hzs isps 2006-200710.1 isps 10. security administration

HZS ISPS 2006-2007 10.1

ISPS

10. Security Administration

HZS ISPS 2006-2007 10.2

HZS ISPS 2006-2007 10.3

Security Administration

I. Documentation and records

II. Reporting security breaches

III. Monitoring and control

IV. Security audits and inspections

V. Reporting nonconformities

HZS ISPS 2006-2007 10.4


a) International Ship Security Certificate or Interim International Ship Security Certificate

b) Continuous Synopsis Record

c) Declaration of Security

d) Ship Security plan and associated records

HZS ISPS 2006-2007 10.5

The International Ship Security Certificate shall be The International Ship Security Certificate shall be drawn up in a form corresponding to the model given drawn up in a form corresponding to the model given in the appendix to this code. If the language used is in the appendix to this code. If the language used is not English, French or Spanish, the text shall include not English, French or Spanish, the text shall include a translation into one of these languages.a translation into one of these languages.


HZS ISPS 2006-2007 10.6

HZS ISPS 2006-2007 10.7SSP Shall be developed taking into account the guidance given in part B of the Code (A/9.4)

SSA : Ship Security Assessment

SSP : Ship Security Plan

ISSC : International Ship Security Certificate

How to obtain the ISSC….How to obtain the ISSC….

C

S

O

HZS ISPS 2006-2007 10.8

HZS ISPS 2006-2007 10.9

Initial VerificationInitial Verification

- Before the ship is put in service or Before the ship is put in service or - Before the ISS Certificate is issued for the first time. Before the ISS Certificate is issued for the first time. - Include a complete verification of its security system Include a complete verification of its security system - This verification shall ensure that the security system fully This verification shall ensure that the security system fully complies complies

with the SOLAS Chap XI-2, Part A and the approved SSPwith the SOLAS Chap XI-2, Part A and the approved SSP- The security system must be fit for the service for which the The security system must be fit for the service for which the ship is ship is

intended.intended.

An International Ship Security Certificate shall be An International Ship Security Certificate shall be issued after the initial or renewal verification in issued after the initial or renewal verification in accordance with the provisions of Section 19.1accordance with the provisions of Section 19.1

After initial verification, no changes shall be made in the security system or the approved SSP without the sanction of the Flag Administration

HZS ISPS 2006-2007 10.10

HZS ISPS 2006-2007 10.11

Intermediate VerificationIntermediate Verification- At least ONE intermediate verificationAt least ONE intermediate verification- If one verification If one verification between the 2nd and 3rd anniversary between the 2nd and 3rd anniversary date of the certificate as defined. date of the certificate as defined. - Intermediate verification include inspection of the security Intermediate verification include inspection of the security system to ensure that it remains satisfactorysystem to ensure that it remains satisfactory- Intermediate verification shall be endorsed on the certificateIntermediate verification shall be endorsed on the certificate

Additional VerificationsAdditional Verifications

As determined by the Administration.As determined by the Administration.

HZS ISPS 2006-2007 10.12

HZS ISPS 2006-2007 Page 24 para 19.1.1.3&4 ISPS Code 2003 Edition

Who Can Do It ?Who Can Do It ?

The ISSC shall be issued or endorsed by:The ISSC shall be issued or endorsed by:

- The Flag Administration or The Flag Administration or

- By a recognised security organisation (RSO’s) acting By a recognised security organisation (RSO’s) acting

on behalf of the Administrationon behalf of the Administration

- Another Contracting Government (at request of Flag Another Contracting Government (at request of Flag

Administration)Administration)

- Copy of Certificate and copy of verification report to - Copy of Certificate and copy of verification report to transmit ASAP to the requesting Administration.transmit ASAP to the requesting Administration.


HZS ISPS 2006-2007 10.14

Renewal VerificationRenewal Verification

-Renewal verification at intervals specified by the Renewal verification at intervals specified by the Administration, but not exceeding five years, except where Administration, but not exceeding five years, except where Section 19.3 is applicable. Section 19.3 is applicable. -Verification shall ensure that the security system fully Verification shall ensure that the security system fully complies with ISPS Code (Chap X1-2, Part A) and the complies with ISPS Code (Chap X1-2, Part A) and the approved SSPapproved SSP-Security system shall be in satisfactory condition and fit for Security system shall be in satisfactory condition and fit for the servicethe service

HZS ISPS 2006-2007 Page 27, para 19.4, ISPS Code 2003 Edition

Interim ISSCs may be issued for:• A ship without a Certificate, on delivery or prior to its

entry or re-entry into service• Transfer of a ship from the flag of a Contracting

Government to the flag of another Contracting Government

• Transfer of a ship to the flag of a Contracting Government from a State which is not a Contracting Government; or

• A Company assuming the responsibility for the operation of a ship not previously operated by that Company.


