Regulation (EC) No 725/2004 of the European Parliament and of the Council of 31 March 2004 on enhancing ship and port facility security (Text with EEA relevance)
Modified by
  • Commission Decisionof 23 January 2009amending Regulation (EC) No 725/2004 of the European Parliament and of the Council as far as the IMO Unique Company and Registered Owner Identification Number Scheme is concerned(notified under document number C(2009) 148)(Text with EEA relevance)(2009/83/EC), 309D0083, January 31, 2009
  • Regulation (EC) No 219/2009 of the European Parliament and of the Councilof 11 March 2009adapting a number of instruments subject to the procedure referred to in Article 251 of the Treaty to Council Decision 1999/468/EC with regard to the regulatory procedure with scrutinyAdaptation to the regulatory procedure with scrutiny — Part Two, 309R0219, March 31, 2009
Regulation (EC) No 725/2004 of the European Parliament and of the Councilof 31 March 2004on enhancing ship and port facility security(Text with EEA relevance) THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION, Having regard to the Treaty establishing the European Community, and in particular Article 80(2) thereof, Having regard to the proposal from the Commission, Having regard to the Opinion of the European Economic and Social CommitteeOJ C 32, 5.2.2004, p. 21., Having consulted the Committee of the Regions, Acting in accordance with the procedure laid down in Article 251 of the TreatyOpinion of the European Parliament of 19 November 2003 (not yet published in the Official Journal) and Decision of the Council of 22 March 2004., Whereas: (1)Intentional unlawful acts and especially terrorism are among the greatest threats to the ideals of democracy and freedom and to the values of peace, which are the very essence of the European Union. (2)The security of European Community shipping and of citizens using it and of the environment in the face of threats of intentional unlawful acts such as acts of terrorism, acts of piracy or similar, should be ensured at all times. (3)In connection with the transport of goods containing especially dangerous substances, such as chemical and radioactive substances, the potential consequences of the threats posed by intentional unlawful acts for Union citizens and the environment are very serious. (4)On 12 December 2002 the Diplomatic Conference of the International Maritime Organisation (IMO) adopted amendments to the 1974 International Convention for the Safety of Life at Sea (SOLAS Convention) and an International Ship and Port Facility Security Code (ISPS Code). These instruments are intended to enhance the security of ships used in international trade and associated port facilities; they comprise mandatory provisions, the scope of some of which in the Community should be clarified, and recommendations, some of which should be made mandatory within the Community. (5)Without prejudice to the rules of the Member States in the field of national security and measures which might be taken on the basis of Title VI of the Treaty on European Union, the security objective described in recital 2 should be achieved by adopting appropriate measures in the field of maritime transport policy establishing joint standards for the interpretation, implementation and monitoring within the Community of the provisions adopted by the Diplomatic Conference of the IMO on 12 December 2002. Implementing powers should be conferred on the Commission to adopt detailed implementing provisions. (6)This Regulation respects the fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union. (7)Security should be enhanced not only for ships used in international shipping and the port facilities which serve them, but also for ships operating domestic services within the Community and their port facilities, in particular passenger ships, on account of the number of human lives which such trade puts at risk. (8)Part B of the ISPS Code comprises a number of recommendations which should be made mandatory within the Community in order to make uniform progress towards achievement of the security objective described in recital 2. (9)In order to contribute to the recognised and necessary objective of promoting intra-Community short-sea traffic, the Member States should be asked to conclude, in the light of regulation 11 of the special measures to enhance maritime security of the SOLAS Convention, the agreements on security arrangements for scheduled maritime traffic within the Community on fixed routes using dedicated port facilities, without this compromising the general standard of security sought. (10)Permanently applying all the security rules provided for in this Regulation to port facilities situated in ports which only occasionally serve international shipping might be disproportionate. The Member States should determine, on the basis of the security assessments which they are to conduct, which ports are concerned and which alternative measures provide an adequate level of protection. (11)Member States should vigorously monitor compliance with the security rules by ships intending to enter a Community port, whatever their origin. The Member State concerned should appoint a "competent authority for maritime security" responsible for coordinating, implementing and monitoring the application of the security measures laid down in this Regulation as they apply to ships and port facilities. This authority should require each ship intending to enter the port to provide in advance information concerning its international ship security certificate and the levels of safety at which it operates and has previously operated, and any other practical information concerning security. (12)Member States should be permitted to grant exemptions from the systematic requirement to provide the information referred to in recital (11) in the case of intra-Community or domestic scheduled shipping services, provided the companies operating such services are able to provide such information at any time on request by the competent authorities of the Member States. (13)Security checks in the port may be carried out by the competent authorities for maritime security of the Member States, but also, as regards the international ship security certificate, by inspectors acting in the framework of port State control, as provided for in Council Directive 95/21/EC of 19 June 1995 concerning the enforcement, in respect of shipping using Community ports and sailing in the waters under the jurisdiction of the Member States, of international standards for ship safety, pollution prevention and shipboard living and working conditions (port State control)OJ L 157, 7.7.1995, p. 1. Directive as last amended by Directive 2002/84/EC of the European Parliament and of the Council (OJ L 324, 29.11.2002, p. 53).. Where different authorities are concerned, provision must therefore be made for them to complement each other. (14)In view of the number of parties involved in the implementation of security measures, each Member State should appoint a single competent authority responsible for coordinating and monitoring the application of shipping security measures at national level. Member States should put in place the necessary resources and draw up a national plan for the implementation of this Regulation in order to achieve the security objective described in recital 2, in particular by establishing a timetable for the early implementation of certain measures in accordance with the terms of Resolution 6 adopted by the Diplomatic Conference of the IMO on 12 December 2002. The effectiveness of the checks on the implementation of each national system should be the subject of inspections supervised by the Commission. (15)The effective and standard application of measures under this policy raises important questions in relation to its funding. Funding certain additional security measures ought not to give rise to distortions of competition. To this end, the Commission should immediately undertake a study (intended to address in particular the way financing is shared between the public authorities and the operators, without prejudice to the distribution of competences between the Member States and the European Community) and to submit the results and, if appropriate, any proposals to the European Parliament and the Council. (16)The measures needed to implement this Regulation should be adopted in accordance with Council Decision 1999/468/EC of 28 June 1999 laying down the procedures for the exercise of implementing powers conferred on the CommissionOJ L 184, 17.7.1999, p. 23.. A procedure should be defined for the adaptation of this Regulation in the light of experience, to make mandatory further provisions of Part B of the ISPS Code not initially made mandatory by this Regulation. (17)Since the objectives of this Regulation, namely the introduction and implementation of appropriate measures in the field of maritime transport policy, cannot be sufficiently achieved by the Member States and can therefore, by reason of the European scale of this Regulation, be better achieved at Community level, the Community may adopt measures in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives, HAVE ADOPTED THIS REGULATION:
Article 1 Objectives 1. The main objective of this Regulation is to introduce and implement Community measures aimed at enhancing the security of ships used in international trade and domestic shipping and associated port facilities in the face of threats of intentional unlawful acts. 2. The Regulation is also intended to provide a basis for the harmonised interpretation and implementation and Community monitoring of the special measures to enhance maritime security adopted by the Diplomatic Conference of the IMO on 12 December 2002, which amended the 1974 International Convention for the Safety of Life at Sea (SOLAS Convention) and established the International Ship and Port Facility Security Code (ISPS Code).
Article 2 Definitions For the purposes of this Regulation: 1."special measures to enhance maritime security of the SOLAS Convention" means the amendments, as attached as Annex I to this Regulation, inserting the new Chapter XI-2 into the Annex to the SOLAS Convention of the IMO, in its up-to-date version, 2."ISPS Code" means the International Ship and Port Facility Security Code of the IMO, in its up-to-date version, 3."Part A of the ISPS Code" means the Preamble and the mandatory requirements forming Part A of the ISPS Code, as attached as Annex II to this Regulation, concerning the provisions of Chapter XI-2 of the Annex to the SOLAS Convention in its up-to-date version, 4."Part B of the ISPS Code" means the guidelines forming Part B of the ISPS Code, as attached as Annex III to this Regulation, regarding the provisions of chapter XI-2 of the Annex to the SOLAS Convention, as amended, and of Part A of the ISPS Code, in its up-to-date version, 5."maritime security" means the combination of preventive measures intended to protect shipping and port facilities against threats of intentional unlawful acts, 6."focal point for maritime security" means the body designated by each Member State to serve as a contact point for the Commission and other Member States and to facilitate, follow up and inform on the application of the maritime security measures laid down in this Regulation, 7."competent authority for maritime security" means an authority designated by a Member State to coordinate, implement and monitor the application of the security measures laid down in this Regulation in respect of ships and/or one or more port facilities. The competences of this authority may differ depending on the tasks assigned to it, 8."international shipping" means any maritime transport service by ship from a port facility of a Member State to a port facility outside that Member State, or conversely, 9."domestic shipping" means any transport service by ship in sea areas from a port facility of a Member State to the same port facility or another port facility within that Member State, 10."scheduled service" means a series of sailings organised in such a way as to provide a service linking two or more port facilities: (a)either on the basis of a published timetable; (b)or with a regularity or frequency such as to constitute a recognisable systematic service, 11."port facility" means a location where the ship/port interface takes place; this includes areas such as anchorages, waiting berths and approaches from seaward, as appropriate, 12."ship/port interface" means the interactions that occur when a ship is directly and immediately affected by actions involving the movement of persons or goods or the provision of port services to or from the ship, 13."intentional unlawful act" means a deliberate act, which, by its nature or context, could harm the vessels used for international or national maritime traffic, their passengers or their cargoes, or the port facilities connected therewith.
Article 3 Joint measures and scope 1. In respect of international shipping, Member States shall apply in full, by 1 July 2004, the special measures to enhance maritime security of the SOLAS Convention and Part A of the ISPS Code, in accordance with the conditions and with respect to the ships, companies and port facilities referred to therein. 2. In respect of domestic shipping, Member States shall apply, by 1 July 2005, the special measures to enhance maritime security of the SOLAS Convention and Part A of the ISPS Code to Class A passenger ships within the meaning of Article 4 of Council Directive 98/18/EC of 17 March 1998 on safety rules and standards for passenger shipsOJ L 144, 15.5.1998, p. 1. Directive as last amended by Commission Directive 2003/75/EC (OJ L 190, 30.7.2003, p. 6). operating domestic services and to their companies, as defined in regulation IX-1 of the SOLAS Convention, and to the port facilities serving them. 3. Member States shall, after a mandatory security risk assessment, decide the extent to which they will apply, by 1 July 2007, the provisions of this Regulation to different categories of ships operating domestic services other than those referred to in paragraph 2, their companies and the port facilities serving them. The overall level of security should not be compromised by such a decision. Member States shall notify the Commission of such decisions when they are adopted, as well as of the periodic review, which must take place at intervals of no more than five years. 4. When implementing the provisions required pursuant to paragraphs 1, 2 and 3, Member States shall take fully into account the guidelines contained in Part B of the ISPS Code. 5. Member States shall conform to the following paragraphs of Part B of the ISPS Code as if they were mandatory: 1.12 (revision of ship security plans), 1.16 (port facility security assessment), 4.1 (protection of the confidentiality of security plans and assessments), 4.4 (recognised security organisations), 4.5 (minimum competencies of recognised security organisations), 4.8 (setting the security level), 4.14, 4.15, 4.16 (contact points and information on port facility security plans), 4.18 (identification documents), 4.24 (ships' application of the security measures recommended by the State in whose territorial waters they are sailing), 4.28 (manning level), 4.41 (communication of information when entry into port is denied or the ship is expelled from port), 4.45 (ships from a State which is not party to the Convention), 6.1 (company's obligation to provide the master with information on the ship's operators), 8.3 to 8.10 (minimum standards for the ship security assessment), 9.2 (minimum standards for the ship security plan), 9.4 (independence of recognised security organisations), 13.6 and 13.7 (frequency of security drills and exercises for ships' crews and for company and ship security officers), 15.3 to 15.4 (minimum standards for the port facility security assessment), 16.3 and 16.8 (minimum standards for the port facility security plan), 18.5 and 18.6 (frequency of security drills and exercises in port facilities and for port facility security officers). 6. Notwithstanding the provisions of paragraph 15.4 of Part A of the ISPS Code, the periodic review of the port facility security assessments provided for in paragraph 1.16 of Part B of the ISPS Code shall be carried out at the latest five years after the assessments were carried out or last reviewed. 7. This Regulation shall not apply to ships of war and troopships, cargo ships of less than 500 gross tonnage, ships not propelled by mechanical means, wooden ships of primitive build, fishing vessels or vessels not engaged in commercial activities. 8. Notwithstanding the provisions of paragraphs 2 and 3, Member States shall ensure, when ship security plans and port facility security plans are approved, that such plans contain appropriate provisions to ensure that the security of ships to which this Regulation applies is not compromised by any ship or port interface or ship-to-ship activity with any ships not subject to this Regulation.
Article 4 Communication of information 1. Each Member State shall communicate to the IMO, the Commission and the other Member States the information required pursuant to regulation 13 (Communication of information) of the special measures to enhance maritime security of the SOLAS Convention. 2. Each Member State shall communicate to the Commission and the other Member States the contact details of the contact officials referred to in paragraph 4.16 of Part B of the ISPS Code and the information provided for in paragraph 4.41 of Part B of the ISPS Code when a ship is expelled from or refused entry to a Community port. 3. Each Member State shall draw up the list of port facilities concerned on the basis of the port facility security assessments carried out, and establish the scope of the measures taken to apply the provisions of paragraph 2 of regulation 2 (extent of application to port facilities which occasionally serve international voyages) of the special measures to enhance maritime security of the SOLAS Convention. Each Member State shall communicate the said list to the other Member States and to the Commission by 1 July 2004 at the latest. The Commission and any Member State concerned shall also be given sufficient details of the measures taken.
Article 5 Alternative security agreements or equivalent security arrangements 1. For the purposes of this Regulation, regulation 11 (Alternative security agreements) of the special measures to enhance maritime security of the SOLAS Convention may also apply to scheduled intra-Community shipping operating on fixed routes and using associated port facilities. 2. To that end, Member States may conclude among themselves, each acting on its own behalf, the bilateral or multilateral agreements provided for in the said SOLAS regulation. Member States may, in particular, consider such agreements in order to promote intra-Community short sea shipping. The Member States concerned shall notify the agreements to the Commission and provide sufficient details of the measures to allow the Commission to consider whether the agreements compromise the level of security of other ships or port facilities not covered by the agreements. The details of the measures directly linked to national security, if any, may be omitted from the notification to the Commission. The Commission shall examine whether the agreements guarantee an adequate level of protection, in particular as regards the requirements of paragraph 2 of the abovementioned SOLAS regulation 11, and whether they conform with Community law and are in accordance with the proper functioning of the internal market. If the agreements do not meet these criteria, the Commission shall within four months adopt a decision in accordance with the procedure referred to in Article 11(3); in such cases, the Member States concerned shall revoke or adapt the agreements accordingly. 3. The periodic review of such agreements provided for in paragraph 4 of regulation 11 of the special measures to enhance maritime security must take place at intervals of no more than five years. 4. Member States may adopt, for domestic shipping and the port facilities as referred to in Articles 3(2) and 3(3) of this Regulation, equivalent security arrangements as provided for in regulation 12 (equivalent security arrangements) of the special measures to enhance maritime security of the SOLAS Convention, provided such security arrangements are as least as effective as those prescribed in Chapter XI-2 of the SOLAS Convention and the relevant mandatory provisions of the ISPS Code. The Member State concerned shall communicate to the Commission sufficient details of such arrangements when they are adopted, and the outcome of periodic reviews thereof, at the latest five years after they were adopted or last reviewed. The conditions of application of such arrangements shall be subject to the Commission inspections provided for in Article 9(4), (5) and (6) of this Regulation under the procedures defined therein.
Article 6 Provision of security information prior to entry into a port of a Member State 1. When a ship which is subject to the requirements of the special measures to enhance maritime security of the SOLAS Convention and of the ISPS Code or of Article 3 of this Regulation announces its intention to enter a port of a Member State, the competent authority for maritime security of that Member State shall require that the information referred to in paragraph 2.1 of regulation 9 (Ships intending to enter a port of another Contracting Government) of the special measures to enhance maritime security of the SOLAS Convention be provided. The said authority shall analyse, as far as necessary, the information provided and, where necessary, apply the procedure provided for in paragraph 2 of that SOLAS regulation. 2. The information referred to in paragraph 1 shall be provided: (a)at least 24 hours in advance; or (b)at the latest, at the time the ship leaves the previous port, if the voyage time is less than 24 hours; or (c)if the port of call is not known or if it is changed during the voyage, as soon as the port of call becomes known. 3. A report shall be kept of the procedure followed in respect of each ship subject to a security incident, as defined in paragraph 1.13 of regulation 1 (definitions) of the special measures to enhance maritime security of the SOLAS Convention.
Article 7 Exemptions from the provision of security information prior to entry into a port 1. Member States may exempt scheduled services performed between port facilities located on their territory from the requirement laid down in Article 6 where the following conditions are met: (a)the company operating the scheduled services referred to above keeps and updates a list of the ships concerned and sends it to the competent authority for maritime security for the port concerned, (b)for each voyage performed, the information referred to in paragraph 2.1 of regulation 9 of the special measures to enhance maritime security of the SOLAS Convention is kept available for the competent authority for maritime security upon request. The company must establish an internal system to ensure that, upon request 24 hours a day and without delay, the said information can be sent to the competent authority for maritime security. 2. When an international scheduled service is operated between two or more Member States, any of the Member States involved may request of the other Member States that an exemption be granted to that service, in accordance with the conditions laid down in paragraph 1. 3. Member States shall periodically check that the conditions laid down in paragraphs 1 and 2 are being met. Where at least one of these conditions is no longer being met, Member States shall immediately withdraw the privilege of the exemption from the company concerned. 4. Member States shall draw up a list of companies and ships granted exemption under this Article, and shall update that list. They shall communicate the list and updates thereof to the Commission and any Member State concerned. 5. Notwithstanding the provisions of paragraphs 1 and 2, a Member State may, on security grounds and on a case-by-case basis, request the provision of the information referred to in paragraph 2.1 of regulation 9 of the special measures to enhance maritime security of the SOLAS Convention prior to entry into a port.
