ship
  6. supervise the handling of cargo and ship’s stores
  7. ensure that secure communication is readily available.

***

What security measures are required under ISPS Security Level 2?

ISPS Security Level 2 requires additional protection measures to be implemented to protect against the heightened risk of a security incident. These controls may include:

  1. assigning additional crew to visibly patrol deck areas during silent hours to prevent unauthorised boarding
  2. limiting access points to the ship by identifying those to be closed and providing the means to secure them
  3. undertake a full or partial search of the ship
  4. deterring waterside access to the ship, including the provision of boat patrols
  5. establishing a restricted area on the shore-side of the ship
  6. increasing the frequency and effectiveness of searches of people, personal effects, and vehicles being embarked
  7. escorting all visitors on board the ship
  8. providing specific security briefings to all crew on the requirements for increased vigilance, including procedures for reporting suspicious persons, objects or activities.
Monitoring the ship at SL2

In SL2, the frequency and visibility of ship patrols and control of access to restricted areas should be increased to ensure that only authorised persons are given access. SSP should apply additional security measures, which may include:

  1. expanding restricted areas to include areas adjacent to access points
  2. continuous monitoring of surveillance equipment
  3. assigning additional crew to guard and patrol restricted areas.

***

What security measures are required under ISPS Security Level 3?

Security level 3 is activated in exceptional circumstances when the threat of a security incident is imminent. For this reason, SL3 only applies where credible information shows that a security incident is probable. SL3 should only last for the duration of the threat or security incident.

The SSP should list potential security measures to be taken by the ship, in cooperation with the port. These may include:

  1. limit access to a single controlled access point
  2. grant access only to those persons responding to the security threat
  3. close supervision of non-crew persons on board
  4. suspension of embarkation or disembarkation
  5. suspension of cargo operations
  6. evacuation of the ship if deemed necessary
  7. preparing for a full or partial search of the ship.

***   ***   ***   ***   ***

Thanks for reading this far! Have I covered everything? Is there anything that I have missed? Please comment below.

New content will regularly be added to TheMasterMariner.com, so please subscribe for the latest updates.

One Response to ISPS Code: Responsibilities and security levels

Leave a Reply

Your email address will not be published. Required fields are marked *

Get your free copy of the STWC Question eBook
TheMasterMariner.com
100% Privacy. We don't spam.
The Master Mariner