HZS ISPS 2006-2007 10.16

HZS ISPS 2006-2007 Page 28 Para 19.4.2 ISPS Code 2003 Edition

Interim CertificationAn Interim ISSC shall only be issued when the

Administration or RSO acting on its behalf has verified that:

• The SSA required by the ISPS Code has been completed• A copy of the SSP is provided on board, has been submitted for

review and approval and is being implemented on the ship• The ship is provided with a SSA system• The CSO has carried out his duties under the ISPS Code• Arrangements have been made for carrying out the required

verifications• The Master, SSO and crew are familiar with their security

duties, the provisions of the SSP and that this has been provided in the working language of the ship or a language understood by them

• The SSO meets the requirements of the ISPS Code.

HZS ISPS 2006-2007 Page 28 para 19.4.3 & 4 ISPS Code 2003 Edition

Interim ISSC

• The Interim ISSC may be issued by the Administration or an RSO

• An Interim ISSC shall be valid for 6 months.

HZS ISPS 2006-2007 10.19

ISSC Validity PeriodsISSC Validity Periods

Years:1 2 3 4 5

Validity of an ISSC

Initial Intermediate Renewal

6 months 6 months 3 months

HZS ISPS 2006-2007 Page 24 para 19.1.1.2 ISPS Code 2003 Edition

INVALDATION of ISPS CertificateINVALDATION of ISPS Certificate

If the relevant verifications are not completed within the If the relevant verifications are not completed within the periods specified under Section 19.1.1periods specified under Section 19.1.1

If the Certificate is not endorsed in accordance with If the Certificate is not endorsed in accordance with Section 19.1.1.3 and 19.3.7.1, if applicableSection 19.1.1.3 and 19.3.7.1, if applicable

When a Company assumes the responsibility for the When a Company assumes the responsibility for the operation of a ship not previously operated by that operation of a ship not previously operated by that Company; andCompany; and

Upon transfer of the ship to the flag of another State.Upon transfer of the ship to the flag of another State.

HZS ISPS 2006-2007 10.21






HZS ISPS 2006-2007 10.22

HZS ISPS 2006-2007 10.23

Continuous Synopsis Record

– CSR = history of the shipCSR = history of the ship– Issued by : Flag AdministrationIssued by : Flag Administration– Content : see formContent : see form– Stay always with the ship and shall be available for Stay always with the ship and shall be available for

inspection at all times inspection at all times – In case of changes : CSO or Master to amend CSR, In case of changes : CSO or Master to amend CSR,

advising Flag State ; Administration to issue amended advising Flag State ; Administration to issue amended record max 3 mths after date of changerecord max 3 mths after date of change

– In case of transfer to another flag state, flag state to In case of transfer to another flag state, flag state to send copy of previous CSR to new flag administration, send copy of previous CSR to new flag administration, CSR to be amended.CSR to be amended.

HZS ISPS 2006-2007 10.24






HZS ISPS 2006-2007 10.25






HZS ISPS 2006-2007 10.26

AimAim

• The main purpose of a DoS is to ensure The main purpose of a DoS is to ensure agreement is reached between the ship agreement is reached between the ship and the port facility or with other ships and the port facility or with other ships with which it interfaces, to confirm the with which it interfaces, to confirm the security measures each will undertake security measures each will undertake in accordance with the provisions of in accordance with the provisions of their respective approved security their respective approved security plans.plans.

• ISPS Code Part B, par. 5.4, page 55ISPS Code Part B, par. 5.4, page 55

HZS ISPS 2006-2007 10.27

Consulting ProcessConsulting Process

• The request for a DoS requires The request for a DoS requires consultation between the Port Facility consultation between the Port Facility Security Officer (PFSO) and the Ship Security Officer (PFSO) and the Ship Security Officer (SSO)Security Officer (SSO)

• The agreed DoS should be signed and The agreed DoS should be signed and dated by both the port facility and the ship, dated by both the port facility and the ship, to indicate compliance with the code. to indicate compliance with the code.