Article 8 Security checks in Member State ports 1. Certificate verification, as defined in paragraph 1.1 of regulation 9 (Control of ships in port) of the special measures to enhance maritime security of the SOLAS Convention, shall be carried out in the port either by the competent authority for maritime security defined in Article 2(7) of this Regulation or by the inspectors defined in Article 2(5) of Directive 95/21/EC. 2. Where the officer conducting the certificate verification referred to in paragraph 1 has clear grounds for believing that the ship is not in compliance with the requirements of the special measures to enhance maritime security of the SOLAS Convention and of the ISPS Code, but does not belong to an authority which in that Member State is responsible for carrying out the measures provided for in paragraphs 1.2 and 1.3 of regulation 9 of the special measures to enhance maritime security of the SOLAS Convention, s/he shall immediately refer the matter to the said authority.
Article 9 Implementation and conformity checking 1. Member States shall carry out the administrative and control tasks required pursuant to the provisions of the special measures to enhance maritime security of the SOLAS Convention and of the ISPS Code. They shall ensure that all necessary means are allocated and effectively provided for the implementation of the provisions of this Regulation. 2. Member States shall designate a focal point for maritime security by 1 July 2004. 3. Each Member State shall adopt a national programme for the implementation of this Regulation. 4. Six months after the date of application of the relevant measures referred to in Article 3, the Commission, in cooperation with the focal point referred to in paragraph 2, shall start a series of inspections, including inspections of a suitable sample of port facilities and relevant companies, to monitor the application by Member States of this Regulation. These inspections shall take account of the data supplied by the focal point referred to in paragraph 2, including monitoring reports. The procedures for conducting such inspections shall be adopted in accordance with the procedure referred to in Article 11(2). 5. The officials mandated by the Commission to conduct such inspections in accordance with paragraph 4 shall exercise their powers upon production of an authorisation in writing issued by the Commission and specifying the subject-matter, the purpose of the inspection and the date on which it is to begin. The Commission shall in good time before inspections inform the Member States concerned by the inspections. The Member State concerned shall submit to such inspections and shall ensure that bodies or persons concerned also submit to those inspections. 6. The Commission shall communicate the inspection reports to the Member State concerned, which shall indicate sufficient details of the measures taken to remedy any shortcomings within three months of receipt of the report. The report and the list of measures taken shall be communicated to the Committee referred to in Article 11(1).
Article 10 Integration of amendments to international instruments 1. The applicable international instruments referred to in Article 2, which are applied in accordance with Article 3(1), shall be those which have entered into force, including the most recent amendments thereto, with the exception of the amendments excluded from the scope of this Regulation resulting from the conformity checking procedure established by paragraph 5. 2. The Commission shall decide on the integration of amendments to the international instruments referred to in Article 2 in respect of ships operating domestic services and the port facilities serving them to which this Regulation applies, in so far as they constitute a technical update of the provisions of the SOLAS Convention and the ISPS Code. Those measures, designed to amend non-essential elements of this Regulation, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 11(4); on imperative grounds of urgency, the Commission may have recourse to the urgency procedure referred to in Article 11(5). The procedure for checking conformity established in paragraph 5 of this Article shall not apply in these cases. 3. The Commission may adopt provisions in order to define harmonised procedures for the application of the mandatory provisions of the ISPS Code, without broadening the scope of this Regulation. Those measures, designed to amend non-essential elements of this Regulation by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutiny referred to in Article 11(4).On imperative grounds of urgency, the Commission may have recourse to the urgency procedure referred to in Article 11(5). 4. For the purposes of this Regulation and with a view to reducing the risks of conflict between Community maritime legislation and international instruments, Member States and the Commission shall cooperate, through coordination meetings and/or any other appropriate means, in order to define, as appropriate, a common position or approach in the competent international fora. 5. A procedure for checking conformity is hereby established in order to exclude from the scope of this Regulation any amendment to an international instrument only if, on the basis of an evaluation by the Commission, there is a manifest risk that such an amendment will lower the standard of maritime security or be incompatible with Community legislation. The procedure for checking conformity may be used solely to make amendments to this Regulation in the fields expressly covered by the procedure referred to in Article 11(2) and strictly within the framework of exercise of implementing powers conferred on the Commission. 6. In the circumstances referred to in paragraph 5, the procedure for checking conformity shall be initiated by the Commission, which, where appropriate, may act at the request of a Member State. The Commission shall submit to the Committee set up in Article 11(1), without delay, after the adoption of an amendment to an international instrument, a proposal for measures with the aim of excluding the amendment in question from this Regulation. The procedure for checking conformity, including, if applicable, the procedures set up in Article 5(6) of Decision 1999/468/EC, shall be completed at least one month before the expiration of the period established internationally for the tacit acceptance of the amendment concerned or the envisaged date for the entry into force of said amendment. 7. In the event of a risk as referred to in the first subparagraph of paragraph 5, Member States shall refrain, during the course of the procedure for checking conformity, from taking any initiative intended to integrate the amendment in national legislation or to apply the amendment to the international instrument concerned. 8. All relevant amendments to international instruments that are integrated in Community maritime legislation, in accordance with paragraphs 5 and 6, shall be published, for information purposes, in the Official Journal of the European Union.
Article 11 Committee procedure 1. The Commission shall be assisted by a committee. 2. Where reference is made to this paragraph, Articles 5 and 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.The period laid down in Article 5(6) of Decision 1999/468/EC shall be set at one month. 3. Where reference is made to this paragraph, Articles 6 and 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.The periods laid down in Article 6(b) and (c) respectively of Decision 1999/468/EC shall be set at one month. 4. Where reference is made to this paragraph, Article 5a(1) to (4) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof. 5. Where reference is made to this paragraph, Article 5a(1), (2), (4) and (6) and Article 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.
Article 12 Confidentiality In applying this Regulation, the Commission shall take, in accordance with the provisions of Commission Decision 2001/844/EC, ECSC, Euratom of 29 November 2001 amending its internal Rules of ProcedureOJ L 317, 3.12.2001, p. 1., appropriate measures to protect information subject to the requirement of confidentiality to which it has access or which is communicated to it by Member States. The Member States shall take equivalent measures in accordance with relevant national legislation. Any personnel carrying out security inspections, or handling confidential information related to this Regulation, must have an appropriate level of security vetting by the Member State of the nationality of the personnel concerned.
Article 13 Dissemination of information 1. Without prejudice to the public right of access to documents as laid down in Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documentsOJ L 145, 31.5.2001, p. 43., the inspection reports and the answers of the Member States referred to in Articles 4(3), 5(2), 5(4) and 9(6) shall be secret and shall not be published. They shall only be available to the relevant authorities, which shall communicate them only to interested parties on a need-to-know basis, in accordance with applicable national rules for dissemination of sensitive information. 2. Member States shall, as far as possible and in accordance with applicable national law, treat as confidential information arising from inspection reports and answers of Member States when it relates to other Member States 3. Unless it is clear that the inspection reports and answers shall or shall not be disclosed, Member States or the Commission shall consult with the Member State concerned.
Article 14 Sanctions Member States shall ensure that effective, proportionate and dissuasive sanctions for breaching the provisions of this Regulation are introduced.
Article 15 Entry into force This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. It shall apply from 1 July 2004, apart from the provisions of Articles 3(2) and (3), and 9(4), which shall enter into force on and apply from the dates specified therein.
This Regulation shall be binding in its entirety and directly applicable in all Member States. ANNEX I AMENDMENTS TO THE ANNEX TO THE INTERNATIONAL CONVENTION FOR THE SAFETY OF LIFE AT SEA, 1974 AS AMENDED "CHAPTER XI-2SPECIAL MEASURES TO ENHANCE MARITIME SECURITY Regulation 1Definitions 1For the purpose of this chapter, unless expressly provided otherwise: .1Bulk carrier means a bulk carrier as defined in regulation IX/1.6. .2Chemical tanker means a chemical tanker as defined in regulation VII/8.2. .3Gas carrier means a gas carrier as defined in regulation VII/11.2. .4High-speed craft means a craft as defined in regulation X/1.2. .5Mobile offshore drilling unit means a mechanically propelled mobile offshore drilling unit, as defined in regulation IX/1, not on location. .6Oil tanker means an oil tanker as defined in regulation II-1/2.12. .7Company means a Company as defined in regulation IX/1. .8Ship/port interface means the interactions that occur when a ship is directly and immediately affected by actions involving the movement of persons, goods or the provisions of port services to or from the ship. .9Port facility is a location, as determined by the Contracting Government or by the Designated Authority, where the ship/port interface takes place. This includes areas such as anchorages, waiting berths and approaches from seaward, as appropriate. .10Ship to ship activity means any activity not related to a port facility that involves the transfer of goods or persons from one ship to another. .11Designated Authority means the organisation(s) or the administration(s) identified, within the Contracting Government, as responsible for ensuring the implementation of the provisions of this chapter pertaining to port facility security and ship/port interface, from the point of view of the port facility. .12International Ship and Port Facility Security (ISPS) Code means the International Code for the Security of Ships and of Port Facilities consisting of Part A (the provisions of which shall be treated as mandatory) and part B (the provisions of which shall be treated as recommendatory), as adopted, on 12 December 2002, by resolution 2 of the Conference of Contracting Governments to the International Convention for the Safety of Life at Sea, 1974 as may be amended by the Organisation, provided that: .1amendments to part A of the Code are adopted, brought into force and take effect in accordance with article VIII of the present Convention concerning the amendment procedures applicable to the Annex other than chapter I; and .2amendments to part B of the Code are adopted by the Maritime Safety Committee in accordance with its Rules of Procedure. .13Security incident means any suspicious act or circumstance threatening the security of a ship, including a mobile offshore drilling unit and a high speed craft, or of a port facility or of any ship/port interface or any ship to ship activity. .14Security level means the qualification of the degree of risk that a security incident will be attempted or will occur. .15Declaration of security means an agreement reached between a ship and either a port facility or another ship with which it interfaces specifying the security measures each will implement. .16Recognised security organisation means an organisation with appropriate expertise in security matters and with appropriate knowledge of ship and port operations authorised to carry out an assessment, or a verification, or an approval or a certification activity, required by this chapter or by part A of the ISPS Code. 2The term "ship", when used in regulations 3 to 13, includes mobile offshore drilling units and high-speed craft. 3The term "all ships", when used in this chapter, means any ship to which this chapter applies. 4The term "Contracting Government", when used in regulations 3, 4, 7, 10, 11, 12 and 13 includes a reference to the "Designated Authority". Regulation 2Application 1 This chapter applies to: .1the following types of ships engaged on international voyages: .1.1.passenger ships, including high-speed passenger craft; .1.2.cargo ships, including high-speed craft, of 500 gross tonnage and upwards; and .1.3.mobile offshore drilling units; and .2port facilities serving such ships engaged on international voyages. 2 Notwithstanding the provisions of paragraph 1.2, Contracting Governments shall decide the extent of application of this chapter and of the relevant sections of part A of the ISPS Code to those port facilities within their territory which, although used primarily by ships not engaged on international voyages, are required, occasionally, to serve ships arriving or departing on an international voyage. 2.1 Contracting Governments shall base their decisions, under paragraph 2, on a port facility security assessment carried out in accordance with the provisions of part A of the ISPS Code. 2.2 Any decision which a Contracting Government makes, under paragraph 2, shall not compromise the level of security intended to be achieved by this chapter or by part A of the ISPS Code. 3 This chapter does not apply to warships, naval auxiliaries or other ships owned or operated by a Contracting Government and used only on Government non-commercial service. 4 Nothing in this chapter shall prejudice the rights or obligations of States under international law. Regulation 3Obligations of Contracting Governments with respect to security 1Administrations shall set security levels and ensure the provision of security level information to ships entitled to fly their flag. When changes in security level occur, security level information shall be updated as the circumstance dictates. 2Contracting Governments shall set security levels and ensure the provision of security level information to port facilities within their territory, and to ships prior to entering a port or whilst in a port within their territory. When changes in security level occur, security level information shall be updated as the circumstance dictates. Regulation 4Requirements for Companies and ships 1Companies shall comply with the relevant requirements of this chapter and of part A of the ISPS Code, taking into account the guidance given in part B of the ISPS Code. 2Ships shall comply with the relevant requirements of this chapter and of part A of the ISPS Code, taking into account the guidance given in part B of the ISPS Code, and such compliance shall be verified and certified as provided for in part A of the ISPS Code. 3Prior to entering a port or whilst in a port within the territory of a Contracting Government, a ship shall comply with the requirements for the security level set by that Contracting Government, if such security level is higher than the security level set by the Administration for that ship. 4Ships shall respond without undue delay to any change to a higher security level. 5Where a ship is not in compliance with the requirements of this chapter or of part A of the ISPS Code, or cannot comply with the requirements of the security level set by the Administration or by another Contracting Government and applicable to that ship, then the ship shall notify the appropriate competent authority prior to conducting any ship/port interface or prior to entry into port, whichever occurs earlier. Regulation 5Specific responsibility of Companies The Company shall ensure that the master has available on board, at all times, information through which officers duly authorised by a Contracting Government can establish: .1who is responsible for appointing the members of the crew or other persons currently employed or engaged on board the ship in any capacity on the business of that ship; .2who is responsible for deciding the employment of the ship; and .3in cases where the ship is employed under the terms of charter party(ies), who are the parties to such charter party(ies). Regulation 6Ship security alert system 1All ships shall be provided with a ship security alert system, as follows: .1ships constructed on or after 1 July 2004; .2passenger ships, including high-speed passenger craft, constructed before 1 July 2004, not later than the first survey of the radio installation after 1 July 2004; .3oil tankers, chemical tankers, gas carriers, bulk carriers and cargo high speed craft, of 500 gross tonnage and upwards constructed before 1 July 2004, not later than the first survey of the radio installation after 1 July 2004; and .4other cargo ships of 500 gross tonnage and upward and mobile offshore drilling units constructed before 1 July 2004, not later than the first survey of the radio installation after 1 July 2006. 2.The ship security alert system, when activated, shall: .1initiate and transmit a ship-to-shore security alert to a competent authority designated by the Administration, which in these circumstances may include the Company, identifying the ship, its location and indicating that the security of the ship is under threat or it has been compromised; .2not send the ship security alert to any other ships; .3not raise any alarm on-board the ship; and .4continue the ship security alert until deactivated and/or reset. 3The ship security alert system shall: .1be capable of being activated from the navigation bridge and in at least one other location; and .2conform to performance standards not inferior to those adopted by the Organisation. 4The ship security alert system activation points shall be designed so as to prevent the inadvertent initiation of the ship security alert. 5The requirement for a ship security alert system may be complied with by using the radio installation fitted for compliance with the requirements of chapter IV, provided all requirements of this regulation are complied with. 6When an Administration receives notification of a ship security alert, that Administration shall immediately notify the State(s) in the vicinity of which the ship is presently operating. 7When a Contracting Government receives notification of a ship security alert from a ship which is not entitled to fly its flag, that Contracting Government shall immediately notify the relevant Administration and, if appropriate, the State(s) in the vicinity of which the ship is presently operating. Regulation 7Threats to ships 1Contracting Governments shall set security levels and ensure the provision of security level information to ships operating in their territorial sea or having communicated an intention to enter their territorial sea. 2Contracting Governments shall provide a point of contact through which such ships can request advice or assistance and to which such ships can report any security concerns about other ships, movements or communications. 3Where a risk of attack has been identified, the Contracting Government concerned shall advise the ships concerned and their Administrations of: .1the current security level; .2any security measures that should be put in place by the ships concerned to protect themselves from attack, in accordance with the provisions of part A of the ISPS Code; and .3security measures that the coastal State has decided to put in place, as appropriate. Regulation 8Master's discretion for ship safety and security 1The master shall not be constrained by the Company, the charterer or any other person from taking or executing any decision which, in the professional judgement of the master, is necessary to maintain the safety and security of the ship. This includes denial of access to persons (except those identified as duly authorised by a Contracting Government) or their effects and refusal to load cargo, including containers or other closed cargo transport units. 2If, in the professional judgement of the master, a conflict between any safety and security requirements applicable to the ship arises during its operations, the master shall give effect to those requirements necessary to maintain the safety of the ship. In such cases, the master may implement temporary security measures and shall forthwith inform the Administration and, if appropriate, the Contracting Government in whose port the ship is operating or intends to enter. Any such temporary security measures under this regulation shall, to the highest possible degree, be commensurate with the prevailing security level. When such cases are identified, the Administration shall ensure that such conflicts are resolved and that the possibility of recurrence is minimised. Regulation 9Control and compliance measures 1 Control of ships in port 1.1 For the purpose of this chapter, every ship to which this chapter applies is subject to control when in a port of another Contracting Government by officers duly authorised by that Government, who may be the same as those carrying out the functions of regulation I/19. Such control shall be limited to verifying that there is onboard a valid International Ship Security Certificate or a valid Interim International Ship Security Certificate issued under the provisions of part A of the ISPS Code (Certificate), which if valid shall be accepted, unless there are clear grounds for believing that the ship is not in compliance with the requirements of this chapter or part A of the ISPS Code. 1.2 When there are such clear grounds, or when no valid Certificate is produced when required, the officers duly authorised by the Contracting Government shall impose any one or more control measures in relation to that ship as provided in paragraph 1.3. Any such measures imposed must be proportionate, taking into account the guidance given in part B of the ISPS Code. 1.3 Such control measures are as follows: inspection of the ship, delaying the ship, detention of the ship, restriction of operations including movement within the port, or expulsion of the ship from port. Such control measures may additionally or alternatively include other lesser administrative or corrective measures. 2 Ships intending to enter a port of another Contracting Government 2.1 For the purpose of this chapter, a Contracting Government may require that ships intending to enter its ports provide the following information to officers duly authorised by that Government to ensure compliance with this chapter prior to entry into port with the aim of avoiding the need to impose control measures or steps: .1that the ship possesses a valid Certificate and the name of its issuing authority; .2the security level at which the ship is currently operating; .3the security level at which the ship operated in any previous port where it has conducted a ship/port interface within the timeframe specified in paragraph 2.3; .4any special or additional security measures that were taken by the ship in any previous port where it has conducted a ship/port interface within the timeframe specified in paragraph 2.3; .5that the appropriate ship security procedures were maintained during any ship to ship activity within the timeframe specified in paragraph 2.3; or .6other practical security related information (but not details of the ship security plan), taking into account the guidance given in part B of the ISPS Code. If requested by the Contracting Government, the ship or the Company shall provide confirmation, acceptable to that Contracting Government, of the information required above. 