200 likes | 432 Views
IMO ISPS Code Security Assessments and Plans. APEC Capacity Building Transport Security Division DOTARS. Discussion. ISPS Code requirements Risk management standards - 4360 Port facility and ship security assessments Port facility and ship security plans
E N D
IMO ISPS CodeSecurity Assessments and Plans APEC Capacity Building Transport Security Division DOTARS
Discussion • ISPS Code requirements • Risk management standards - 4360 • Port facility and ship security assessments • Port facility and ship security plans • Model Security plans - common themes • Relevant skills and experience.
ISPS Code • IMO requirements for security assessments and plans apply to: • passenger ships, including high speed craft; • cargo ships of 500 gross tonnes - upwards; • mobile off-shore drilling units (MODU’s) on international voyages; and • port facilities serving such vessels engaged oninternational voyages.
Some Key Challenges • Tight timeframes for IMO compliance by 1 July 2004 • Significant numbers of security assessments and plans to be reviewed and approved. Approved security assessments and plans will need to be in place by 30 June 2004.
INTELLIGENCE INPUTS NATIONAL RISK CONTEXT STATEMENT Guidance material 4360 Port, Port Facility and Ship Security Assessments Model Plans Port, Port Facility and Ship Security Plans DOTARS Maritime Risk Assessment Model IMO REQUIREMENTS
Security Assessment Principles • Security assessments provide a solid risk based approach to the implementation of preventive security planning measures to counter terrorism. • Senior management requires information on security risks in order to make well informed decisions regarding preventive security measures.
AS/NZS 4360:1999 – Risk Management Standard • Security assessments should be conducted using a recognised risk management standard, such as AS/NZS 4360:1999 or US Coast Guard guidance materials. • DOTARS encourages stakeholders to prepare security assessments in accordance with the 4360 standard.
Steps in the 4360 Risk Assessment Process • Establish the context • Identify risks - what can happen and how can it happen? • Analyse risks - determine likelihood and consequences • Evaluate Risks–set risk priorities • Treat Risks
Port Facility Security Assessments • Security assessment requirements apply to all facilities servicing SOLAS cargo and passenger ships on international voyages. • Port facility security officers will ensure that security assessments are conducted.
Port Facility Security Assessments • PFSAs shall include, at least, the following elements: • Identification and evaluation of important assets and infrastructure; • Identification of possible threats and their likelihood of occurrence; • Identification, selection and prioritisation of counter measures and procedural changes;and • Identification of weaknesses, including human factors, in infrastructure, policies and practices. ISPS Code Part A, Section 15.5
Ship Security Assessments • Ship owners or operators of SOLAS Cargo and passengers ships are required to complete ship security assessments. • Company ship security officers will be expected to ensure that ship security assessmentsare carried out.
Ship Security Assessments • Assessments should include on-scene security surveys and identify and evaluate key ship board operations. • It would also be expected that ship security assessments consider trading routes when identifying security risks.
Security Assessment Reports • Port facility and ship security assessment reports will be required to be submitted to Contracting Governments for consideration of approval. • The results of security assessments should form the basis of preventive security planning - clear linkage to security plans.
Tailor Security Plan Coverage • Multiple plans • Separate plans for each port area • Single plan • Used were there are common controls • Annexes used where differences occur • Describe the systems used to deliver security outcomes
Common Characteristics • Security Structure • Basic security measures • Heightened threat responses • Devolved responsibilities • Access controlled areas Port Fac. Ship
Common Characteristics • Training arrangements • Contact details • Review/ internal audit • Ship communications Port Fac. Ship
IMO / ISPS Security Levels Security Level 3 …“Exceptional” … The level for which further additional security measures shall be maintained for a limited period of time when a security incident is probable or imminent, although it may not be possible to identify the specific target … A Risk Based Strategy Security level 2 …“Heightened” … The level for which appropriate additional security measures shall be maintained for a period of time as a result of heightened risk of a security incident Security Level 1 …“Normal” … The the level for which standard security measures shall be maintained at all times
Security Plans Required By? • International requirement for ship and port facility security plans to be in place by 1 July 2004 (ISPS Code) • By then, regulated ships and port facilities receiving such ships must: • have an approved security plan that is in force at all times; and • comply with the plan
Relevant Skills and Experience • Persons with appropriate skills and experience should conduct security assessments and prepare plans. • A good understanding of risk management standards and basic security planning principles is required. • Seek expert assistance where necessary.
Conclusion • Security assessments are an extension of good risk management processes. • Effective security planning is recognised as a good business practice. • Security measures can result in shared regional and international benefits that counter terrorism.