ISPS CodeINTRODUCTION AND AWARENESSPRESENT BYLT RMN (R) ISMAIL BIN YAHYAKLIH, Kuala Lumpur 7th August 2008

To introduce ISPS Code and to create an awareness amongst the participants on ISPS Code, its requirements and their responsibility under the code.Course Objective

INTRODUCTIONISPS CODE OBJECTIVESMARITIME SECURITY DEVELOPMENTISPS CODE IMPLEMENTATIONSECURITY LEVELSTHE SECURITY PLANDECLARATION OF SECURITY (DoS)DRILLS & EXERCISESTHE IMPLICATIONCourse Content

INTRODUCTION

What is ISPS?IntroductionInternational Ship and Port Facility Security Code

CODE OBJECTIVE

Code ObjectiveTo establish an international framework involving co-operation between Contracting Governments, Government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade;To establish the respective roles and responsibilities of Contracting Governments, Government Agencies, local administrations and the shipping and port industries, at the national and international levels, for ensuring maritime security;

Code ObjectiveTo ensure the early and efficient collection and exchange of security-related information; To provide a methodology for security assessment so as to have in place plans and procedures to react to changing security levels; and To ensure that confidence, adequate and proportionate maritime security measures are in place.

MARITIME SECURITYDEVELOPMENT

INTERNATIONAL SHIP & PORT FACILITY SECURITY CODEPre 9/11 Assessment :

Maritime security threats such as cargo theft, illegal drug trafficking, stowaways, piracy and terrorism existed long before 9/11MARITIME SECURITY DEVELOPMENT

ship, cruise, ferry or tourist vessel, seen as possible target of attack or hijack.ship used for gun running or to carry other equipment and personnel.ship used in trade to help finance terrorist activitiesINTERNATIONAL SHIP & PORT FACILITY SECURITY CODEMARITIME SECURITY DEVELOPMENTPre 9/11 Assessment :

MARITIME SECURITY DEVELOPMENT=1985=Hijacking of the Achille Lauro in 1985 First mention of security in any IMO treaty, convention or resolution.

MSC Circular 443 (1986)

The focus of MSC advice in Circular 443 (IMO Resolution A.584(14)) was on cruise ships and the ports they used. It included:a Designated Authority was to be appointed within the Government, responsible for cruise ship and cruise port security;appointment of an Operator Security Officer;appointment of a Ship Security Officer for each cruise ship;MARITIME SECURITY DEVELOPMENT

SUA CONVENTION

Based on aviation (ICAO) practice, SUA seeks to ensure that appropriate judicial action is taken against persons committing unlawful acts against ships. It requires Contracting Governments either to extradite or prosecute alleged offenders.

MARITIME SECURITY DEVELOPMENT

1996 IMO issued IMO Circular 754 entitled "Passenger Ferry Security. It advised additional application of the principles in 443 to international passenger ferry services.1997 IMO Resolution A.872(20). It introduced guidelines for the prevention and suppression of the smuggling of drugs, psychotropic substances and precursor chemicals on ships engaged in international maritime traffic.1997 IMO Resolution A.871(20). It introduced guidelines on the allocation of responsibilities to seek the successful resolution of stowaway cases.MARITIME SECURITY DEVELOPMENT

1997 Piracy and Armed Robbery

MSC (IMO) also developed guidance on preventing piracy and armed robbery against ships (now MSC/Circ.623/Rev3) and parallel guidance to Contracting Governments (now MSC/Circ.622/Rev1).MARITIME SECURITY DEVELOPMENT

SEVERAL TERRORIST ACT AGAINST THE MARITIME INDUSTRIES

USS COLE October 12, 2000 Bombed by terrorists in the Gulf of Aden 17 US crewmen died, 38 others injured MARITIME SECURITY DEVELOPMENT

French Super Tanker, LIMBURG 06 Oct.2002Sabotaged by terrorist in YemenLIMBURGMARITIME SECURITY DEVELOPMENT

11 SEP 2001 INCIDENT LED TO DEMANDS FOR ENHANCED MARITIME SECURITYMARITIME SECURITY DEVELOPMENTWorld Trade Centre11 September 2001

MARITIME SECURITY DEVELOPMENTISPS TIMELINEMSC Nov. 2001MSC Mar. 2002MSC Sep. 2002ISWG Feb. 2002ISWG Sep. 2002Diplomatic Conference Dec. 2002Extraordinary session following Sep 11 disaster, IMO agree to develop measures relating to security of ships and port facilities1st meeting of the MSC Intercessional working group on maritime securityAd hoc working group established to develop proposal by the ISWG Further development of proposalsFinal version of proposed texts considered and agreedAdoption of amendments to SOLAS which includes AIS acceleration, ships ID number, CSR and the ISPS Code.