2.2 Every ship to which this chapter applies intending to enter the port of another Contracting Government shall provide the information described in paragraph 2.1 on the request of the officers duly authorised by that Government. The master may decline to provide such information on the understanding that failure to do so may result in denial of entry into port. 2.3 The ship shall keep records of the information referred to in paragraph 2.1 for the last 10 calls at port facilities. 2.4 If, after receipt of the information described in paragraph 2.1, officers duly authorised by the Contracting Government of the port in which the ship intends to enter have clear grounds for believing that the ship is in non-compliance with the requirements of this chapter or part A of the ISPS Code, such officers shall attempt to establish communication with and between the ship and the Administration in order to rectify the non-compliance. If such communication does not result in rectification, or if such officers have clear grounds otherwise for believing that the ship is in non-compliance with the requirements of this chapter or part A of the ISPS Code, such officers may take steps in relation to that ship as provided in paragraph 2.5. Any such steps taken must be proportionate, taking into account the guidance given in part B of the ISPS Code. 2.5 Such steps are as follows: .1a requirement for the rectification of the non-compliance; .2a requirement that the ship proceed to a location specified in the territorial sea or internal waters of that Contracting Government; .3inspection of the ship, if the ship is in the territorial sea of the Contracting Government the port of which the ship intends to enter; or .4denial of entry into port. Prior to initiating any such steps, the ship shall be informed by the Contracting Government of its intentions. Upon this information the master may withdraw the intention to enter that port. In such cases, this regulation shall not apply. 3. Additional provisions 3.1 In the event: .1of the imposition of a control measure, other than a lesser administrative or corrective measure, referred to in paragraph 1.3; or .2any of the steps referred to in paragraph 2.5 are taken, an officer duly authorised by the Contracting Government shall forthwith inform in writing the Administration specifying which control measures have been imposed or steps taken and the reasons thereof. The Contracting Government imposing the control measures or steps shall also notify the recognised security organisation, which issued the Certificate relating to the ship concerned and the Organisation when any such control measures have been imposed or steps taken. 3.2 When entry into port is denied or the ship is expelled from port, the authorities of the port State should communicate the appropriate facts to the authorities of the State of the next appropriate ports of call, when known, and any other appropriate coastal States, taking into account guidelines to be developed by the Organisation. Confidentiality and security of such notification shall be ensured. 3.3. Denial of entry into port, pursuant to paragraphs 2.4 and 2.5, or expulsion from port, pursuant to paragraphs 1.1 to 1.3, shall only be imposed where the officers duly authorised by the Contracting Government have clear grounds to believe that the ship poses an immediate threat to the security or safety of persons, or of ships or other property and there are no other appropriate means for removing that threat. 3.4 The control measures referred to in paragraph 1.3 and the steps referred to in paragraph 2.5 shall only be imposed, pursuant to this regulation, until the non-compliance giving rise to the control measures or steps has been corrected to the satisfaction of the Contracting Government, taking into account actions proposed by the ship or the Administration, if any. 3.5 When Contracting Governments exercise control under paragraph 1 or take steps under paragraph 2: .1all possible efforts shall be made to avoid a ship being unduly detained or delayed. If a ship is thereby unduly detained, or delayed, it shall be entitled to compensation for any loss or damage suffered; and .2necessary access to the ship shall not be prevented for emergency or humanitarian reasons and for security purposes. Regulation 10Requirements for port facilities 1Port facilities shall comply with the relevant requirements of this chapter and part A of the ISPS Code, taking into account the guidance given in part B of the ISPS Code. 2Contracting Governments with a port facility or port facilities within their territory, to which this regulation applies, shall ensure that: .1port facility security assessments are carried out, reviewed and approved in accordance with the provisions of part A of the ISPS Code; and .2port facility security plans are developed, reviewed, approved and implemented in accordance with the provisions of part A of the ISPS Code. 3.Contracting Governments shall designate and communicate the measures required to be addressed in a port facility security plan for the various security levels, including when the submission of a Declaration of Security will be required. Regulation 11Alternative security agreements 1Contracting Governments may, when implementing this chapter and part A of the ISPS Code, conclude in writing bilateral or multilateral agreements with other Contracting Governments on alternative security arrangements covering short international voyages on fixed routes between port facilities located within their territories. 2Any such agreement shall not compromise the level of security of other ships or of port facilities not covered by the agreement. 3No ship covered by such an agreement shall conduct any ship-to-ship activities with any ship not covered by the agreement. 4Such agreements shall be reviewed periodically, taking into account the experience gained as well as any changes in the particular circumstances or the assessed threats to the security of the ships, the port facilities or the routes covered by the agreement. Regulation 12Equivalent security arrangements 1An Administration may allow a particular ship or a group of ships entitled to fly its flag to implement other security measures equivalent to those prescribed in this chapter or in part A of the ISPS Code, provided such security measures are at least as effective as those prescribed in this chapter or part A of the ISPS Code. The Administration, which allows such security measures, shall communicate to the Organisation particulars thereof. 2When implementing this chapter and part A of the ISPS Code, a Contracting Government may allow a particular port facility or a group of port facilities located within its territory, other than those covered by an agreement concluded under regulation 11, to implement security measures equivalent to those prescribed in this chapter or in Part A of the ISPS Code, provided such security measures are at least as effective as those prescribed in this chapter or part A of the ISPS Code. The Contracting Government, which allows such security measures, shall communicate to the Organisation particulars thereof. Regulation 13Communication of information 1 Contracting Governments shall, not later than 1 July 2004, communicate to the Organisation and shall make available for the information of Companies and ships: .1the names and contact details of their national authority or authorities responsible for ship and port facility security; .2the locations within their territory covered by the approved port facility security plans; .3the names and contact details of those who have been designated to be available at all times to receive and act upon the ship-to-shore security alerts, referred to in regulation 6.2.1; .4the names and contact details of those who have been designated to be available at all times to receive and act upon any communications from Contracting Governments exercising control and compliance measures, referred to in regulation 9.3.1; and .5the names and contact details of those who have been designated to be available at all times to provide advice or assistance to ships and to whom ships can report any security concerns, referred to in regulation 7.2; and thereafter update such information as and when changes relating thereto occur. The Organisation shall circulate such particulars to other Contracting Governments for the information of their officers. 2 Contracting Governments shall, not later than 1 July 2004, communicate to the Organisation the names and contact details of any recognised security organisations authorised to act on their behalf together with details of the specific responsibility and conditions of authority delegated to such organisations. Such information shall be updated as and when changes relating thereto occur. The Organisation shall circulate such particulars to other Contracting Governments for the information of their officers. 3 Contracting Governments shall, not later than 1 July 2004 communicate to the Organisation a list showing the approved port facility security plans for the port facilities located within their territory together with the location or locations covered by each approved port facility security plan and the corresponding date of approval and thereafter shall further communicate when any of the following changes take place: .1changes in the location or locations covered by an approved port facility security plan are to be introduced or have been introduced. In such cases the information to be communicated shall indicate the changes in the location or locations covered by the plan and the date as of which such changes are to be introduced or were implemented; .2an approved port facility security plan, previously included in the list submitted to the Organisation, is to be withdrawn or has been withdrawn. In such cases, the information to be communicated shall indicate the date on which the withdrawal will take effect or was implemented. In these cases, the communication shall be made to the Organisation as soon as is practically possible; and .3additions are to be made to the list of approved port facility security plans. In such cases, the information to be communicated shall indicate the location or locations covered by the plan and the date of approval. 4 Contracting Governments shall, at five year intervals after 1 July 2004, communicate to the Organisation a revised and updated list showing all the approved port facility security plans for the port facilities located within their territory together with the location or locations covered by each approved port facility security plan and the corresponding date of approval (and the date of approval of any amendments thereto) which will supersede and replace all information communicated to the Organisation, pursuant to paragraph 3, during the preceding five years. 5 Contracting Governments shall communicate to the Organisation information that an agreement under regulation 11 has been concluded. The information communicated shall include: .1the names of the Contracting Governments which have concluded the agreement; .2the port facilities and the fixed routes covered by the agreement; .3the periodicity of review of the agreement; .4the date of entry into force of the agreement; and .5information on any consultations which have taken place with other Contracting Governments; and thereafter shall communicate, as soon as practically possible, to the Organisation information when the agreement has been amended or has ended. 6 Any Contracting Government which allows, under the provisions of regulation 12, any equivalent security arrangements with respect to a ship entitled to fly its flag or with respect to a port facility located within its territory, shall communicate to the Organisation particulars thereof. 7 The Organisation shall make available the information communicated under paragraph 3 to other Contracting Governments upon request." ANNEX II "INTERNATIONAL CODE FOR THE SECURITY OF SHIPS AND OF PORT FACILITIES PREAMBLE 1.The Diplomatic Conference on Maritime Security held in London in December 2002 adopted new provisions in the International Convention for the Safety of Life at Sea, 1974 and this Code to enhance maritime security. These new requirements form the international framework through which ships and port facilities can cooperate to detect and deter acts which threaten security in the maritime transport sector. 2.Following the tragic events of 11th September 2001, the twenty-second session of the Assembly of the International Maritime Organisation ("the Organisation"), in November 2001, unanimously agreed to the development of new measures relating to the security of ships and of port facilities for adoption by a Conference of Contracting Governments to the International Convention for the Safety of Life at Sea, 1974 (known as the Diplomatic Conference on Maritime Security) in December 2002. Preparation for the Diplomatic Conference was entrusted to the Organisation's Maritime Safety Committee (MSC) on the basis of submissions made by Member States, intergovernmental organisations and non-governmental organisations in consultative status with the Organisation. 3.The MSC, at its first extraordinary session, held also in November 2001, in order to accelerate the development and the adoption of the appropriate security measures, established an MSC Intersessional Working Group on Maritime Security. The first meeting of the MSC Intersessional Working Group on Maritime Security was held in February 2002 and the outcome of its discussions was reported to, and considered by, the seventy-fifth session of the MSC in May 2002, when an ad hoc Working Group was established to further develop the proposals made. The seventy-fifth session of the MSC considered the report of that Working Group and recommended that work should be taken forward through a further MSC Intersessional Working Group, which was held in September 2002. The seventy-sixth session of the MSC considered the outcome of the September 2002 session of the MSC Intersessional Working Group and the further work undertaken by the MSC Working Group held in conjunction with the Committee's seventy-sixth session in December 2002, immediately prior to the Diplomatic Conference, and agreed the final version of the proposed texts to be considered by the Diplomatic Conference. 4.The Diplomatic Conference (9 to 13 December 2002) also adopted amendments to the existing provisions of the International Convention for the Safety of Life at Sea, 1974 (SOLAS 74) accelerating the implementation of the requirement to fit Automatic Identification Systems and adopted new regulations in chapter XI-1 of SOLAS 74 covering marking of the Ship Identification Number and the carriage of a Continuous Synopsis Record. The Diplomatic Conference also adopted a number of Conference resolutions, including those covering implementation and revision of this Code, technical cooperation, and cooperative work with the International Labour Organisation and World Customs Organisation. It was recognised that review and amendment of certain of the new provisions regarding maritime security may be required on completion of the work of these two Organisations. 5.The provisions of chapter XI-2 of SOLAS 74 and this Code apply to ships and to port facilities. The extension of SOLAS 74 to cover port facilities was agreed on the basis that SOLAS 74 offered the speediest means of ensuring the necessary security measures entered into force and given effect quickly. However, it was further agreed that the provisions relating to port facilities should relate solely to the ship/port interface. The wider issue of the security of port areas will be the subject of further joint work between the International Maritime Organisation and the International Labour Organisation. It was also agreed that the provisions should not extend to the actual response to attacks or to any necessary clear-up activities after such an attack. 6.In drafting the provision, care has been taken to ensure compatibility with the provisions of the International Convention on Standards of Training, Certification and Watchkeeping for Seafarers, 1978, as amended, the International Safety Management (ISM) Code and the harmonised system of survey and certification. 7.The provisions represent a significant change in the approach of the international maritime industries to the issue of security in the maritime transport sector. It is recognised that they may place a significant additional burden on certain Contracting Governments. The importance of technical cooperation to assist Contracting Governments implement the provisions is fully recognised. 8.Implementation of the provisions will require continuing effective cooperation and understanding between all those involved with, or using, ships and port facilities, including ship's personnel, port personnel, passengers, cargo interests, ship and port management and those in National and Local Authorities with security responsibilities. Existing practices and procedures will have to be reviewed and changed if they do not provide an adequate level of security. In the interests of enhanced maritime security, additional responsibilities will have to be carried by the shipping and port industries and by National and Local Authorities. 9.The guidance given in part B of this Code should be taken into account when implementing the security provisions set out in chapter XI-2 of SOLAS 74 and in part A of this Code. However, it is recognised that the extent to which the guidance applies may vary depending on the nature of the port facility and of the ship, its trade and/or cargo. 10.Nothing in this Code shall be interpreted or applied in a manner inconsistent with the proper respect of fundamental rights and freedoms as set out in international instruments, particularly those relating to maritime workers and refugees, including the International Labour Organisation Declaration of Fundamental Principles and Rights at Work as well as international standards concerning maritime and port workers. 11.Recognising that the Convention on the Facilitation of Maritime Traffic, 1965, as amended, provides that foreign crew members shall be allowed ashore by the public authorities while the ship on which they arrive is in port, provided that the formalities on arrival of the ship have been fulfilled and the public authorities have no reason to refuse permission to come ashore for reasons of public health, public safety or public order, Contracting Governments, when approving ship and port facility security plans, should pay due cognisance to the fact that ship's personnel live and work on the vessel and need shore leave and access to shore-based seafarer welfare facilities, including medical care. PART A MANDATORY REQUIREMENTS REGARDING THE PROVISIONS OF CHAPTER XI-2 OF THE ANNEX TO THE INTERNATIONAL CONVENTION FOR THE SAFETY OF LIFE AT SEA, 1974, AS AMENDED 1GENERAL 1.1Introduction This part of the International Code for the Security of Ships and of Port Facilities contains mandatory provisions to which reference is made in chapter XI-2 of the International Convention for the Safety of Life at Sea, 1974, as amended. 1.2Objectives The objectives of this Code are: .1to establish an international framework involving cooperation between Contracting Governments, Government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade; .2to establish the respective roles and responsibilities of the Contracting Governments, Government agencies, local administrations and the shipping and port industries, at the national and international level, for ensuring maritime security; .3to ensure the early and efficient collection and exchange of security-related information; .4to provide a methodology for security assessments so as to have in place plans and procedures to react to changing security levels; and .5to ensure confidence that adequate and proportionate maritime security measures are in place. 1.3Functional requirements In order to achieve its objectives, this Code embodies a number of functional requirements. These include, but are not limited to: .1gathering and assessing information with respect to security threats and exchanging such information with appropriate Contracting Governments; .2requiring the maintenance of communication protocols for ships and port facilities; .3preventing unauthorised access to ships, port facilities and their restricted areas; .4preventing the introduction of unauthorised weapons, incendiary devices or explosives to ships or port facilities; .5providing means for raising the alarm in reaction to security threats or security incidents; .6requiring ship and port facility security plans based upon security assessments; and .7requiring training, drills and exercises to ensure familiarity with security plans and procedures. 2DEFINITIONS 2.1For the purpose of this part, unless expressly provided otherwise: .1Convention means the International Convention for the Safety of Life at Sea, 1974, as amended. .2Regulation means a regulation of the Convention. .3Chapter means a chapter of the Convention. .4Ship security plan means a plan developed to ensure the application of measures on board the ship designed to protect persons on board, cargo, cargo transport units, ship's stores or the ship from the risks of a security incident. .5Port facility security plan means a plan developed to ensure the application of measures designed to protect the port facility and ships, persons, cargo, cargo transport units and ship's stores within the port facility from the risks of a security incident. .6Ship security officer means the person on board the ship, accountable to the master, designated by the Company as responsible for the security of the ship, including implementation and maintenance of the ship security plan, and for liaison with the company security officer and port facility security officers. .7Company security officer means the person designated by the Company for ensuring that a ship security assessment is carried out; that a ship security plan is developed, submitted for approval, and thereafter implemented and maintained, and for liaison with port facility security officers and the ship security officer. .8Port facility security officer means the person designated as responsible for the development, implementation, revision and maintenance of the port facility security plan and for liaison with the ship security officers and company security officers. .9Security level 1 means the level for which minimum appropriate protective security measures shall be maintained at all times. .10Security level 2 means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of heightened risk of a security incident. .11Security level 3 means the level for which further specific protective security measures shall be maintained for a limited period of time when a security incident is probable or imminent, although it may not be possible to identify the specific target. 2.2The term "ship", when used in this Code, includes mobile offshore drilling units and high-speed craft as defined in regulation XI-2/1. 2.3The term "Contracting Government" in connection with any reference to a port facility, when used in sections 14 to 18, includes a reference to the Designated Authority. 2.4Terms not otherwise defined in this part shall have the same meaning as the meaning attributed to them in chapters I and XI-2. 3APPLICATION 3.1 This Code applies to: .1the following types of ships engaged on international voyages: .1passenger ships, including high-speed passenger craft; .2cargo ships, including high-speed craft, of 500 gross tonnage and upwards; and .3mobile offshore drilling units; and .2port facilities serving such ships engaged on international voyages. 3.2 Notwithstanding the provisions of section 3.1.2, Contracting Governments shall decide the extent of application of this Part of the Code to those port facilities within their territory which, although used primarily by ships not engaged on international voyages, are required, occasionally, to serve ships arriving or departing on an international voyage. 