ISPS Code : Regulations, Requirements, Responsibilities and Elements

Nowadays terrorism is a major issue throughout the world. The word terrorism has its own sense. But the same is happening in water when you are in the deep sea with few of your crew member without any weapons, the scenario is really dangerous. Imaging the scenario itself gives you a lot of fear, then you think about the reality, people are going to face. To deal with such a scenario, to avoid such type of situation, and to control International Maritime Organization (IMO) had set up ISPS Code i.e. International Ship and Port Security Facility Code. The ISPS Code come into force after the terrorist attack of 9 September 2001 at World Trade Centre in United State.


(International Ship and Port Facility Code)

It is an international code by International Maritime Organization (IMO) for Security of ship and of the port facility.  It consists of two-part,

  • PART A (the provisions of which shall be treated as mandatory)
  • PART B ( the provision of which shall be treated as recommendatory)

This code ISPS covered in SOLAS (Safety of Life At Sea) Chapter 11-2,

  • ISPS Code adopted on 12 December 2002
  • And ISPS Code enforced in 1st July 2004

This code consists of total 19 chapter-

  1. General
  2. Definition
  3. Application
  4. Responsibilities of contacting government,
  5. Declaration of security
  6. The obligation of company
  7. Ship security
  8. Ship security assessment
  9. Ship security plan
  10. Record
  11. Company security officer
  12. Ship security officer
  13. Training, drill, and exercise
  14. Port facility security
  15. Port facility security assessment
  16. Port security plan
  17. Port facility security officer
  18. Training, drill, and exercise at the port
  19. Verification and certification of ship

Objective or purpose of the ISPS Code-

  • To set up an international framework involving cooperation between Contracting Governments, Government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade;
  • To set up the respective roles and responsibilities of the Contracting Governments, Government agencies, local administrations and the shipping and port industries, at the national and international level, for ensuring maritime security;
  • To make sure the early and efficient collection and exchange of security-related information;
  • To provide a methodology for security assessments so as to have in place plans and procedures to react to changing security levels.
  • To ensure confidence that adequate and proportionate maritime security measures are in place

Meaning of Terminology Used in this ISPS Code-

  • Convention– Conventions are the mandatory and recommendatory rule and regulations made by International Maritime Organization (IMO). Example SOLAS, MARPOL etc.
  • Code– Code is a part of the convention, when we need to define any regulation of any convention in detail, then we need to define a separate code. Example ISPS Code is part of SOLAS Convention Chapter 11-II.
  • Ship Security Plan (SSP) –It is an approved and authorized document of the plan developed to protect the ship, cargo, life of personal and store carried by sea in case of any security incident.
  • Port Facility Security Plan (PFSP)- It is an approved plan developed to ensure the application of measures designed to protect the port facility and ships persons, cargo, cargo transport units ship’s stores within the port facility from the risks of a security incident.
  • Ship Security Officer (SSO) – A designated and authorized person on board the ship, accountable to the master, designated by the company as responsible for the security of the ship, including implementation and maintenance of the ship security plan, and for liaison with the CSO and PFSO.
  • Company Security Officer (CSO) – Means the person designated by the company for ensuring that a ship security assessment is carried out, that a ship security plan is developed, submitted for approval and thereafter implemented and maintained, and for liaison with the SSO and PFSO.
  • Port Facility Security Officer (PFSO) – A designated and authorizes officer at port responsible for the development, implementation, revision, and maintenance of the port facility security plan and for liaison with the SSO and CSO.
  • Administration– Means Flag State or RSO (Recognized Security Organization)

Security levels of ISPS

  • Security Level 1 – Means the level for which minimum appropriate protective measures shall be maintained at all times.  The measure taking in this are following-
    • Adequate deck and over side lighting
    • The crew member should be issued photo identification
    • Access on and off the vessel should be controlled and all personal identity.
    • Access to the certain area of the vessel to be limited to key control.
    • Unused room or space should be kept the lock.
    • Periodic ISPS patrol should be made at regular interval.
  • Security Level 2 Means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of heightened risk of a security incident. The measure taking in this are following-
    • Occasional search should be made at random interval.
    • Access to all visitors to the vessel should be strictly controlled.
    • Close security to be paid on deliveries and stores
    • Baggage should not be unattended.
    • The check should make on the seal on the container and other cargo.
    • No person other than crew member should be allowed on bridge and engine room.
    • Maintain close liaison with shore concerned.
    • All crew members should be reminded of bomb alert security of the vessel.
  • Security Level 3 – Means the level for which further specific protective security measures shall be maintained for a limited period of time when a security incident is probable or imminent. Although it may not be possible to identify the specific target. The measure taking in this are following-
    • All operation should be stopped
    • Gangway should be onboard
    • Suspending all store delivery
    • Very tight security
    • Increase frequency of security patrol
    • Keep in contact with port authority and company
    • The crew member should be briefed

Who will Decide the Security Levels Onboard

When the ship is at open sea, the Security level is set by the flag state of the vessel through CSO (Company Security Officer). CSO inform the same message from the flag state to the applicable ships to change the security level. Onboard ship same is acknowledged by the SSO (Ship Security Officer) insured that same is applied. At port security level is decided by port security officer and vessel need to have same security level as the port. Before arrival or at entering into port limit security information and level to be exchanged and the ship should comply with the port security level. If the security level of the port is higher than the ship, the ship must increase the security level to same as per the port.