MARITIME SECURITY DEVELOPMENTMARINE DEPARTMENT DIRECTIVE

Dec 2002, ISPS introducedJuly 2003, Malaysia adopted ISPSJuly 2004, Enforcement of ISPS Code worldwide MARITIME SECURITY DEVELOPMENT

International Going Passenger Ships Cargo Ships of more then 500 GT Mobile offshore Drilling Units

Port Facility Serving Such Ships on International JourneyCode Applies toMARITIME SECURITY DEVELOPMENT

Primary intent of SOLAS Chapter XI-2 and the ISPS Code is to detect and deter acts of maritime security threatsMARITIME SECURITY DEVELOPMENT

ISPS CODE IMPLEMENTATION

International Maritime Organization (IMO)Contracting Government(Government of Malaysia)Designated Authority(Marine Department)Port Area Security Officer Port Facility Security OfficerFLOW OF RESPONSIBILITYISPS Code Implementation

Contracting Governments To designate an authority through the government mechanism (Ministry of Transport) to be responsible for ensuring the implementation of the provisions in the ISPS Code pertaining to Port Facility security and ship/port interface, from the point of view of the Port Facility.

The Designated Authority (DA) for Peninsular Malaysia is Marine Department Peninsular Malaysia.ISPS Code Implementation

To set Security LevelsTo provide guidance for protection from security incidentsTo issue appropriate instruction and provide security related information when the Security Level is raised to 3Contracting Governments ResponsibilitiesISPS Code Implementation

Designated Authority (DA) Responsibilitiesapproving the Port Facility Security Assessment (PFSA) and subsequent amendments to an approved assessment;

determining the port facilities which will be required to designate a Port Facility Security Officer (PFSO);

approving the Port Facility Security Plan (PFSP) and subsequent amendments to an approved plan;

exercising control and compliance measures;

testing approved plans or its amendments; and

communicating information to the IMO and to the shipping and port industries. ISPS Code Implementation

Port Area Security Officer (PASO)facilitate the development, implementation, review and maintenance of a Port Area Security Plan; and

liaise with PFSO and SSO to facilitate administration and improve communicationAn officer appointed by the Port Administrator / Port Authority to:ISPS Code ImplementationPASO is not in the ISPS Code and is not one of its requirements.

PASO was established by Malaysian DA to perform the above function in a specific area within Malaysia.

The port facilities which have to comply with the requirements of Chapter X1-2 & Part A of this code, are required to designate a PFSO.

The duties, responsibilities & training requirements of these officers & requirements for drills & exercises are defined in Part A of the code.

A PFSO shall be designated for each port facility. A person may be designated as the PFSO for one or more port facilities. Port Facility Security Officer (PFSO)ISPS Code Implementation

PFSO ResponsibilitiesConduct initial security survey of the port facility taking into account the relevant PFSA; Develop, maintain, implement and exercising the PFSP; Undertake security inspections of the port facility and to ensure the continuation of appropriate security measures; Recommend and incorporate changes to improve the PFSP;Enhancing security awareness to the port facility personnel; Ensure adequate training for the port facility security personnel;Relay relevant information an coordinate the PFSP implementation with the relevant parties; andEnsure security equipment is readily available. ISPS Code Implementation

Security PersonnelThey should know :The current security threats and patterns; How to recognise and detect weapons, dangerous weapon and devices; Techniques used to implement security measures; Crowd control techniques;Security-related communications; How to operate, test, maintain and calibrate security equipment and systems;How to conduct inspection, control and monitoring; andHow to conduct physical searches of persons, personnel effects, baggage, cargo and ships stores. ISPS Code Implementation

Other Port Facility PersonnelThey should know :Meaning and the consequential requirement of the different Security Level; How to recognise and detect weapons, dangerous weapon and devices; How to recognise the character and behavioural patterns of persons who are likely to threaten the security; Techniques used to implement security measures; ISPS Code Implementation

Security Levels

SOLAS Ch XI-2 REGULATION 1.14Security level means the qualification of the degree of risk that a security incident will be attempted or will occur Security LevelsSecurity Level

A Port Facility is required to act upon the Security Levels set by Contracting Government within whose territory it is located.

Security measures and procedures shall be applied in such a manner as to cause a minimum of interference with, or delay to, the ship, ships personnel , ships visitors, good and services.

The Port Facility Security Plan (PFSP) shall make provisions for three Security Levels, as defined in the Part A of code.Security Level

Ships and Port Facilities will have three (3) security levelsPort and Ship security Levels 1, 2 & 3Additional Security measures requiredSecurity Level 1(Low)Security Level 2(Medium)Security Level 3(High)A dynamic process where the security level (1-3) is set by the Contracting GovernmentSecurity Level

Setting Security LevelSetting of the Security Level at any particular time, is the responsibility of Contracting Government and can apply to ships and port facility. Changes of the Security Level will be announced to the ships or port facility through its specified channels.Security Level

Factors to be considered in setting the appropriate security level include:-The degree that the threat information is credibleThe degree that the threat information is corroborated The degree that the threat information is specific or imminent.The potential consequences of such a security incident.Security Level

The level for which minimum appropriate protective security measures shall be maintained at all timesSecurity Level OneSecurity Level TwoThe level for which appropriate additional protective security measures shall be maintained for as long as there is a heightened risk of a security incidentSecurity Level ThreeThe level for which further specific protective measures shall be maintained for a period of time when a security incident is probable or imminent, although it may not be possible to identify a specific targetSecurity Level

Security Level

THE PLAN(PFSP)