3.2.1 Contracting Governments shall base their decisions, under section 3.2, on a port facility security assessment carried out in accordance with this Part of the Code. 3.2.2 Any decision which a Contracting Government makes, under section 3.2, shall not compromise the level of security intended to be achieved by chapter XI-2 or by this Part of the Code. 3.3 This Code does not apply to warships, naval auxiliaries or other ships owned or operated by a Contracting Government and used only on Government non-commercial service. 3.4 Sections 5 to 13 and 19 of this part apply to Companies and ships as specified in regulation XI-2/4. 3.5 Sections 5 and 14 to 18 of this part apply to port facilities as specified in regulation XI-2/10. 3.6 Nothing in this Code shall prejudice the rights or obligations of States under international law. 4RESPONSIBILITIES OF CONTRACTING GOVERNMENTS 4.1Subject to the provisions of regulation XI-2/3 and XI-2/7, Contracting Governments shall set security levels and provide guidance for protection from security incidents. Higher security levels indicate greater likelihood of occurrence of a security incident. Factors to be considered in setting the appropriate security level include: .1the degree that the threat information is credible; .2the degree that the threat information is corroborated; .3the degree that the threat information is specific or imminent; and .4the potential consequences of such a security incident. 4.2Contracting Governments, when they set security level 3, shall issue, as necessary, appropriate instructions and shall provide security-related information to the ships and port facilities that may be affected. 4.3Contracting Governments may delegate to a recognised security organisation certain of their security-related duties under chapter XI-2 and this Part of the Code with the exception of: .1setting of the applicable security level; .2approving a port facility security assessment and subsequent amendments to an approved assessment; .3determining the port facilities which will be required to designate a port facility security officer; .4approving a port facility security plan and subsequent amendments to an approved plan; .5exercising control and compliance measures pursuant to regulation XI-2/9; and .6establishing the requirements for a Declaration of Security. 4.4Contracting Governments shall, to the extent they consider appropriate, test the effectiveness of the ship security plans or the port facility security plans, or of amendments to such plans, they have approved, or, in the case of ships, of plans which have been approved on their behalf. 5.DECLARATION OF SECURITY 5.1Contracting Governments shall determine when a Declaration of Security is required by assessing the risk the ship/port interface or ship-to-ship activity poses to persons, property or the environment. 5.2A ship can request completion of a Declaration of Security when: .1the ship is operating at a higher security level than the port facility or another ship it is interfacing with; .2there is an agreement on a Declaration of Security between Contracting Governments covering certain international voyages or specific ships on those voyages; .3there has been a security threat or a security incident involving the ship or involving the port facility, as applicable; .4the ship is at a port which is not required to have and implement an approved port facility security plan; or .5the ship is conducting ship-to-ship activities with another ship not required to have and implement an approved ship security plan. 5.3Requests for the completion of a Declaration of Security, under this section, shall be acknowledged by the applicable port facility or ship. 5.4The Declaration of Security shall be completed by: .1the master or the ship security officer on behalf of the ship(s); and, if appropriate, .2the port facility security officer or, if the Contracting Government determines otherwise, by any other body responsible for shore-side security, on behalf of the port facility. 5.5The Declaration of Security shall address the security requirements that could be shared between a port facility and a ship (or between ships) and shall state the responsibility for each. 5.6Contracting Governments shall specify, bearing in mind the provisions of regulation XI-2/9.2.3, the minimum period for which Declarations of Security shall be kept by the port facilities located within their territory. 5.7Administrations shall specify, bearing in mind the provisions of regulation XI-2/9.2.3, the minimum period for which Declarations of Security shall be kept by ships entitled to fly their flag. 6OBLIGATIONS OF THE COMPANY 6.1The Company shall ensure that the ship security plan contains a clear statement emphasising the master's authority. The Company shall establish in the ship security plan that the master has the overriding authority and responsibility to make decisions with respect to the safety and security of the ship and to request the assistance of the Company or of any Contracting Government as may be necessary. 6.2The Company shall ensure that the company security officer, the master and the ship security officer are given the necessary support to fulfil their duties and responsibilities in accordance with chapter XI-2 and this Part of the Code. 7.SHIP SECURITY 7.1 A ship is required to act upon the security levels set by Contracting Governments as set out below. 7.2 At security level 1, the following activities shall be carried out, through appropriate measures, on all ships, taking into account the guidance given in part B of this Code, in order to identify and take preventive measures against security incidents: .1ensuring the performance of all ship security duties; .2controlling access to the ship; .3controlling the embarkation of persons and their effects; .4monitoring restricted areas to ensure that only authorised persons have access; .5monitoring of deck areas and areas surrounding the ship; .6supervising the handling of cargo and ship's stores; and .7ensuring that security communication is readily available. 7.3 At security level 2, additional protective measures, specified in the ship security plan, shall be implemented for each activity detailed in section 7.2, taking into account the guidance given in part B of this Code. 7.4 At security level 3, further specific protective measures, specified in the ship security plan, shall be implemented for each activity detailed in section 7.2, taking into account the guidance given in part B of this Code. 7.5 Whenever security level 2 or 3 is set by the Administration, the ship shall acknowledge receipt of the instructions on change of the security level. 7.6 Prior to entering a port or whilst in a port within the territory of a Contracting Government that has set security level 2 or 3, the ship shall acknowledge receipt of this instruction and shall confirm to the port facility security officer the initiation of the implementation of the appropriate measures and procedures as detailed in the ship security plan, and in the case of security level 3, in instructions issued by the Contracting Government which has set security level 3. The ship shall report any difficulties in implementation. In such cases, the port facility security officer and ship security officer shall liaise and coordinate the appropriate actions. 7.7 If a ship is required by the Administration to set, or is already at, a higher security level than that set for the port it intends to enter or in which it is already located, then the ship shall advise, without delay, the competent authority of the Contracting Government within whose territory the port facility is located and the port facility security officer of the situation. 7.7.1 In such cases, the ship security officer shall liaise with the port facility security officer and coordinate appropriate actions, if necessary. 7.8 An Administration requiring ships entitled to fly its flag to set security level 2 or 3 in a port of another Contracting Government shall inform that Contracting Government without delay. 7.9 When Contracting Governments set security levels and ensure the provision of security-level information to ships operating in their territorial sea, or having communicated an intention to enter their territorial sea, such ships shall be advised to maintain vigilance and report immediately to their Administration and any nearby coastal States any information that comes to their attention that might affect maritime security in the area. 7.9.1 When advising such ships of the applicable security level, a Contracting Government shall, taking into account the guidance given in part B of this Code, also advise those ships of any security measure that they should take and, if appropriate, of measures that have been taken by the Contracting Government to provide protection against the threat. 8.SHIP SECURITY ASSESSMENT 8.1The ship security assessment is an essential and integral part of the process of developing and updating the ship security plan. 8.2The company security officer shall ensure that the ship security assessment is carried out by persons with appropriate skills to evaluate the security of a ship, in accordance with this section, taking into account the guidance given in part B of this Code. 8.3Subject to the provisions of section 9.2.1, a recognised security organisation may carry out the ship security assessment of a specific ship. 8.4The ship security assessment shall include an on-scene security survey and, at least, the following elements: .1identification of existing security measures, procedures and operations; .2identification and evaluation of key shipboard operations that it is important to protect; .3identification of possible threats to the key shipboard operations and the likelihood of their occurrence, in order to establish and prioritise security measures; and .4identification of weaknesses, including human factors, in the infrastructure, policies and procedures. 8.5The ship security assessment shall be documented, reviewed, accepted and retained by the Company. 9SHIP SECURITY PLAN 9.1 Each ship shall carry on board a ship security plan approved by the Administration. The plan shall make provisions for the three security levels as defined in this Part of the Code. 9.1.1 Subject to the provisions of section 9.2.1, a recognised security organisation may prepare the ship security plan for a specific ship. 9.2 The Administration may entrust the review and approval of ship security plans, or of amendments to a previously approved plan, to recognised security organisations. 9.2.1 In such cases, the recognised security organisation undertaking the review and approval of a ship security plan, or its amendments, for a specific ship shall not have been involved in either the preparation of the ship security assessment or of the ship security plan, or of the amendments, under review. 9.3 The submission of a ship security plan, or of amendments to a previously approved plan, for approval shall be accompanied by the security assessment on the basis of which the plan, or the amendments, has been developed. 9.4 Such a plan shall be developed, taking into account the guidance given in part B of this Code, and shall be written in the working language or languages of the ship. If the language or languages used is not English, French or Spanish, a translation into one of these languages shall be included. The plan shall address, at least, the following: .1measures designed to prevent weapons, dangerous substances and devices intended for use against persons, ships or ports and the carriage of which is not authorised from being taken on board the ship; .2identification of the restricted areas and measures for the prevention of unauthorised access to them; .3measures for the prevention of unauthorised access to the ship; .4procedures for responding to security threats or breaches of security, including provisions for maintaining critical operations of the ship or ship/port interface; .5procedures for responding to any security instructions Contracting Governments may give at security level 3; .6procedures for evacuation in case of security threats or breaches of security; .7duties of shipboard personnel assigned security responsibilities and of other shipboard personnel on security aspects; .8procedures for auditing the security activities; .9procedures for training, drills and exercises associated with the plan; .10procedures for interfacing with port facility security activities; .11procedures for the periodic review of the plan and for updating; .12procedures for reporting security incidents; .13identification of the ship security officer; .14identification of the company security officer, including 24-hour contact details; .15procedures to ensure the inspection, testing, calibration, and maintenance of any security equipment provided on board; .16frequency for testing or calibration of any security equipment provided on board; .17identification of the locations where the ship security alert system activation points are provided; and .18procedures, instructions and guidance on the use of the ship security alert system, including the testing, activation, deactivation and resetting and to limit false alerts. 9.4.1 Personnel conducting internal audits of the security activities specified in the plan or evaluating its implementation shall be independent of the activities being audited unless this is impracticable due to the size and the nature of the Company or of the ship. 9.5 The Administration shall determine which changes to an approved ship security plan or to any security equipment specified in an approved plan shall not be implemented unless the relevant amendments to the plan are approved by the Administration. Any such changes shall be at least as effective as those measures prescribed in chapter XI-2 and this Part of the Code. 9.5.1 The nature of the changes to the ship security plan or the security equipment that have been specifically approved by the Administration, pursuant to section 9.5, shall be documented in a manner that clearly indicates such approval. This approval shall be available on board and shall be presented together with the International Ship Security Certificate (or the Interim International Ship Security Certificate). If these changes are temporary, once the original approved measures or equipment are reinstated, this documentation no longer needs to be retained by the ship. 9.6 The plan may be kept in an electronic format. In such a case, it shall be protected by procedures aimed at preventing its unauthorised deletion, destruction or amendment. 9.7 The plan shall be protected from unauthorised access or disclosure. 9.8 Ship security plans are not subject to inspection by officers duly authorised by a Contracting Government to carry out control and compliance measures in accordance with regulation XI-2/9, save in circumstances specified in section 9.8.1. 9.8.1 If the officers duly authorised by a Contracting Government have clear grounds to believe that the ship is not in compliance with the requirements of chapter XI-2 or part A of this Code, and the only means to verify or rectify the non-compliance is to review the relevant requirements of the ship security plan, limited access to the specific sections of the plan relating to the non-compliance is exceptionally allowed, but only with the consent of the Contracting Government of, or the master of, the ship concerned. Nevertheless, the provisions in the plan relating to section 9.4 subsections 2., 4., 5., 7., 15., 17. and 18. of this Part of the Code are considered as confidential information, and cannot be subject to inspection unless otherwise agreed by the Contracting Governments concerned. 10RECORDS 10.1Records of the following activities addressed in the ship security plan shall be kept on board for at least the minimum period specified by the Administration, bearing in mind the provisions of regulation XI-2/9.2.3: .1training, drills and exercises; .2security threats and security incidents; .3breaches of security; .4changes in security level; .5communications relating to the direct security of the ship such as specific threats to the ship or to port facilities the ship is, or has been, in; .6internal audits and reviews of security activities; .7periodic review of the ship security assessment; .8periodic review of the ship security plan; .9implementation of any amendments to the plan; and .10maintenance, calibration and testing of any security equipment provided on board, including testing of the ship security alert system. 10.2The records shall be kept in the working language or languages of the ship. If the language or languages used are not English, French or Spanish, a translation into one of these languages shall be included. 10.3The records may be kept in an electronic format. In such a case, they shall be protected by procedures aimed at preventing their unauthorised deletion, destruction or amendment. 10.4The records shall be protected from unauthorised access or disclosure. 11COMPANY SECURITY OFFICER 11.1The Company shall designate a company security officer. A person designated as the company security officer may act as the company security officer for one or more ships, depending on the number or types of ships the Company operates, provided it is clearly identified for which ships this person is responsible. A Company may, depending on the number or types of ships they operate, designate several persons as company security officers provided it is clearly identified for which ships each person is responsible. 11.2In addition to those specified elsewhere in this Part of the Code, the duties and responsibilities of the company security officer shall include, but are not limited to: .1advising the level of threats likely to be encountered by the ship, using appropriate security assessments and other relevant information; .2ensuring that ship security assessments are carried out; .3ensuring the development, the submission for approval, and thereafter the implementation and maintenance of the ship security plan; .4ensuring that the ship security plan is modified, as appropriate, to correct deficiencies and satisfy the security requirements of the individual ship; .5arranging for internal audits and reviews of security activities; .6arranging for the initial and subsequent verifications of the ship by the Administration or the recognised security organisation; .7ensuring that deficiencies and non-conformities identified during internal audits, periodic reviews, security inspections and verifications of compliance are promptly addressed and dealt with; .8enhancing security awareness and vigilance; .9ensuring adequate training for personnel responsible for the security of the ship; .10ensuring effective communication and cooperation between the ship security officer and the relevant port facility security officers; .11ensuring consistency between security requirements and safety requirements; .12ensuring that, if sister-ship or fleet security plans are used, the plan for each ship reflects the ship-specific information accurately; and .13ensuring that any alternative or equivalent arrangements approved for a particular ship or group of ships are implemented and maintained. 12SHIP SECURITY OFFICER 12.1A ship security officer shall be designated on each ship. 12.2In addition to those specified elsewhere in this Part of the Code, the duties and responsibilities of the ship security officer shall include, but are not limited to: .1undertaking regular security inspections of the ship to ensure that appropriate security measures are maintained; .2maintaining and supervising the implementation of the ship security plan, including any amendments to the plan; .3coordinating the security aspects of the handling of cargo and ship's stores with other shipboard personnel and with the relevant port facility security officers; .4proposing modifications to the ship security plan; .5reporting to the company security officer any deficiencies and non-conformities identified during internal audits, periodic reviews, security inspections and verifications of compliance and implementing any corrective actions; .6enhancing security awareness and vigilance on board; .7ensuring that adequate training has been provided to shipboard personnel, as appropriate; .8reporting all security incidents; .9coordinating implementation of the ship security plan with the company security officer and the relevant port facility security officer; and .10ensuring that security equipment is properly operated, tested, calibrated and maintained, if any. 13TRAINING, DRILLS AND EXERCISES ON SHIP SECURITY 13.1The company security officer and appropriate shore-based personnel shall have knowledge and have received training, taking into account the guidance given in part B of this Code. 13.2The ship security officer shall have knowledge and have received training, taking into account the guidance given in part B of this Code. 13.3Shipboard personnel having specific security duties and responsibilities shall understand their responsibilities for ship security as described in the ship security plan and shall have sufficient knowledge and ability to perform their assigned duties, taking into account the guidance given in part B of this Code. 13.4To ensure the effective implementation of the ship security plan, drills shall be carried out at appropriate intervals taking into account the ship type, ship personnel changes, port facilities to be visited and other relevant circumstances, taking into account the guidance given in part B of this Code. 13.5The company security officer shall ensure the effective coordination and implementation of ship security plans by participating in exercises at appropriate intervals, taking into account the guidance given in part B of this Code. 14PORT FACILITY SECURITY 14.1 A port facility is required to act upon the security levels set by the Contracting Government within whose territory it is located. Security measures and procedures shall be applied at the port facility in such a manner as to cause a minimum of interference with, or delay to, passengers, ship, ship's personnel and visitors, goods and services. 14.2 At security level 1, the following activities shall be carried out through appropriate measures in all port facilities, taking into account the guidance given in part B of this Code, in order to identify and take preventive measures against security incidents: .1ensuring the performance of all port facility security duties; .2controlling access to the port facility; .3monitoring of the port facility, including anchoring and berthing area(s); .4monitoring restricted areas to ensure that only authorised persons have access; .5supervising the handling of cargo; .6supervising the handling of ship's stores; and .7ensuring that security communication is readily available. 14.3 At security level 2, additional protective measures, specified in the port facility security plan, shall be implemented for each activity detailed in section 14.2, taking into account the guidance given in part B of this Code. 14.4 At security level 3, further specific protective measures, specified in the port facility security plan, shall be implemented for each activity detailed in section 14.2, taking into account the guidance given in part B of this Code. 14.4.1 In addition, at security level 3, port facilities are required to respond to and implement any security instructions given by the Contracting Government within whose territory the port facility is located. 14.5 When a port facility security officer is advised that a ship encounters difficulties in complying with the requirements of chapter XI-2 or this part or in implementing the appropriate measures and procedures as detailed in the ship security plan, and in the case of security level 3 following any security instructions given by the Contracting Government within whose territory the port facility is located, the port facility security officer and the ship security officer shall liaise and coordinate appropriate actions. 14.6 When a port facility security officer is advised that a ship is at a security level which is higher than that of the port facility, the port facility security officer shall report the matter to the competent authority and shall liaise with the ship security officer and coordinate appropriate actions, if necessary. 