Note– At the port may be, the port can call to increase or decrease of security level as per the situation. Same has to be informed to CSO of company and SSO of the vessel.

Declaration of Security (DOS)

This is a declaration of security between two parties, it may be ship to ship or ship to port. This is a requirement of flag state so that we can reach to another in case of security matter to avoid all security problem. So let’s discuss the condition when we need to declare security-

  • When the ship is maintaining a higher security level than the port call.
  • When the ship is maintaining higher security level than other ship which is within the operation.
  • And with all other ship and port those not having Ship security plan or port security plan that means when they are not complying with ISPS Code.

Ship Security plan-

It is a plan made by the company to ensure the security-related incidents. The ship security plan must be approved by the flag state of the vessel or recognized security organization on behalf of the flag state.

The ship security plan is deal by ISPS Code Part A/9.4, which address the following things-

  • The identification of restricted area on ship and measures to prevent access to restricted areas such as Bridge, CCR, ECR etc.
  • Procedure to report any type of security-related incidents during the voyage, at anchor or at the port.
  • Provides measures to prevent unauthorized access to the vessel in any case.
  • SSAS (Ship Security Alert System) location, testing and operating procedure to avoid or deal with the security incident.
  • Security duties of shipboard personnel.
  • Measures to prevent weapons, dangerous substances on board the ship.
  • Procedures followed in case of security threats.
  • Security drills and exercises.
  • Security equipment onboard and its maintenance procedure.
  • Ship security officer and company security officer with their contact details.

Ship security plan is to be kept in the locker under the guidance of ship security officer. If not then, it will be a matter of non-conformity during PSC inspection or ISPS audit.

Company Security Officer (CSO)

ISPS code also requires a company security officer (CSO) appointed a person to deal with security-related matters. The duties of CSO are-

  • Responsible for ship security assessment onboard.
  • To confirm the development and efficient implementation of ship security plan
  • Responsible to deal with all non-conformities of SSP and modification of the same

In event of any security beach Master or SSO of the vessel has to inform CSO and to deal as per SSP and instruction of CSO.

Ship Security Officer (SSO)

One other important requirement of ISPS Code that company should appoint a crew member of the vessel as a ship security officer to deal with security-related matters. The duties of SSO is-

  • Responsible for maintaining security as per SSP and to ensure that all crew are also following the same
  • To efficient implementation and maintenance of all the elements of the ship security plan
  • To carry out security drill and briefing of the same.

Let me clear one more common doubt that it is not mandatory that Chief Officer will be the Ship Security Officer. As per company policy, any officer may appoint as SSO. It may be Master, Chief Engineer or Chief Officer.

Security Drill and Exercise

The aim and objective of security drill and exercises are to determine whether shipboard crew are proficient in all assigned security duties at all Security levels while identifying any security-related deficiencies, which need to be addressed as in different situation at the port or at sea.

These drill and exercise are confidential not to show any party or other for any witness except authorized flag state or company official.

These drills may include-

  • Bomb search drill
  • Change in security level
  • Stowaway search
  • Ship search drill

The main purpose of this drill is to check the effectiveness of ISPS Code and make ready for all shipboard personnel to deal with all security-related incidents.

Verification and Documentation Onboard

All ship of 500 Grt or more has to comply with ISPS Code. If the ship is complying with ISPS Code, she should carry International Ship Security Certificate valid for 5 years. Initially, at the new ship or in case any change of flag for complying with ISPS Code administration gives Interim ISSC having the validity of 6 months. And within 6 months after implementation of SSP (Ship Security Plan), an audit of ISPS is carried by the administration. If ship found following SSP successfully that means ship personnel is aware of their duties, All Security equipment is available on board and SSO having knowledge and responsibility as per ISPS Code. Then ISSC (International Ship Security Certificate) will be issued by administration and same is renewed every five years after the successful audit of ISPS.

All crew of the vessel should carry STSDSD or SSO certificate as per rank requirement to ensure and complying ISPS Code.

To ensure compliance with ISPS Code and as a part of company’s/owner’s commitment towards the security of vessel/MODU, a vessel may be subjected to annual internal/external ISPS audit which as part of normal shipping practice is covered alongside annual ISM audit. The report of the audit is kept onboard in original for external inspection.

Ship Security Alert System (SSAS)

One important requirement of ISPS Code that every vessel complying ISPS Code must have ship security alert system. It has two buttons in which one at the bridge and another may be at some different place, it may be the master cabin, SSO cabin or CEO cabin as per SSP.

What Happens when we activate or press SSAS button?

  • It will not raise any ship alarm.
  • It will send information i.e. alert to flag state and CSO only. Be sure that it will not send any message or alert to any other vessel.
  • It will send the alert message until it is deactivated or reset.

This SSAS should be tested annually as per test procedure mentioned in Ship Security Plan (SSP).

How Ship Security Alert System Works?

When we press the button the SSAS beacon is activated and respond through satellite COSPAS-SARSAT. The alert will be sent to flag state and CSO who respond by sending nearby an appropriate law-enforcement or military forces for the rescue operation.


Feature Image Credit-

If you liked it, please share.

Abhay Kumar

He is working as engineer in Shipping Corporation Of India, member of Nielsons Educational Forum. He is alumni of Marine Engineering & Research Institute(MERI) Mumbai. He loves driving and writing blog in his free time. Specialty : Tanker ship

Leave a Reply