HZS ISPS 2006-2007 10.28

Declaration of SecurityDeclaration of Security

• A DOS is a document that should be A DOS is a document that should be completed when :completed when :

–The Administration of the port The Administration of the port facility deems it necessaryfacility deems it necessary

OrOr

–A ship deems it necessary.A ship deems it necessary.

HZS ISPS 2006-2007 10.29

Reasons to complete a DOSReasons to complete a DOS

• Contracting Governments shall determine Contracting Governments shall determine when a Declaration of Security is required when a Declaration of Security is required by assessing the risk the ship/port interface by assessing the risk the ship/port interface or ship-to-ship activity poses to persons, or ship-to-ship activity poses to persons, property or the environment.property or the environment.

• A ship can request completion of a A ship can request completion of a Declaration of Security when:Declaration of Security when:

1.1. The ship is operating at a higher security The ship is operating at a higher security level than the port facility or another ship it level than the port facility or another ship it is interfacing with;is interfacing with;

HZS ISPS 2006-2007 10.30

2.2. there is an agreement on a Declaration of there is an agreement on a Declaration of Security between Contracting Governments Security between Contracting Governments covering certain international voyages or covering certain international voyages or specific ships on those voyages;specific ships on those voyages;

3.3. there has been a security threat or a there has been a security threat or a security incident involving the ship or security incident involving the ship or involving the port facility, as applicable;involving the port facility, as applicable;

4.4. the ship is at a port which is not required to the ship is at a port which is not required to have and implement an approved port have and implement an approved port facility security plan; orfacility security plan; or

5.5. the ship is conducting ship-to-ship activities the ship is conducting ship-to-ship activities with another ship not required to have and with another ship not required to have and implement an approved ship security planimplement an approved ship security plan

HZS ISPS 2006-2007 10.31

Important Points to NoteImportant Points to Note• A DoS can be requested at Marsec 2 or 3A DoS can be requested at Marsec 2 or 3• Where there is considered to be a higher risk Where there is considered to be a higher risk

for reasons specific to that vessel, it’s cargo, for reasons specific to that vessel, it’s cargo, passengers or the circumstances at the port passengers or the circumstances at the port facility or any combination of the abovefacility or any combination of the above

• A change in the security level may require a A change in the security level may require a new or revised DoSnew or revised DoS

• The DoS should be completed in English, The DoS should be completed in English, French or Spanish, or in a language common French or Spanish, or in a language common to both port facility and ship(s).to both port facility and ship(s).

HZS ISPS 2006-2007 10.32

Form of a DoSForm of a DoS

• Name of the shipName of the ship

• Port of RegistryPort of Registry

• IMO NumberIMO Number

• Name of the Port FacilityName of the Port Facility

• Date the DoS is valid from/toDate the DoS is valid from/to

• Security level for the shipSecurity level for the ship

• Security level for the port facility.Security level for the port facility.

HZS ISPS 2006-2007 10.33

HZS ISPS 2006-2007 10.34

SignatoriesSignatories

• PFSO & SSO initial the columns on the DoSPFSO & SSO initial the columns on the DoS• PFSO & the Master or SSO sign the DoSPFSO & the Master or SSO sign the DoS• The name and appointment/title of the The name and appointment/title of the

persons who signed is addedpersons who signed is added• Contact details of the PFSO, Master and SSO Contact details of the PFSO, Master and SSO

are added (indicating telephone numbers or are added (indicating telephone numbers or radio channels or frequencies to be used).radio channels or frequencies to be used).