15PORT FACILITY SECURITY ASSESSMENT 15.1 The port facility security assessment is an essential and integral part of the process of developing and updating the port facility security plan. 15.2 The port facility security assessment shall be carried out by the Contracting Government within whose territory the port facility is located. A Contracting Government may authorise a recognised security organisation to carry out the port facility security assessment of a specific port facility located within its territory. 15.2.1 When the port facility security assessment has been carried out by a recognised security organisation, the security assessment shall be reviewed and approved for compliance with this section by the Contracting Government within whose territory the port facility is located. 15.3 The persons carrying out the assessment shall have appropriate skills to evaluate the security of the port facility in accordance with this section, taking into account the guidance given in part B of this Code. 15.4 The port facility security assessments shall periodically be reviewed and updated, taking account of changing threats and/or minor changes in the port facility, and shall always be reviewed and updated when major changes to the port facility take place. 15.5 The port facility security assessment shall include, at least, the following elements: .1identification and evaluation of important assets and infrastructure it is important to protect; .2identification of possible threats to the assets and infrastructure and the likelihood of their occurrence, in order to establish and prioritise security measures; .3identification, selection and prioritisation of countermeasures and procedural changes and their level of effectiveness in reducing vulnerability; and .4identification of weaknesses, including human factors, in the infrastructure, policies and procedures. 15.6 The Contracting Government may allow a port facility security assessment to cover more than one port facility if the operator, location, operation, equipment, and design of these port facilities are similar. Any Contracting Government which allows such an arrangement shall communicate to the Organisation particulars thereof. 15.7 Upon completion of the port facility security assessment, a report shall be prepared, consisting of a summary of how the assessment was conducted, a description of each vulnerability found during the assessment and a description of countermeasures that could be used to address each vulnerability. The report shall be protected from unauthorised access or disclosure. 16PORT FACILITY SECURITY PLAN 16.1 A port facility security plan shall be developed and maintained, on the basis of a port facility security assessment for each port facility, adequate for the ship/port interface. The plan shall make provisions for the three security levels, as defined in this Part of the Code. 16.1.1 Subject to the provisions of section 16.2, a recognised security organisation may prepare the port facility security plan of a specific port facility. 16.2 The port facility security plan shall be approved by the Contracting Government in whose territory the port facility is located. 16.3 Such a plan shall be developed taking into account the guidance given in part B of this Code and shall be in the working language of the port facility. The plan shall address, at least, the following: .1measures designed to prevent weapons or any other dangerous substances and devices intended for use against persons, ships or ports, and the carriage of which is not authorised, from being introduced into the port facility or on board a ship; .2measures designed to prevent unauthorised access to the port facility, to ships moored at the facility, and to restricted areas of the facility; .3procedures for responding to security threats or breaches of security, including provisions for maintaining critical operations of the port facility or ship/port interface; .4procedures for responding to any security instructions the Contracting Government in whose territory the port facility is located may give at security level 3; .5procedures for evacuation in case of security threats or breaches of security; .6duties of port facility personnel assigned security responsibilities and of other facility personnel on security aspects; .7procedures for interfacing with ship security activities; .8procedures for the periodic review of the plan and updating; .9procedures for reporting security incidents; .10identification of the port facility security officer, including 24-hour contact details; .11measures to ensure the security of the information contained in the plan; .12measures designed to ensure effective security of cargo and the cargo handling equipment at the port facility; .13procedures for auditing the port facility security plan; .14procedures for responding in case the ship security alert system of a ship at the port facility has been activated; and .15procedures for facilitating shore leave for ship's personnel or personnel changes, as well as access of visitors to the ship, including representatives of seafarers' welfare and labour organisations. 16.4 Personnel conducting internal audits of the security activities specified in the plan or evaluating its implementation shall be independent of the activities being audited unless this is impracticable due to the size and the nature of the port facility. 16.5 The port facility security plan may be combined with, or be part of, the port security plan or any other port emergency plan or plans. 16.6 The Contracting Government in whose territory the port facility is located shall determine which changes to the port facility security plan shall not be implemented unless the relevant amendments to the plan are approved by them. 16.7 The plan may be kept in an electronic format. In such a case, it shall be protected by procedures aimed at preventing its unauthorised deletion, destruction or amendment. 16.8 The plan shall be protected from unauthorised access or disclosure. 16.9 Contracting Governments may allow a port facility security plan to cover more than one port facility if the operator, location, operation, equipment, and design of these port facilities are similar. Any Contracting Government which allows such an alternative arrangement shall communicate to the Organisation particulars thereof. 17PORT FACILITY SECURITY OFFICER 17.1A port facility security officer shall be designated for each port facility. A person may be designated as the port facility security officer for one or more port facilities. 17.2In addition to those specified elsewhere in this Part of the Code, the duties and responsibilities of the port facility security officer shall include, but are not limited to: .1conducting an initial comprehensive security survey of the port facility, taking into account the relevant port facility security assessment; .2ensuring the development and maintenance of the port facility security plan; .3implementing and exercising the port facility security plan; .4undertaking regular security inspections of the port facility to ensure the continuation of appropriate security measures; .5recommending and incorporating, as appropriate, modifications to the port facility security plan in order to correct deficiencies and to update the plan to take into account relevant changes to the port facility; .6enhancing security awareness and vigilance of the port facility personnel; .7ensuring adequate training has been provided to personnel responsible for the security of the port facility; .8reporting to the relevant authorities and maintaining records of occurrences which threaten the security of the port facility; .9coordinating implementation of the port facility security plan with the appropriate Company and ship security officer(s); .10coordinating with security services, as appropriate; .11ensuring that standards for personnel responsible for security of the port facility are met; .12ensuring that security equipment is properly operated, tested, calibrated and maintained, if any; and .13assisting ship security officers in confirming the identity of those seeking to board the ship when requested. 17.3The port facility security officer shall be given the necessary support to fulfil the duties and responsibilities imposed by chapter XI-2 and this Part of the Code. 18TRAINING, DRILLS AND EXERCISES ON PORT FACILITY SECURITY 18.1The port facility security officer and appropriate port facility security personnel shall have knowledge and have received training, taking into account the guidance given in part B of this Code. 18.2Port facility personnel having specific security duties shall understand their duties and responsibilities for port facility security, as described in the port facility security plan, and shall have sufficient knowledge and ability to perform their assigned duties, taking into account the guidance given in part B of this Code. 18.3To ensure the effective implementation of the port facility security plan, drills shall be carried out at appropriate intervals, taking into account the types of operation of the port facility, port facility personnel changes, the type of ship the port facility is serving and other relevant circumstances, taking into account guidance given in part B of this Code. 18.4The port facility security officer shall ensure the effective coordination and implementation of the port facility security plan by participating in exercises at appropriate intervals, taking into account the guidance given in part B of this Code. 19VERIFICATION AND CERTIFICATION FOR SHIPS 19.1Verifications 19.1.1 Each ship to which this Part of the Code applies shall be subject to the verifications specified below: .1an initial verification before the ship is put in service or before the certificate required under section 19.2 is issued for the first time, which shall include a complete verification of its security system and any associated security equipment covered by the relevant provisions of chapter XI-2, of this Part of the Code and of the approved ship security plan. This verification shall ensure that the security system and any associated security equipment of the ship fully complies with the applicable requirements of chapter XI-2 and this Part of the Code, is in satisfactory condition and fit for the service for which the ship is intended; .2a renewal verification at intervals specified by the Administration, but not exceeding five years, except where section 19.3 is applicable. This verification shall ensure that the security system and any associated security equipment of the ship fully complies with the applicable requirements of chapter XI-2, this Part of the Code and the approved ship security plan, is in satisfactory condition and fit for the service for which the ship is intended; .3at least one intermediate verification. If only one intermediate verification is carried out it shall take place between the second and third anniversary date of the certificate as defined in regulation I/2(n). The intermediate verification shall include inspection of the security system and any associated security equipment of the ship to ensure that it remains satisfactory for the service for which the ship is intended. Such intermediate verification shall be endorsed on the certificate; .4any additional verifications as determined by the Administration. 19.1.2 The verifications of ships shall be carried out by officers of the Administration. The Administration may, however, entrust the verifications to a recognised security organisation referred to in regulation XI-2/1. 19.1.3 In every case, the Administration concerned shall fully guarantee the completeness and efficiency of the verification and shall undertake to ensure the necessary arrangements to satisfy this obligation. 19.1.4 The security system and any associated security equipment of the ship after verification shall be maintained to conform with the provisions of regulations XI-2/4.2 and XI-2/6, of this Part of the Code and of the approved ship security plan. After any verification under section 19.1.1 has been completed, no changes shall be made in the security system and in any associated security equipment or the approved ship security plan without the sanction of the Administration. 19.2Issue or endorsement of Certificate 19.2.1 An International Ship Security Certificate shall be issued after the initial or renewal verification in accordance with the provisions of section 19.1. 19.2.2 Such Certificate shall be issued or endorsed either by the Administration or by a recognised security organisation acting on behalf of the Administration. 19.2.3 Another Contracting Government may, at the request of the Administration, cause the ship to be verified and, if satisfied that the provisions of section 19.1.1 are complied with, shall issue or authorise the issue of an International Ship Security Certificate to the ship and, where appropriate, endorse or authorise the endorsement of that Certificate on the ship, in accordance with this Code. 19.2.3.1 A copy of the Certificate and a copy of the verification report shall be transmitted as soon as possible to the requesting Administration. 19.2.3.2 A Certificate so issued shall contain a statement to the effect that it has been issued at the request of the Administration and it shall have the same force and receive the same recognition as the Certificate issued under section 19.2.2. 19.2.4 The International Ship Security Certificate shall be drawn up in a form corresponding to the model given in the appendix to this Code. If the language used is not English, French or Spanish, the text shall include a translation into one of these languages. 19.3Duration and validity of Certificate 19.3.1 An International Ship Security Certificate shall be issued for a period specified by the Administration, which shall not exceed five years. 19.3.2 When the renewal verification is completed within three months before the expiry date of the existing Certificate, the new Certificate shall be valid from the date of completion of the renewal verification to a date not exceeding five years from the date of expiry of the existing Certificate. 19.3.2.1 When the renewal verification is completed after the expiry date of the existing Certificate, the new Certificate shall be valid from the date of completion of the renewal verification to a date not exceeding five years from the date of expiry of the existing Certificate. 19.3.2.2 When the renewal verification is completed more than three months before the expiry date of the existing Certificate, the new Certificate shall be valid from the date of completion of the renewal verification to a date not exceeding five years from the date of completion of the renewal verification. 19.3.3 If a Certificate is issued for a period of less than five years, the Administration may extend the validity of the Certificate beyond the expiry date to the maximum period specified in section 19.3.1, provided that the verifications referred to in section 19.1.1 applicable when a Certificate is issued for a period of five years are carried out as appropriate. 19.3.4 If a renewal verification has been completed and a new Certificate cannot be issued or placed on board the ship before the expiry date of the existing Certificate, the Administration or recognised security organisation acting on behalf of the Administration may endorse the existing Certificate and such a Certificate shall be accepted as valid for a further period which shall not exceed five months from the expiry date. 19.3.5 If a ship, at the time when a Certificate expires, is not in a port in which it is to be verified, the Administration may extend the period of validity of the Certificate but this extension shall be granted only for the purpose of allowing the ship to complete its voyage to the port in which it is to be verified, and then only in cases where it appears proper and reasonable to do so. No Certificate shall be extended for a period longer than three months, and the ship to which an extension is granted shall not, on its arrival in the port in which it is to be verified, be entitled by virtue of such extension to leave that port without having a new Certificate. When the renewal verification is completed, the new Certificate shall be valid to a date not exceeding five years from the expiry date of the existing Certificate before the extension was granted. 19.3.6 A Certificate issued to a ship engaged on short voyages which has not been extended under the foregoing provisions of this section may be extended by the Administration for a period of grace of up to one month from the date of expiry stated on it. When the renewal verification is completed, the new Certificate shall be valid to a date not exceeding five years from the date of expiry of the existing Certificate before the extension was granted. 19.3.7 If an intermediate verification is completed before the period specified in section 19.1.1, then: .1the expiry date shown on the Certificate shall be amended by endorsement to a date which shall not be more than three years later than the date on which the intermediate verification was completed; .2the expiry date may remain unchanged provided one or more additional verifications are carried out so that the maximum intervals between the verifications prescribed by section 19.1.1 are not exceeded. 19.3.8 A Certificate issued under section 19.2 shall cease to be valid in any of the following cases: .1if the relevant verifications are not completed within the periods specified under section 19.1.1; .2if the Certificate is not endorsed in accordance with section 19.1.1.3 and 19.3.7.1, if applicable; .3when a Company assumes the responsibility for the operation of a ship not previously operated by that Company; and .4upon transfer of the ship to the flag of another State. 19.3.9 In the case of: .1a transfer of a ship to the flag of another Contracting Government, the Contracting Government whose flag the ship was formerly entitled to fly shall, as soon as possible, transmit to the receiving Administration copies of, or all information relating to, the International Ship Security Certificate carried by the ship before the transfer and copies of available verification reports, or .2a Company that assumes responsibility for the operation of a ship not previously operated by that Company, the previous Company shall, as soon as possible, transmit to the receiving Company copies of any information related to the International Ship Security Certificate or to facilitate the verifications described in section 19.4.2. 19.4 Interim certification 19.4.1 The Certificates specified in section 19.2 shall be issued only when the Administration issuing the Certificate is fully satisfied that the ship complies with the requirements of section 19.1. However, after 1 July 2004, for the purposes of: .1a ship without a Certificate, on delivery or prior to its entry or re-entry into service; .2transfer of a ship from the flag of a Contracting Government to the flag of another Contracting Government; .3transfer of a ship to the flag of a Contracting Government from a State which is not a Contracting Government; or .4a Company assuming the responsibility for the operation of a ship not previously operated by that Company until the Certificate referred to in section 19.2 is issued, the Administration may cause an Interim International Ship Security Certificate to be issued, in a form corresponding to the model given in the appendix to this Part of the Code. 19.4.2 An Interim International Ship Security Certificate shall only be issued when the Administration or recognised security organisation, on behalf of the Administration, has verified that: .1the ship security assessment required by this Part of the Code has been completed; .2a copy of the ship security plan meeting the requirements of chapter XI-2 and part A of this Code is provided on board, has been submitted for review and approval, and is being implemented on the ship; .3the ship is provided with a ship security alert system meeting the requirements of regulation XI-2/6, if required; .4the company security officer: .1has ensured: .1the review of the ship security plan for compliance with this Part of the Code; .2that the plan has been submitted for approval; and .3that the plan is being implemented on the ship; and .2has established the necessary arrangements, including arrangements for drills, exercises and internal audits, through which the company security officer is satisfied that the ship will successfully complete the required verification in accordance with section 19.1.1.1, within 6 months; .5arrangements have been made for carrying out the required verifications under section 19.1.1.1; .6the master, the ship security officer and other ship's personnel with specific security duties are familiar with their duties and responsibilities as specified in this Part of the Code; and with the relevant provisions of the ship security plan placed on board; and have been provided such information in the working language of the ship's personnel or languages understood by them; and .7the ship security officer meets the requirements of this Part of the Code. 19.4.3 An Interim International Ship Security Certificate may be issued by the Administration or by a recognised security organisation authorised to act on its behalf. 19.4.4 An Interim International Ship Security Certificate shall be valid for 6 months, or until the Certificate required by section 19.2 is issued, whichever comes first, and may not be extended. 19.4.5 No Contracting Government shall cause a subsequent, consecutive Interim International Ship Security Certificate to be issued to a ship if, in the judgement of the Administration or the recognised security organisation, one of the purposes of the ship or a Company in requesting such certificate is to avoid full compliance with chapter XI-2 and this Part of the Code beyond the period of the initial Interim Certificate as specified in section 19.4.4. 19.4.6 For the purposes of regulation XI-2/9, Contracting Governments may, prior to accepting an Interim International Ship Security Certificate as a valid Certificate, ensure that the requirements of sections 19.4.2.4 to 19.4.2.6 have been met." Appendix to Part A Appendix 1 02004R0725-20090420_en_img_1 02004R0725-20090420_en_img_2 02004R0725-20090420_en_img_3 02004R0725-20090420_en_img_4 Appendix 2 02004R0725-20090420_en_img_5 ANNEX III "PART BGUIDANCE REGARDING THE PROVISIONS OF CHAPTER XI-2 OF THE ANNEX TO THE INTERNATIONAL CONVENTION FOR THE SAFETY OF LIFE AT SEA, 1974 AS AMENDED AND PART A OF THIS CODE 1.INTRODUCTION General 1.1The preamble of this Code indicates that chapter XI-2 and part A of this Code establish the new international framework of measures to enhance maritime security and through which ships and port facilities can cooperate to detect and deter acts which threaten security in the maritime transport sector. 1.2This introduction outlines, in a concise manner, the processes envisaged in establishing and implementing the measures and arrangements needed to achieve and maintain compliance with the provisions of chapter XI-2 and of part A of this Code and identifies the main elements on which guidance is offered. The guidance is provided in paragraphs 2 through to 19. It also sets down essential considerations which should be taken into account when considering the application of the guidance relating to ships and port facilities. 1.3If the reader's interest relates to ships alone, it is strongly recommended that this Part of the Code is still read as a whole, particularly the paragraphs relating to port facilities. The same applies to those whose primary interest is port facilities; they should also read the paragraphs relating to ships. 1.4The guidance provided in the following paragraphs relates primarily to protection of the ship when it is at a port facility. There could, however, be situations when a ship may pose a threat to the port facility, e.g. because, once within the port facility, it could be used as a base from which to launch an attack. When considering the appropriate security measures to respond to ship-based security threats, those completing the port facility security assessment or preparing the port facility security plan should consider making appropriate adaptations to the guidance offered in the following paragraphs. 