Statement of ComplianceSecurity Plan

SECURITY ASSESSMENTPORT FACILITY SECURITY ASSESSMENTAPPROVAL BYTHE DAPORT FACILITY SECURITY PLANAPPROVAL BYTHE DAIMPLEMENTATION OF PORT FACILITY SECURITY PLANPFSP VERIFICATION BY THE DASTATEMENT OF COMPLIANCERESULTIMPLEMENTATION OF PFSPYESYESPFSP AMENDMENTRELEVANTNONONEED CHANGESMAJOR CHANGESREVIEW, AUDIT PFSP FLOW CHARTSecurity Plan

identifies vulnerabilities that may lead to a security breach and may suggest options to eliminate or mitigate those vulnerabilities;

is an essential and integral part of the process of developing a Port Facility Security Plan, andhas to be submitted to, and approved by, the Designated Authority of the Contracting Government. A Port Facility Security Assessment :Port Facility Security AssessmentSecurity Plan

Port Facility Security Assessment includes :Port Facility Security Assessmentthe identification of assets and infrastructures it is important to protect;

the identification of vulnerabilities, including human factors, infrastructure, policies and procedures;Security Plan

the identification of possible threats, their likelihood of occurring and their consequences, in order to determine and prioritize security measures, and

the identification of security measures that could reduce vulnerability.

Port Facility Security Assessment includes :Port Facility Security AssessmentSecurity Plan

Port Facility Security Plan The Port Facility Security Plan is prepared on the basis of the approved Port Facility Security Assessment and should include security measures and procedures for the 3 Security Levels.The plan is designed to ensure the application of measures to protect the port facility and ships, persons, cargo, cargo transport units and ship's stores within the port facility from the risks of a security incident. Security Plan

Port Facility Security Plan Security measures should include :Prevention of weapons, explosives etc being brought into the port facility and on board ship;Prevention of unauthorized access to the port facility, ships or restricted areas;Ensuring the security of the Plan itself, andEnsuring the security of cargo and cargo handling equipment within the port facility.Security Plan

Port Facility Security Plan Security procedures should include procedures:

to respond to security threats or breaches;to respond to instructions given at Security Level 3;for evacuation in the event of security threats or breaches;for the security interface with ships;for the reporting of security incidents;to respond to the activation of a Ship Security Alert System, andto facilitate shore leave for ships personnel.Security Plan

MAINTENANCE AND MODIFICATION OF PFSPThe PFSP is intended to address security measures for each of the 3 Security Levels, but on further inspection it can be seen that the PFSP is a living document and will require modification over time in maintaining its effectiveness and contributing to positive modifications of the plan over time. Security Plan

DECLARATION OF SECURITY(DoS)

The DoS is an agreement between the ship and the port facility or with other ships with which it interfaces as to details the respective security measures of which each party will undertake in accordance with the provisions of their respective approved security plans. Declaration of Security (DoS)

The DoS shall address the security requirements that could be shared between a port facility and a ship (or between ships) and shall state the responsibility for each. Declaration of Security (DoS)

Example of DoSDeclaration of Security (DoS)

SECURITY DRILL & EXERCISE

TO ENCOURAGE ALERTNESS AND AWARENESS OF THE SECURITY OF THE PORT FACILITY

TO ENSURE THAT PORT FACILITY PERSONNEL ARE PROFICIENT IN ALL ASSIGNED SECURITY DUTIES AT ALL SECURITY LEVEL

TO IDENTIFY ANY SECURITY RELATED DEFICIENCIES WHICH NEED TO BE ADDRESS

TO ENSURE EFFECTIVE IMPLEMENTATION OF THE PROVISION OF THE PORT FACILITY SECURITY PLAN

SECURITY DRILL & EXERCISESecurity Drill & Exercise

DRILL SHOULD BE CONDUCTED AT LEAST EVERY THREE MONTH

EXERCISE SHOULD BE CARRIED OUT AT LEAST ONCE EACH CALENDER YEAR WITH NO MORE THAN 18 MONTHS BETWEEN THE EXERCISES

SECURITY DRILL & EXERCISESecurity Drill & Exercise

To ensure that port facility personnel are proficient in all assigned security duties, at all security levels and to identify any security- related deficiencies which need to be addressed. ObjectivesSecurity Drill & Exercise

The IMPLICATION

IMO does not state that complying with the ISPS Code as a mandatory requirement.

Malaysian government through its Designated Authority (Peninsular Malaysia Marine Department) has advised the shipping companies and port facilities to comply with the Code.

Failing to comply with the Code, the port facility may result ships not calling at the port facility; while the ships may be denied access by the port or being detained or subject to additional inspections.

The non-compliance port facility may lost their business when the ships refuse to call at their port; while the ship may incur undue delay and may even spending higher cost expensesNON-COMPLIANCEThe IMPLICATION

The non-conformance port facility is as bad as non-compliance port.

SoCPF will be revoked and the name of the port will be updated in the IMO website.

The port facility may have to spend extra expenses in order to reassess the port facility and to redevelop the Security Plan.

NON-ConformanceThe IMPLICATION

ANY FURTHERQUESTION?