HZS ISPS 2006-2007 10.35

HZS ISPS 2006-2007 10.36






HZS ISPS 2006-2007 10.37

Training, drills and exercisesTraining, drills and exercises Security threats and security incidentsSecurity threats and security incidents Breaches of securityBreaches of security Changes in security levelChanges in security level Communications relating to the direct security of Communications relating to the direct security of

the ship such as specific threats to the ship or to the ship such as specific threats to the ship or to port facilities the ship is in or has been toport facilities the ship is in or has been to

Internal audits and review of security activitiesInternal audits and review of security activities

Records of actions defined in SSP:Records of actions defined in SSP: Activities for records shall be kept on board : Activities for records shall be kept on board :

HZS ISPS 2006-2007 10.38

Records of actions defined in SSP:Records of actions defined in SSP:

Activities for records shall be kept on board : Activities for records shall be kept on board :

Periodic review of the Ship Security AssessmentPeriodic review of the Ship Security Assessment Periodic review of the Ship Security PlanPeriodic review of the Ship Security Plan Implementation of any amendments to the planImplementation of any amendments to the plan Maintenance, calibration and testing of security Maintenance, calibration and testing of security

equipment, if any, including testing of theequipment, if any, including testing of the ship ship security alert systemsecurity alert system

Measures taken whilst visiting a port facility Measures taken whilst visiting a port facility located in the territory of a State which is not a located in the territory of a State which is not a Contracting Government e.g. DOS.Contracting Government e.g. DOS.

HZS ISPS 2006-2007 10.39







HZS ISPS 2006-2007 10.40


• When a security incident occurred, the SSO shall report the incident to :

– the Flag Administration– the Contracting Government of the Port Facility where the ship

is calling at (through PFSO or similar) and– the CSO

• The Master & SSO shall use the “security incident report” form• These records must be kept on board for the minimum period

specified by the Administration

HZS ISPS 2006-2007 10.41

““Security Incident Report” form 1/2Security Incident Report” form 1/2

HZS ISPS 2006-2007 10.42

““Security Incident Report” form 2/2Security Incident Report” form 2/2

HZS ISPS 2006-2007 10.43







HZS ISPS 2006-2007 10.44

Assessment of Continuing Assessment of Continuing Effectiveness of the SSPEffectiveness of the SSP

• The SSP establishes HOW the CSO and the SSO intend to audit the continued effectiveness of the SSP and the procedure to be followed to REVIEW, UPDATE or AMEND the SSP.

• The assessment of the continuing effectiveness of the SSP includes :

– The security inspection

– The review of the SSP

– The internal audit

HZS ISPS 2006-2007 10.45


• When ship is fitted with the security or monitoring equipment, the SSO shall inspect them once every month and RECORD the results.

• Inspection methods shall follow the makers’ instructions (A/12.2.1)

• The Security Inspection

HZS ISPS 2006-2007 10.46


• The master and SSO shall review the SSP at least once a year

• Normally this review should be made at the same time when SMS is reviewed

• The result shall be reported to the CSO (A/9.4.11, B/9.2.6, B/9.53) (A/9.4.11, B/9.2.6, B/9.53)

• The Review of SSP

HZS ISPS 2006-2007 10.47


• The CSO has responsibility to conduct an internal audit of the ship at least once a year

• Normally this audit should be made at the same time when SMS audit is conducted

• Personnel to conduct the internal audit should not be the crew of the ship

• A copy of record of internal audit should be placed on board the ship

(A/9.4.8, B/9.2.6, B/9.53)

• The Internal Audit

HZS ISPS 2006-2007 10.48







HZS ISPS 2006-2007 10.49


• The audit, inspection, and periodic review process required by the ISPS Code naturally calls for a means of identifying, communicating and rectifying non-conformities

• Both the SSO and the CSO play key roles in this effort to keep the SSP in an optimum condition

HZS ISPS 2006-2007 10.50

The Security Process

PFSA PFSPPFSO

Contracting GovtDesignated Auth

(RSO)

CSO

SSPSSASSO

ISPS Code &SOLAS Amendments Security

SoCPF

ISSC

DOS


(RSO)


HZS ISPS 2006-2007 10.51

http://images.google.be/imgres?imgurl=http://career.utk.edu/dco/images/question.gif&imgrefurl=http://career.utk.edu/dco/universities/questions.asp&h=297&w=272&sz=18&tbnid=53qhg8lq01wJ:&tbnh=111&tbnw=101&hl=nl&start=136&prev=/images%3Fq%3Dquestions%253F%26start%3D120%26svnum%3D10%26hl%3Dnl%26lr%3D%26sa%3DN

HZS ISPS 2006-2007 10.52

hzs isps 2006-200710.1 isps 10. security administration

Documents

ship security planissc

ship security assessmentssp

verification report

csoinitial verification

complete verification

iss certificate

approved sspsecurity

requesting administration