1.5The reader is advised that nothing in this Part of the Code should be read or interpreted in conflict with any of the provisions of either chapter XI-2 or part A of this Code and that the aforesaid provisions always prevail and override any unintended inconsistency which may have been inadvertently expressed in this Part of the Code. The guidance provided in this Part of the Code should always be read, interpreted and applied in a manner which is consistent with the aims, objectives and principles established in chapter XI-2 and part A of this Code. Responsibilities of Contracting Governments 1.6Contracting Governments have, under the provisions of chapter XI-2 and part A of this Code, various responsibilities, which, amongst others, include: setting the applicable security level; approving the ship security plan (SSP) and relevant amendments to a previously approved plan; verifying the compliance of ships with the provisions of chapter XI-2 and part A of this Code and issuing to ships the International Ship Security Certificate; determining which of the port facilities located within their territory are required to designate a port facility security officer (PFSO) who will be responsible for the preparation of the port facility security plan; ensuring completion and approval of the port facility security assessment (PFSA) and of any subsequent amendments to a previously approved assessment; approving the port facility security plan (PFSP) and any subsequent amendments to a previously approved plan; exercising control and compliance measures; testing approved plans; and communicating information to the International Maritime Organisation and to the shipping and port industries. 1.7Contracting Governments can designate, or establish, Designated Authorities within Government to undertake, with respect to port facilities, their security duties under chapter XI-2 and part A of this Code and allow recognised security organisations to carry out certain work with respect to port facilities, but the final decision on the acceptance and approval of this work should be given by the Contracting Government or the Designated Authority. Administrations may also delegate the undertaking of certain security duties, relating to ships, to recognised security organisations. The following duties or activities cannot be delegated to a recognised security organisation: setting of the applicable security level; determining which of the port facilities located within the territory of a Contracting Government are required to designate a PFSO and to prepare a PFSP; approving a PFSA or any subsequent amendments to a previously approved assessment; approving a PFSP or any subsequent amendments to a previously approved plan; exercising control and compliance measures; and establishing the requirements for a Declaration of Security. Setting the security level 1.8The setting of the security level applying at any particular time is the responsibility of Contracting Governments and can apply to ships and port facilities. Part A of this Code defines three security levels for international use. These are: Security level 1, normal; the level at which ships and port facilities normally operate; Security level 2, heightened; the level applying for as long as there is a heightened risk of a security incident; and Security level 3, exceptional; the level applying for the period of time when there is the probable or imminent risk of a security incident. The Company and the ship 1.9Any Company operating ships to which chapter XI-2 and part A of this Code apply has to designate a CSO for the Company and a SSO for each of its ships. The duties, responsibilities and training requirements of these officers and requirements for drills and exercises are defined in part A of this Code. 1.10The company security officer's responsibilities include, in brief amongst others, ensuring that a ship security assessment (SSA) is properly carried out, that a SSP is prepared and submitted for approval by, or on behalf of, the Administration and thereafter is placed on board each ship to which part A of this Code applies and in respect of which that person has been appointed as the CSO. 1.11The SSP should indicate the operational and physical security measures the ship itself should take to ensure it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the ship itself can take to move to and operate at security level 2 when instructed to do so. Furthermore, the plan should indicate the possible preparatory actions the ship could take to allow prompt response to the instructions that may be issued to the ship by those responding at security level 3 to a security incident or threat thereof. 1.12The ships to which the requirements of chapter XI-2 and part A of this Code apply are required to have, and operated in accordance with, a SSP approved by, or on behalf of, the Administration. The CSO and the SSO should monitor the continuing relevance and effectiveness of the plan, including the undertaking of internal audits. Amendments to any of the elements of an approved plan, for which the Administration has determined that approval is required, have to be submitted for review and approval before their incorporation into the approved plan and their implementation by the ship. 1.13The ship has to carry an International Ship Security Certificate indicating that it complies with the requirements of chapter XI-2 and part A of this Code. Part A of this Code includes provisions relating to the verification and certification of the ship's compliance with the requirements on an initial, renewal and intermediate verification basis. 1.14When a ship is at a port or is proceeding to a port of a Contracting Government, the Contracting Government has the right, under the provisions of regulation XI-2/9, to exercise various control and compliance measures with respect to that ship. The ship is subject to port State control inspections but such inspections will not normally extend to examination of the SSP itself except in specific circumstances. The ship may also be subject to additional control measures if the Contracting Government exercising the control and compliance measures has reason to believe that the security of the ship has, or the port facilities it has served have, been compromised. 1.15The ship is also required to have on board information, to be made available to Contracting Governments upon request, indicating who is responsible for deciding the employment of the ship's personnel and for deciding various aspects relating to the employment of the ship. The port facility 1.16 Each Contracting Government has to ensure completion of a PFSA for each of the port facilities, located within its territory, serving ships engaged on international voyages. The Contracting Government, a Designated Authority or a recognised security organisation may carry out this assessment. The completed PFSA has to be approved by the Contracting Government or the Designated Authority concerned. This approval cannot be delegated. Port facility security assessments should be periodically reviewed. 1.17 The PFSA is fundamentally a risk analysis of all aspects of a port facility's operation in order to determine which part(s) of it are more susceptible, and/or more likely, to be the subject of attack. Security risk is a function of the threat of an attack coupled with the vulnerability of the target and the consequences of an attack.The assessment must include the following components: determination of the perceived threat to port installations and infrastructure; identification of the potential vulnerabilities; and calculation of the consequences of incidents. On completion of the analysis, it will be possible to produce an overall assessment of the level of risk. The PFSA will help determine which port facilities are required to appoint a PFSO and prepare a PFSP. 1.18 The port facilities which have to comply with the requirements of chapter XI-2 and part A of this Code are required to designate a PFSO. The duties, responsibilities and training requirements of these officers and requirements for drills and exercises are defined in part A of this Code. 1.19 The PFSP should indicate the operational and physical security measures the port facility should take to ensure that it always operates at security level 1. The plan should also indicate the additional, or intensified, security measures the port facility can take to move to and operate at security level 2 when instructed to do so. Furthermore, the plan should indicate the possible preparatory actions the port facility could take to allow prompt response to the instructions that may be issued by those responding at security level 3 to a security incident or threat thereof. 1.20 The port facilities which have to comply with the requirements of chapter XI-2 and part A of this Code are required to have, and operate in accordance with, a PFSP approved by the Contracting Government or by the Designated Authority concerned. The PFSO should implement its provisions and monitor the continuing effectiveness and relevance of the plan, including commissioning internal audits of the application of the plan. Amendments to any of the elements of an approved plan, for which the Contracting Government or the Designated Authority concerned has determined that approval is required, have to be submitted for review and approval before their incorporation into the approved plan and their implementation at the port facility. The Contracting Government or the Designated Authority concerned may test the effectiveness of the plan. The PFSA covering the port facility or on which the development of the plan has been based should be regularly reviewed. All these activities may lead to amendment of the approved plan. Any amendments to specified elements of an approved plan will have to be submitted for approval by the Contracting Government or by the Designated Authority concerned. 1.21 Ships using port facilities may be subject to the port State control inspections and additional control measures outlined in regulation XI-2/9. The relevant authorities may request the provision of information regarding the ship, its cargo, passengers and ship's personnel prior to the ship's entry into port. There may be circumstances in which entry into port could be denied. Information and communication 1.22 Chapter XI-2 and part A of this Code require Contracting Governments to provide certain information to the International Maritime Organisation and for information to be made available to allow effective communication between Contracting Governments and between company security officers/ship security officers and the port facility security officers. 2.DEFINITIONS 2.1No guidance is provided with respect to the definitions set out in chapter XI-2 or part A of this Code. 2.2For the purpose of this Part of the Code: .1"section" means a section of part A of the Code and is indicated as "section A/<followed by the number of the section>"; .2"paragraph" means a paragraph of this Part of the Code and is indicated as "paragraph <followed by the number of the paragraph >"; and .3"Contracting Government", when used in paragraphs 14 to 18, means the "Contracting Government within whose territory the port facility is located" and includes a reference to the Designated Authority. 3.APPLICATION General 3.1The guidance given in this Part of the Code should be taken into account when implementing the requirements of chapter XI-2 and part A of this Code. 3.2However, it should be recognised that the extent to which the guidance on ships applies will depend on the type of ship, its cargoes and/or passengers, its trading pattern and the characteristics of the port facilities visited by the ship. 3.3Similarly, in relation to the guidance on port facilities, the extent to which this guidance applies will depend on the port facilities, the types of ships using the port facility, the types of cargo and/or passengers and the trading patterns of visiting ships. 3.4The provisions of chapter XI-2 and part A of this Code are not intended to apply to port facilities designed and used primarily for military purposes. 4.RESPONSIBILITIES OF CONTRACTING GOVERNMENTS Security of assessments and plans 4.1Contracting Governments should ensure that appropriate measures are in place to avoid unauthorised disclosure of, or access to, security-sensitive material relating to ship security assessments (SSAs), ship security plans (SSPs), port facility security assessments (PFSAs) and port facility security plans (PFSPs), and to individual assessments or plans. Designated Authorities 4.2Contracting Governments may identify a Designated Authority within Government to undertake their security duties relating to port facilities as set out in chapter XI-2 or part A of this Code. Recognised security organisations 4.3 Contracting Governments may authorise a recognised security organisation (RSO) to undertake certain security-related activities, including: .1approval of ship security plans, or amendments thereto, on behalf of the Administration; .2verification and certification of compliance of ships with the requirements of chapter XI-2 and part A of this Code on behalf of the Administration; and .3conducting port facility security assessments required by the Contracting Government. 4.4 An RSO may also advise or provide assistance to Companies or port facilities on security matters, including ship security assessments, ship security plans, port facility security assessments and port facility security plans. This can include completion of a SSA or SSP or PFSA or PFSP. If an RSO has done so in respect of a SSA or SSP, that RSO should not be authorised to approve that SSP. 4.5 When authorising an RSO, Contracting Governments should give consideration to the competency of such an organisation. An RSO should be able to demonstrate: .1expertise in relevant aspects of security; .2appropriate knowledge of ship and port operations, including knowledge of ship design and construction if providing services in respect of ships and of port design and construction if providing services in respect of port facilities; .3their capability to assess the likely security risks that could occur during ship and port facility operations, including the ship/port interface, and how to minimise such risks; .4their ability to maintain and improve the expertise of their personnel; .5their ability to monitor the continuing trustworthiness of their personnel; .6their ability to maintain appropriate measures to avoid unauthorised disclosure of, or access to, security-sensitive material; .7their knowledge of the requirements of chapter XI-2 and part A of this Code and relevant national and international legislation and security requirements; .8their knowledge of current security threats and patterns; .9their knowledge of recognition and detection of weapons, dangerous substances and devices; .10their knowledge of recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security; .11their knowledge of techniques used to circumvent security measures; and .12their knowledge of security and surveillance equipment and systems and their operational limitations. When delegating specific duties to a RSO, Contracting Governments, including Administrations, should ensure that the RSO has the competencies needed to undertake the task. 4.6 A recognised organisation, as referred to in regulation I/6 and fulfilling the requirements of regulation XI-1/1, may be appointed as a RSO provided it has the appropriate security-related expertise listed in paragraph 4.5. 4.7 A port or harbour Authority or port facility operator may be appointed as a RSO provided it has the appropriate security-related expertise listed in paragraph 4.5. Setting the security level 4.8In setting the security level, Contracting Governments should take account of general and specific threat information. Contracting Governments should set the security level applying to ships or port facilities at one of three levels: Security level 1, normal; the level at which the ship or port facility normally operates; Security level 2, heightened; the level applying for as long as there is a heightened risk of a security incident; and Security level 3, exceptional; the level applying for the period of time when there is the probable or imminent risk of a security incident. 4.9Setting security level 3 should be an exceptional measure applying only when there is credible information that a security incident is probable or imminent. Security level 3 should only be set for the duration of the identified security threat or actual security incident. While the security levels may change from security level 1, through security level 2 to security level 3, it is also possible that the security levels will change directly from security level 1 to security level 3. 4.10At all times the master of a ship has the ultimate responsibility for the safety and security of the ship. Even at security level 3 a master may seek clarification or amendment of instructions issued by those responding to a security incident, or threat thereof, if there are reasons to believe that compliance with any instruction may imperil the safety of the ship. 4.11The CSO or the SSO should liaise at the earliest opportunity with the PFSO of the port facility the ship is intended to visit to establish the security level applying for that ship at the port facility. Having established contact with a ship, the PFSO should advise the ship of any subsequent change in the port facility's security level and should provide the ship with any relevant security information. 4.12While there may be circumstances when an individual ship may be operating at a higher security level than the port facility it is visiting, there will be no circumstances when a ship can have a lower security level than the port facility it is visiting. If a ship has a higher security level than the port facility it intends to use, the CSO or SSO should advise the PFSO without delay. The PFSO should undertake an assessment of the particular situation in consultation with the CSO or SSO and agree on appropriate security measures with the ship, which may include completion and signing of a Declaration of Security. 4.13Contracting Governments should consider how information on changes in security levels should be promulgated rapidly. Administrations may wish to use NAVTEX messages or Notices to Mariners as the method for notifying such changes in security levels to the ship and to CSO and SSO. Or, they may wish to consider other methods of communication that provide equivalent or better speed and coverage. Contracting Governments should establish means of notifying PFSOs of changes in security levels. Contracting Governments should compile and maintain the contact details for a list of those who need to be informed of changes in security levels. Whereas the security level need not be regarded as being particularly sensitive, the underlying threat information may be highly sensitive. Contracting Governments should give careful consideration to the type and detail of the information conveyed and the method by which it is conveyed to SSOs, CSOs and PFSOs. Contact points and information on port facility security plans 4.14Where a port facility has a PFSP, that fact has to be communicated to the Organisation and that information must also be made available to CSOs and SSOs. No further details of the PFSP have to be published other than that it is in place. Contracting Governments should consider establishing either central or regional points of contact, or other means of providing up-to-date information on the locations where PFSPs are in place, together with contact details for the relevant PFSO. The existence of such contact points should be publicised. They could also provide information on the recognised security organisations appointed to act on behalf of the Contracting Government, together with details of the specific responsibility and conditions of authority delegated to such recognised security organisations. 4.15In the case of a port that does not have a PFSP (and therefore does not have a PFSO), the central or regional point of contact should be able to identify a suitably qualified person ashore who can arrange for appropriate security measures to be in place, if needed, for the duration of the ship's visit. 4.16Contracting Governments should also provide the contact details of Government officers to whom an SSO, a CSO and a PFSO can report security concerns. These Government officers should assess such reports before taking appropriate action. Such reported concerns may have a bearing on the security measures falling under the jurisdiction of another Contracting Government. In that case, the Contracting Governments should consider contacting their counterpart in the other Contracting Government to discuss whether remedial action is appropriate. For this purpose, the contact details of the Government officers should be communicated to the International Maritime Organisation. 4.17Contracting Governments should also make the information indicated in paragraphs 4.14 to 4.16 available to other Contracting Governments on request. Identification documents 4.18Contracting Governments are encouraged to issue appropriate identification documents to Government officials entitled to board ships or enter port facilities when performing their official duties and to establish procedures whereby the authenticity of such documents might be verified. Fixed and floating platforms and mobile offshore drilling units on location 4.19Contracting Governments should consider establishing appropriate security measures for fixed and floating platforms and mobile offshore drilling units on location to allow interaction with ships which are required to comply with the provisions of chapter XI-2 and part A of this Code. Ships which are not required to comply with part A of this Code 4.20Contracting Governments should consider establishing appropriate security measures to enhance the security of ships to which chapter XI-2 and part A of this Code do not apply and to ensure that any security provisions applying to such ships allow interaction with ships to which part A of this Code applies. Threats to ships and other incidents at sea 4.21 Contracting Governments should provide general guidance on the measures considered appropriate to reduce the security risk to ships flying their flag when at sea. They should provide specific advice on the action to be taken in accordance with security levels 1 to 3, if: .1there is a change in the security level applying to the ship while it is at sea, e.g. because of the geographical area in which it is operating or relating to the ship itself; and .2there is a security incident or threat thereof involving the ship while at sea. Contracting Governments should establish the best methods and procedures for these purposes. In the case of an imminent attack, the ship should seek to establish direct communication with those responsible in the flag State for responding to security incidents. 4.22 Contracting Governments should also establish a point of contact for advice on security for any ship: .1entitled to fly their flag; or .2operating in their territorial sea or having communicated an intention to enter their territorial sea. 4.23 Contracting Governments should offer advice to ships operating in their territorial sea or having communicated an intention to enter their territorial sea, which could include advice: .1to alter or delay their intended passage; .2to navigate on a particular course or proceed to a specific location; .3on the availability of any personnel or equipment that could be placed on the ship; .4to coordinate the passage, arrival into port or departure from port, to allow escort by patrol craft or aircraft (fixed-wing or helicopter). Contracting Governments should remind ships operating in their territorial sea, or having communicated an intention to enter their territorial sea, of any temporary restricted areas that they have published. 4.24 Contracting Governments should recommend that ships operating in their territorial sea, or having communicated an intention to enter their territorial sea, implement expeditiously, for the ship's protection and for the protection of other ships in the vicinity, any security measure the Contracting Government may have advised. 4.25 The plans prepared by the Contracting Governments for the purposes given in paragraph 4.22 should include information on an appropriate point of contact, available on a 24-hour basis, within the Contracting Government including the Administration. These plans should also include information on the circumstances in which the Administration considers assistance should be sought from nearby coastal States, and a procedure for liaison between PFSOs and SSOs. Alternative security agreements 4.26Contracting Governments, in considering how to implement chapter XI-2 and part A of this Code, may conclude one or more agreements with one or more Contracting Governments. The scope of an agreement is limited to short international voyages on fixed routes between port facilities in the territory of the parties to the agreement. When concluding an agreement, and thereafter, the Contracting Governments should consult other Contracting Governments and Administrations with an interest in the effects of the agreement. Ships flying the flag of a State that is not party to the agreement should only be allowed to operate on the fixed routes covered by the agreement if their Administration agrees that the ship should comply with the provisions of the agreement and requires the ship to do so. In no case can such an agreement compromise the level of security of other ships and port facilities not covered by it, and specifically, all ships covered by such an agreement may not conduct ship-to-ship activities with ships not so covered. Any operational interface undertaken by ships covered by the agreement should be covered by it. The operation of each agreement must be continually monitored and amended when the need arises and in any event should be reviewed every 5 years. Equivalent arrangements for port facilities 4.27For certain specific port facilities with limited or special operations but with more than occasional traffic, it may be appropriate to ensure compliance by security measures equivalent to those prescribed in chapter XI-2 and in part A of this Code. This can, in particular, be the case for terminals such as those attached to factories, or quaysides with no frequent operations. Manning level 4.28In establishing the minimum safe manning of a ship, the Administration should take into account that the minimum safe manning provisions established by regulation V/14 only address the safe navigation of the ship. The Administration should also take into account any additional workload which may result from the implementation of the SSP and ensure that the ship is sufficiently and effectively manned. In doing so, the Administration should verify that ships are able to implement the hours of rest and other measures to address fatigue which have been promulgated by national law, in the context of all shipboard duties assigned to the various shipboard personnel. Control and compliance measures General 4.29Regulation XI-2/9 describes the control and compliance measures applicable to ships under chapter XI-2. It is divided into three distinct sections; control of ships already in a port, control of ships intending to enter a port of another Contracting Government, and additional provisions applicable to both situations. 4.30Regulation XI-2/9.1, Control of ships in port, implements a system for the control of ships while in the port of a foreign country where duly authorised officers of the Contracting Government ("duly authorised officers") have the right to go on board the ship to verify that the required certificates are in proper order. Then, if there are clear grounds to believe the ship does not comply, control measures such as additional inspections or detention may be taken. This reflects current control systems. Regulation XI-2/9.1 builds on such systems and allows for additional measures (including expulsion of a ship from a port to be taken as a control measure) when duly authorised officers have clear grounds for believing that a ship is in non-compliance with the requirements of chapter XI-2 or part A of this Code. Regulation XI-2/9.3 describes the safeguards that promote fair and proportionate implementation of these additional measures. 4.31Regulation XI-2/9.2 applies control measures to ensure compliance to ships intending to enter a port of another Contracting Government and introduces an entirely different concept of control within chapter XI-2, applying to security only. Under this regulation, measures may be implemented prior to the ship entering port, to better ensure security. Just as in regulation XI-2/9.1, this additional control system is based on the concept of clear grounds for believing the ship does not comply with chapter XI-2 or part A of this Code, and includes significant safeguards in regulations XI-2/9.2.2 and XI-2/9.2.5 as well as in regulation XI-2/9.3. 4.32Clear grounds that the ship is not in compliance means evidence or reliable information that the ship does not correspond with the requirements of chapter XI-2 or part A of this Code, taking into account the guidance given in this Part of the Code. Such evidence or reliable information may arise from the duly authorised officer's professional judgement or observations gained while verifying the ship's International Ship Security Certificate or Interim International Ship Security Certificate issued in accordance with part A of this Code ("Certificate") or from other sources. Even if a valid Certificate is on board the ship, the duly authorised officers may still have clear grounds for believing that the ship is not in compliance based on their professional judgement. 4.33Examples of possible clear grounds under regulations XI-2/9.1 and XI-2/9.2 may include, when relevant: .1evidence from a review of the certificate that it is not valid or it has expired; .2evidence or reliable information that serious deficiencies exist in the security equipment, documentation or arrangements required by chapter XI-2 and part A of this Code; .3receipt of a report or complaint which, in the professional judgement of the duly authorised officer, contains reliable information clearly indicating that the ship does not comply with the requirements of chapter XI-2 or part A of this Code; .4evidence or observation gained by a duly authorised officer using professional judgement that the master or ship's personnel is not familiar with essential shipboard security procedures or cannot carry out drills related to the security of the ship or that such procedures or drills have not been carried out; .5evidence or observation gained by a duly authorised officer using professional judgement that key members of ship's personnel are not able to establish proper communication with any other key members of ship's personnel with security responsibilities on board the ship; .6evidence or reliable information that the ship has embarked persons or loaded stores or goods at a port facility or from another ship where either the port facility or the other ship is in violation of chapter XI-2 or part A of this Code, and the ship in question has not completed a Declaration of Security, nor taken appropriate, special or additional security measures or has not maintained appropriate ship security procedures; .7evidence or reliable information that the ship has embarked persons or loaded stores or goods at a port facility or from another source (e.g., another ship or helicopter transfer) where either the port facility or the other source is not required to comply with chapter XI-2 or part A of this Code, and the ship has not taken appropriate, special or additional security measures or has not maintained appropriate security procedures; and .8the ship holding a subsequent, consecutively issued Interim International Ship Security Certificate as described in section A/19.4, and, in the professional judgement of an officer duly authorised, one of the purposes of the ship or a Company in requesting such a Certificate is to avoid full compliance with chapter XI-2 and part A of this Code beyond the period of the initial Interim Certificate as described in section A/19.4.4. 4.34The international law implications of regulation XI-2/9 are particularly relevant, and the regulation should be implemented with regulation XI-2/2.4 in mind, as the potential exists for situations where either measures will be taken which fall outside the scope of chapter XI-2, or where rights of affected ships, outside chapter XI-2, should be considered. Thus, regulation XI-2/9 does not prejudice the Contracting Government from taking measures having a basis in, and consistent with, international law to ensure the safety or security of persons, ships, port facilities and other property in cases where the ship, although in compliance with chapter XI-2 and part A of this Code, is still considered to present a security risk. 4.35When a Contracting Government imposes control measures on a ship, the Administration should, without delay, be contacted with sufficient information to enable the Administration to fully liaise with the Contracting Government. Control of ships in port 4.36Where the non-compliance is either a defective item of equipment or faulty documentation leading to the ship's detention and the non-compliance cannot be remedied in the port of inspection, the Contracting Government may allow the ship to sail to another port provided that any conditions agreed between the port States and the Administration or master are met. Ships intending to enter the port of another Contracting Government 4.37Regulation XI-2/9.2.1 lists the information Contracting Governments may require from a ship as a condition of entry into port. One item of information listed is confirmation of any special or additional measures taken by the ship during its last 10 calls at a port facility. Examples could include: .1records of the measures taken while visiting a port facility located in the territory of a State which is not a Contracting Government, especially those measures that would normally have been provided by port facilities located in the territories of Contracting Governments; and .2any Declarations of Security that were entered into with port facilities or other ships. 4.38Another item of information listed, that may be required as a condition of entry into port, is confirmation that appropriate ship security procedures were maintained during ship-to-ship activity conducted within the period of the last 10 calls at a port facility. It would not normally be required to include records of transfers of pilots or of customs, immigration or security officials nor bunkering, lightering, loading of supplies and unloading of waste by ship within port facilities as these would normally fall within the auspices of the PFSP. Examples of information that might be given include: .1records of the measures taken while engaged in a ship-to-ship activity with a ship flying the flag of a State which is not a Contracting Government, especially those measures that would normally have been provided by ships flying the flag of Contracting Governments; .2records of the measures taken while engaged in a ship-to-ship activity with a ship that is flying the flag of a Contracting Government but is not required to comply with the provisions of chapter XI-2 and part A of this Code, such as a copy of any security certificate issued to that ship under other provisions; and .3in the event that persons or goods rescued at sea are on board, all known information about such persons or goods, including their identities when known and the results of any checks run on behalf of the ship to establish the security status of those rescued. It is not the intention of chapter XI-2 or part A of this Code to delay or prevent the delivery of those in distress at sea to a place of safety. It is the sole intention of chapter XI-2 and part A of this Code to provide States with enough appropriate information to maintain their security integrity. 4.39Examples of other practical security-related information that may be required as a condition of entry into port in order to assist with ensuring the safety and security of persons, port facilities, ships and other property include: .1information contained in the Continuous Synopsis Record; .2location of the ship at the time the report is made; .3expected time of arrival of the ship in port; .4crew list; .5general description of cargo aboard the ship; .6passenger list; and .7information required to be carried under regulation XI-2/5. 4.40Regulation XI-2/9.2.5 allows the master of a ship, upon being informed that the coastal or port State will implement control measures under regulation XI-2/9.2, to withdraw the intention for the ship to enter port. If the master withdraws that intention, regulation XI-2/9 no longer applies, and any other steps that are taken must be based on, and consistent with, international law. Additional provisions 4.41In all cases where a ship is denied entry or is expelled from a port, all known facts should be communicated to the authorities of relevant States. This communication should consist of the following, when known: .1name of ship, its flag, the Ship Identification Number, call sign, ship type and cargo; .2reason for denying entry or for expulsion from port or port areas; .3if relevant, the nature of any security non-compliance; .4if relevant, details of any attempts made to rectify any non-compliance, including any conditions imposed on the ship for the voyage; .5past port(s) of call and next declared port of call; .6time of departure and likely estimated time of arrival at those ports; .7any instructions given to the ship, e.g., reporting on its route; .8available information on the security level at which the ship is currently operating; .9information regarding any communications the port State has had with the Administration; .10contact point within the port State making the report for the purpose of obtaining further information; .11crew list; and .12any other relevant information. 4.42Relevant States to contact should include those along the ship's intended passage to its next port, particularly if the ship intends to enter the territorial sea of that coastal State. Other relevant States could include previous ports of call, so that further information might be obtained and security issues relating to the previous ports resolved. 4.43In exercising control and compliance measures, the duly authorised officers should ensure that any measures or steps imposed are proportionate. Such measures or steps should be reasonable and of the minimum severity and duration necessary to rectify or mitigate the non-compliance. 4.44The word "delay" in regulation XI-2/9.3.5.1 also refers to situations where, pursuant to actions taken under this regulation, the ship is unduly denied entry into port or the ship is unduly expelled from port. Non-Party ships and ships below Convention size 4.45With respect to ships flying the flag of a State which is not a Contracting Government to the Convention and not a Party to the 1988 SOLAS ProtocolProtocol of 1988 relating to the International Convention for the Safety of Life at Sea, 1974., Contracting Governments should not give more favourable treatment to such ships. Accordingly, the requirements of regulation XI-2/9 and the guidance provided in this Part of the Code should be applied to those ships. 4.46Ships below Convention size are subject to measures by which States maintain security. Such measures should be taken with due regard to the requirements in chapter XI-2 and the guidance provided in this Part of the Code. 5.DECLARATION OF SECURITY General 5.1A Declaration of Security (DoS) should be completed when the Contracting Government of the port facility deems it to be necessary or when a ship deems it necessary. 5.1.1The need for a DoS may be indicated by the results of the port facility security assessment (PFSA) and the reasons and circumstances in which a DoS is required should be set out in the port facility security plan (PFSP). 5.1.2The need for a DoS may be indicated by an Administration for ships entitled to fly its flag or as a result of a ship security assessment (SSA) and should be set out in the ship security plan (SSP). 5.2It is likely that a DoS will be requested at higher security levels, when a ship has a higher security level than the port facility, or another ship with which it interfaces, and for ship/port interface or ship-to-ship activities that pose a higher risk to persons, property or the environment for reasons specific to that ship, including its cargo or passengers or the circumstances at the port facility or a combination of these factors. 5.2.1In the case that a ship or an Administration, on behalf of ships entitled to fly its flag, requests completion of a DoS, the port facility security officer (PFSO) or ship security officer (SSO) should acknowledge the request and discuss appropriate security measures. 5.3 A PFSO may also initiate a DoS prior to ship/port interfaces that are identified in the approved PFSA as being of particular concern. Examples may include embarking or disembarking passengers and the transfer, loading or unloading of dangerous goods or hazardous substances. The PFSA may also identify facilities at or near highly populated areas or economically significant operations that warrant a DoS. 5.4The main purpose of a DoS is to ensure agreement is reached between the ship and the port facility or with other ships with which it interfaces as to the respective security measures each will undertake in accordance with the provisions of their respective approved security plans. 5.4.1The agreed DoS should be signed and dated by both the port facility and the ship(s), as applicable, to indicate compliance with chapter XI-2 and part A of this Code and should include its duration, the relevant security level or levels and the relevant contact details. 5.4.2A change in the security level may require that a new or revised DoS be completed. 5.5 The DoS should be completed in English, French or Spanish or in a language common to both the port facility and the ship or the ships, as applicable. 5.6 A model DoS is included in appendix 1 to this Part of the Code. This model is for a DoS between a ship and a port facility. If the DoS is to cover two ships this model should be appropriately adjusted. 6.OBLIGATIONS OF THE COMPANY General 6.1 Regulation XI-2/5 requires the Company to provide the master of the ship with information to meet the requirements of the Company under the provisions of this regulation. This information should include items such as: .1parties responsible for appointing shipboard personnel, such as ship management companies, manning agents, contractors, concessionaries (for example, retail sales outlets, casinos, etc.); .2parties responsible for deciding the employment of the ship, including time or bareboat charterer(s) or any other entity acting in such capacity; and .3in cases when the ship is employed under the terms of a charter party, the contact details of those parties, including time or voyage charterers. 6.2 In accordance with regulation XI-2/5, the Company is obliged to update and keep this information current as and when changes occur. 6.3 This information should be in English, French or Spanish language. 6.4 With respect to ships constructed before 1 July 2004, this information should reflect the actual condition on that date. 6.5 With respect to ships constructed on or after 1 July 2004 and for ships constructed before 1 July 2004 which were out of service on 1 July 2004, the information should be provided as from the date of entry of the ship into service and should reflect the actual condition on that date. 6.6 After 1 July 2004, when a ship is withdrawn from service, the information should be provided as from the date of re-entry of the ship into service and should reflect the actual condition on that date. 6.7 Previously provided information that does not relate to the actual condition on that date need not be retained on board. 6.8 When the responsibility for the operation of the ship is assumed by another Company, the information relating to the Company which operated the ship is not required to be left on board.In addition, other relevant guidance is provided under sections 8, 9 and 13. 7.SHIP SECURITY Relevant guidance is provided under sections 8, 9 and 13. 8.SHIP SECURITY ASSESSMENT Security assessment 8.1The company security officer (CSO) is responsible for ensuring that a ship security assessment (SSA) is carried out for each of the ships in the Company's fleet which is required to comply with the provisions of chapter XI-2 and part A of this Code for which the CSO is responsible. While the CSO need not necessarily personally undertake all the duties associated with the post, the ultimate responsibility for ensuring that they are properly performed remains with the individual CSO. 8.2Prior to commencing the SSA, the CSO should ensure that advantage is taken of information available on the assessment of threat for the ports at which the ship will call or at which passengers embark or disembark and about the port facilities and their protective measures. The CSO should study previous reports on similar security needs. Where feasible, the CSO should meet with appropriate persons on the ship and in the port facilities to discuss the purpose and methodology of the assessment. The CSO should follow any specific guidance offered by the Contracting Governments. 8.3A SSA should address the following elements on board or within the ship: .1physical security; .2structural integrity; .3personnel protection systems; .4procedural policies; .5radio and telecommunication systems, including computer systems and networks; and .6other areas that may, if damaged or used for illicit observation, pose a risk to persons, property, or operations on board the ship or within a port facility. 8.4Those involved in conducting a SSA should be able to draw upon expert assistance in relation to: .1knowledge of current security threats and patterns; .2recognition and detection of weapons, dangerous substances and devices; .3recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security; .4techniques used to circumvent security measures; .5methods used to cause a security incident; .6effects of explosives on ship's structures and equipment; .7ship security; .8ship/port interface business practices; .9contingency planning, emergency preparedness and response; .10physical security; .11radio and telecommunications systems, including computer systems and networks; .12marine engineering; and .13ship and port operations. 8.5The CSO should obtain and record the information required to conduct an assessment, including: .1the general layout of the ship; .2the location of areas which should have restricted access, such as navigation bridge, machinery spaces of category A and other control stations as defined in chapter II-2, etc.; .3the location and function of each actual or potential access point to the ship; .4changes in the tide which may have an impact on the vulnerability or security of the ship; .5the cargo spaces and stowage arrangements; .6the locations where the ship's stores and essential maintenance equipment is stored; .7the locations where unaccompanied baggage is stored; .8the emergency and stand-by equipment available to maintain essential services; .9the number of ship's personnel, any existing security duties and any existing training requirement practises of the Company; .10existing security and safety equipment for the protection of passengers and ship's personnel; .11escape and evacuation routes and assembly stations which have to be maintained to ensure the orderly and safe emergency evacuation of the ship; .12existing agreements with private security companies providing ship/water-side security services; and .13existing security measures and procedures in effect, including inspection and, control procedures, identification systems, surveillance and monitoring equipment, personnel identification documents and communication, alarms, lighting, access control and other appropriate systems. 8.6The SSA should examine each identified point of access, including open weather decks, and evaluate its potential for use by individuals who might seek to breach security. This includes points of access available to individuals having legitimate access as well as those who seek to obtain unauthorised entry. 8.7The SSA should consider the continuing relevance of the existing security measures and guidance, procedures and operations, under both routine and emergency conditions, and should determine security guidance including: .1the restricted areas; .2the response procedures to fire or other emergency conditions; .3the level of supervision of the ship's personnel, passengers, visitors, vendors, repair technicians, dock workers, etc.; .4the frequency and effectiveness of security patrols; .5the access control systems, including identification systems; .6the security communications systems and procedures; .7the security doors, barriers and lighting; and .8the security and surveillance equipment and systems, if any. 8.8The SSA should consider the persons, activities, services and operations that it is important to protect. This includes: .1the ship's personnel; .2passengers, visitors, vendors, repair technicians, port facility personnel, etc.; .3the capacity to maintain safe navigation and emergency response; .4the cargo, particularly dangerous goods or hazardous substances; .5the ship's stores; .6the ship security communication equipment and systems, if any; and .7the ship's security surveillance equipment and systems, if any. 8.9The SSA should consider all possible threats, which may include the following types of security incidents: .1damage to, or destruction of, the ship or of a port facility, e.g. by explosive devices, arson, sabotage or vandalism; .2hijacking or seizure of the ship or of persons on board; .3tampering with cargo, essential ship equipment or systems or ship's stores; .4unauthorised access or use, including presence of stowaways; .5smuggling weapons or equipment, including weapons of mass destruction; .6use of the ship to carry those intending to cause a security incident and/or their equipment; .7use of the ship itself as a weapon or as a means to cause damage or destruction; .8attacks from seaward whilst at berth or at anchor; and .9attacks whilst at sea. 8.10The SSA should take into account all possible vulnerabilities, which may include: .1conflicts between safety and security measures; .2conflicts between shipboard duties and security assignments; .3watchkeeping duties, number of ship's personnel, particularly with implications on crew fatigue, alertness and performance; .4any identified security training deficiencies; and .5any security equipment and systems, including communication systems. 8.11The CSO and ship security officer (SSO) should always have regard to the effect that security measures may have on ship's personnel who will remain on the ship for long periods. When developing security measures, particular consideration should be given to the convenience, comfort and personal privacy of the ship's personnel and their ability to maintain their effectiveness over long periods. 8.12Upon completion of the SSA, a report shall be prepared, consisting of a summary of how the assessment was conducted, a description of each vulnerability found during the assessment and a description of countermeasures that could be used to address each vulnerability. The report shall be protected from unauthorised access or disclosure. 8.13If the SSA has not been carried out by the Company, the report of the SSA should be reviewed and accepted by the CSO. On-scene security survey 8.14The on-scene security survey is an integral part of any SSA. The on-scene security survey should examine and evaluate existing shipboard protective measures, procedures and operations for: .1ensuring the performance of all ship security duties; .2monitoring restricted areas to ensure that only authorised persons have access; .3controlling access to the ship, including any identification systems; .4monitoring of deck areas and areas surrounding the ship; .5controlling the embarkation of persons and their effects (accompanied and unaccompanied baggage and ship's personnel personal effects); .6supervising the handling of cargo and the delivery of ship's stores; and .7ensuring that ship security communication, information, and equipment are readily available. 9.SHIP SECURITY PLAN General 9.1The company security officer (CSO) has the responsibility of ensuring that a ship security plan (SSP) is prepared and submitted for approval. The content of each individual SSP should vary depending on the particular ship it covers. The ship security assessment (SSA) will have identified the particular features of the ship and the potential threats and vulnerabilities. The preparation of the SSP will require these features to be addressed in detail. Administrations may prepare advice on the preparation and content of a SSP. 9.2All SSPs should: .1detail the organisational structure of security for the ship; .2detail the ship's relationships with the Company, port facilities, other ships and relevant authorities with security responsibility; .3detail the communication systems to allow effective continuous communication within the ship and between the ship and others, including port facilities; .4detail the basic security measures for security level 1, both operational and physical, that will always be in place; .5detail the additional security measures that will allow the ship to progress without delay to security level 2 and, when necessary, to security level 3; .6provide for regular review, or audit, of the SSP and for its amendment in response to experience or changing circumstances; and .7detail reporting procedures to the appropriate Contracting Government's contact points. 9.3Preparation of an effective SSP should rest on a thorough assessment of all issues that relate to the security of the ship, including, in particular, a thorough appreciation of the physical and operational characteristics, including the voyage pattern, of the individual ship. 9.4All SSPs should be approved by, or on behalf of, the Administration. If an Administration uses a recognised security organisation (RSO) to review or approve the SSP, that RSO should not be associated with any other RSO that prepared, or assisted in the preparation of, the plan. 9.5CSOs and SSOs should develop procedures to: .1assess the continuing effectiveness of the SSP; and .2prepare amendments of the plan subsequent to its approval. 9.6The security measures included in the SSP should be in place when the initial verification for compliance with the requirements of chapter XI-2 and part A of this Code will be carried out. Otherwise the process of issue to the ship of the required International Ship Security Certificate cannot be carried out. If there is any subsequent failure of security equipment or systems, or suspension of a security measure for whatever reason, equivalent temporary security measures should be adopted, notified to, and agreed by the Administration. Organisation and performance of ship security duties 9.7In addition to the guidance given in paragraph 9.2, the SSP should establish the following, which relate to all security levels: .1the duties and responsibilities of all shipboard personnel with a security role; .2the procedures or safeguards necessary to allow such continuous communications to be maintained at all times; .3the procedures needed to assess the continuing effectiveness of security procedures and any security and surveillance equipment and systems, including procedures for identifying and responding to equipment or systems failure or malfunction; .4the procedures and practices to protect security-sensitive information held in paper or electronic format; .5the type and maintenance requirements of security and surveillance equipment and systems, if any; .6the procedures to ensure the timely submission, and assessment, of reports relating to possible breaches of security or security concerns; and .7procedures to establish, maintain and update an inventory of any dangerous goods or hazardous substances carried on board, including their location. 9.8The remainder of section 9 addresses specifically the security measures that could be taken at each security level covering: .1access to the ship by ship's personnel, passengers, visitors, etc.; .2restricted areas on the ship; .3handling of cargo; .4delivery of ship's stores; .5handling unaccompanied baggage; and .6monitoring the security of the ship. Access to the ship 9.9The SSP should establish the security measures covering all means of access to the ship identified in the SSA. This should include any: .1access ladders; .2access gangways; .3access ramps; .4access doors, sidescuttles, windows and ports; .5mooring lines and anchor chains; and .6cranes and hoisting gear. 9.10For each of these the SSP should identify the appropriate locations where access restrictions or prohibitions should be applied for each of the security levels. For each security level the SSP should establish the type of restriction or prohibition to be applied and the means of enforcing them. 9.11The SSP should establish for each security level the means of identification required to allow access to the ship and for individuals to remain on the ship without challenge. This may involve developing an appropriate identification system allowing for permanent and temporary identifications, for ship's personnel and visitors respectively. Any ship identification system should, when it is practicable to do so, be coordinated with that applying to the port facility. Passengers should be able to prove their identity by boarding passes, tickets, etc., but should not be permitted access to restricted areas unless supervised. The SSP should establish provisions to ensure that the identification systems are regularly updated, and that abuse of procedures should be subject to disciplinary action. 9.12Those unwilling or unable to establish their identity and/or to confirm the purpose of their visit when requested to do so should be denied access to the ship and their attempt to obtain access should be reported, as appropriate, to the SSO, the CSO, the port facility security officer (PFSO) and to the national or local authorities with security responsibilities. 9.13The SSP should establish the frequency of application of any access controls, particularly if they are to be applied on a random, or occasional, basis. Security level 1 9.14At security level 1, the SSP should establish the security measures to control access to the ship, where the following may be applied: .1checking the identity of all persons seeking to board the ship and confirming their reasons for doing so by checking, for example, joining instructions, passenger tickets, boarding passes, work orders, etc.; .2in liaison with the port facility, the ship should ensure that designated secure areas are established in which inspections and searching of persons, baggage (including carry-on items), personal effects, vehicles and their contents can take place; .3in liaison with the port facility, the ship should ensure that vehicles destined to be loaded on board car carriers, ro-ro and other passenger ships are subjected to search prior to loading, in accordance with the frequency required in the SSP; .4segregating checked persons and their personal effects from unchecked persons and their personal effects; .5segregating embarking from disembarking passengers; .6identifying access points that should be secured or attended to prevent unauthorised access; .7securing, by locking or other means, access to unattended spaces adjoining areas to which passengers and visitors have access; and .8providing security briefings to all ship personnel on possible threats, the procedures for reporting suspicious persons, objects or activities and the need for vigilance. 9.15At security level 1, all those seeking to board a ship should be liable to search. The frequency of such searches, including random searches, should be specified in the approved SSP and should be specifically approved by the Administration. Such searches may best be undertaken by the port facility in close cooperation with the ship and in close proximity to it. Unless there are clear security grounds for doing so, members of the ship's personnel should not be required to search their colleagues or their personal effects. Any such search shall be undertaken in a manner which fully takes into account the human rights of the individual and preserves their basic human dignity. Security level 2 9.16At security level 2, the SSP should establish the security measures to be applied to protect against a heightened risk of a security incident to ensure higher vigilance and tighter control, which may include: .1assigning additional personnel to patrol deck areas during silent hours to deter unauthorised access; .2limiting the number of access points to the ship, identifying those to be closed and the means of adequately securing them; .3deterring waterside access to the ship, including, for example, in liaison with the port facility, provision of boat patrols; .4establishing a restricted area on the shore side of the ship, in close cooperation with the port facility; .5increasing the frequency and detail of searches of persons, personal effects, and vehicles being embarked or loaded onto the ship; .6escorting visitors on the ship; .7providing additional specific security briefings to all ship personnel on any identified threats, re-emphasising the procedures for reporting suspicious persons, objects, or activities and stressing the need for increased vigilance; and .8carrying out a full or partial search of the ship. Security level 3 9.17At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1limiting access to a single, controlled, access point; .2granting access only to those responding to the security incident or threat thereof; .3directing persons on board; .4suspension of embarkation or disembarkation; .5suspension of cargo handling operations, deliveries, etc.; .6evacuation of the ship; .7movement of the ship; and .8preparing for a full or partial search of the ship. Restricted areas on the ship 9.18The SSP should identify the restricted areas to be established on the ship, specify their extent, times of application, the security measures to be taken to control access to them and those to be taken to control activities within them. The purposes of restricted areas are to: .1prevent unauthorised access; .2protect passengers, ship's personnel, and personnel from port facilities or other agencies authorised to be on board the ship; .3protect security-sensitive areas within the ship; and .4protect cargo and ship's stores from tampering. 9.19The SSP should ensure that there are clearly established policies and practices to control access to all restricted areas. 9.20The SSP should provide that all restricted areas should be clearly marked, indicating that access to the area is restricted and that unauthorised presence within the area constitutes a breach of security. 9.21Restricted areas may include: .1navigation bridge, machinery spaces of category A and other control stations as defined in chapter II-2; .2spaces containing security and surveillance equipment and systems and their controls and lighting system controls; .3ventilation and air-conditioning systems and other similar spaces; .4spaces with access to potable water tanks, pumps, or manifolds; .5spaces containing dangerous goods or hazardous substances; .6spaces containing cargo pumps and their controls; .7cargo spaces and spaces containing ship's stores; .8crew accommodation; and .9any other areas as determined by the CSO, through the SSA, to which access must be restricted to maintain the security of the ship. Security level 1 9.22At security level 1, the SSP should establish the security measures to be applied to restricted areas, which may include: .1locking or securing access points; .2using surveillance equipment to monitor the areas; .3using guards or patrols; and .4using automatic intrusion-detection devices to alert the ship's personnel of unauthorised access. Security level 2 9.23At security level 2, the frequency and intensity of the monitoring of, and control of access to, restricted areas should be increased to ensure that only authorised persons have access. The SSP should establish the additional security measures to be applied, which may include: .1establishing restricted areas adjacent to access points; .2continuously monitoring surveillance equipment; and .3dedicating additional personnel to guard and patrol restricted areas. Security level 3 9.24At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1setting up of additional restricted areas on the ship in proximity to the security incident, or the believed location of the security threat, to which access is denied; and .2searching of restricted areas as part of a search of the ship. Handling of cargo 9.25The security measures relating to cargo handling should: .1prevent tampering; and .2prevent cargo that is not meant for carriage from being accepted and stored on board the ship. 9.26The security measures, some of which may have to be applied in liaison with the port facility, should include inventory control procedures at access points to the ship. Once on board the ship, cargo should be capable of being identified as having been approved for loading onto the ship. In addition, security measures should be developed to ensure that cargo, once on board, is not tampered with. Security level 1 9.27At security level 1, the SSP should establish the security measures to be applied during cargo handling, which may include: .1routine checking of cargo, cargo transport units and cargo spaces prior to, and during, cargo handling operations; .2checks to ensure that cargo being loaded matches the cargo documentation; .3ensuring, in liaison with the port facility, that vehicles to be loaded on board car-carriers, ro-ro and passenger ships are subjected to search prior to loading, in accordance with the frequency required in the SSP; and .4checking of seals or other methods used to prevent tampering. 9.28Checking of cargo may be accomplished by the following means: .1visual and physical examination; and .2using scanning/detection equipment, mechanical devices, or dogs. 9.29When there are regular or repeated cargo movements, the CSO or SSO may, in consultation with the port facility, agree arrangements with shippers or others responsible for such cargo covering off-site checking, sealing, scheduling, supporting documentation, etc. Such arrangements should be communicated to and agreed with the PFSO concerned. Security level 2 9.30At security level 2, the SSP should establish the additional security measures to be applied during cargo handling, which may include: .1detailed checking of cargo, cargo transport units and cargo spaces; .2intensified checks to ensure that only the intended cargo is loaded; .3intensified searching of vehicles to be loaded on car carriers, ro-ro and passenger ships; and .4increased frequency and detail in checking of seals or other methods used to prevent tampering. 9.31Detailed checking of cargo may be accomplished by the following means: .1increasing the frequency and detail of visual and physical examination; .2increasing the frequency of the use of scanning/detection equipment, mechanical devices, or dogs; and .3coordinating enhanced security measures with the shipper or other responsible party in accordance with an established agreement and procedures. Security level 3 9.32At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1suspending the loading or unloading of cargo; and .2verifying the inventory of dangerous goods and hazardous substances carried on board, if any, and their location. Delivery of ship's stores 9.33The security measures relating to the delivery of ship's stores should: .1ensure checking of ship's stores and package integrity; .2prevent ship's stores from being accepted without inspection; .3prevent tampering; and .4prevent ship's stores from being accepted unless ordered. 9.34For ships regularly using the port facility, it may be appropriate to establish procedures involving the ship, its suppliers and the port facility covering notification and timing of deliveries and their documentation. There should always be some way of confirming that stores presented for delivery are accompanied by evidence that they have been ordered by the ship. Security level 1 9.35At security level 1, the SSP should establish the security measures to be applied during delivery of ship's stores, which may include: .1checking to ensure stores match the order prior to being loaded on board; and .2ensuring immediate secure stowage of ship's stores. Security level 2 9.36At security level 2, the SSP should establish the additional security measures to be applied during delivery of ship's stores by exercising checks prior to receiving stores on board and intensifying inspections. Security level 3 9.37At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1subjecting ship's stores to more extensive checking; .2preparation for restriction or suspension of handling of ship's stores; and .3refusal to accept ship's stores on board the ship. Handling unaccompanied baggage 9.38The SSP should establish the security measures to be applied to ensure that unaccompanied baggage (i.e. any baggage, including personal effects, which is not with the passenger or member of ship's personnel at the point of inspection or search) is identified and subjected to appropriate screening, including searching, before it is accepted on board the ship. It is not envisaged that such baggage will be subjected to screening by both the ship and the port facility, and in cases where both are suitably equipped, the responsibility for screening should rest with the port facility. Close cooperation with the port facility is essential and steps should be taken to ensure that unaccompanied baggage is handled securely after screening. Security level 1 9.39At security level 1, the SSP should establish the security measures to be applied when handling unaccompanied baggage to ensure that unaccompanied baggage is screened or searched up to and including 100 percent, which may include use of x-ray screening. Security level 2 9.40At security level 2, the SSP should establish the additional security measures to be applied when handling unaccompanied baggage, which should include 100 percent x-ray screening of all unaccompanied baggage. Security level 3 9.41At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1subjecting such baggage to more extensive screening, for example x-raying it from at least two different angles; .2preparation for restriction or suspension of handling of unaccompanied baggage; and .3refusal to accept unaccompanied baggage on board the ship. Monitoring the security of the ship 9.42The ship should have the capability to monitor the ship, the restricted areas on board and areas surrounding the ship. Such monitoring capabilities may include use of: .1lighting; .2watchkeepers, security guards and deck watches, including patrols; and .3automatic intrusion-detection devices and surveillance equipment. 9.43When used, automatic intrusion-detection devices should activate an audible and/or visual alarm at a location that is continuously attended or monitored. 9.44The SSP should establish the procedures and equipment needed at each security level and the means of ensuring that monitoring equipment will be able to perform continually, including consideration of the possible effects of weather conditions or of power disruptions. Security level 1 9.45At security level 1, the SSP should establish the security measures to be applied, which may be a combination of lighting, watchkeepers, security guards or use of security and surveillance equipment to allow ship's security personnel to observe the ship in general, and barriers and restricted areas in particular. 9.46The ship's deck and access points to the ship should be illuminated during hours of darkness and periods of low visibility while conducting ship/port interface activities or at a port facility or anchorage when necessary. While under way, when necessary, ships should use the maximum lighting available consistent with safe navigation, having regard to the provisions of the International Regulations for the Prevention of Collisions at Sea in force. The following should be considered when establishing the appropriate level and location of lighting: .1the ship's personnel should be able to detect activities beyond the ship, on both the shore side and the water side; .2coverage should include the area on and around the ship; .3coverage should facilitate personnel identification at access points; and .4coverage may be provided through coordination with the port facility. Security level 2 9.47At security level 2, the SSP should establish the additional security measures to be applied to enhance the monitoring and surveillance capabilities, which may include: .1increasing the frequency and detail of security patrols; .2increasing the coverage and intensity of lighting or the use of security and surveillance equipment; .3assigning additional personnel as security look-outs; and .4ensuring coordination with water-side boat patrols, and foot or vehicle patrols on the shore side, when provided. 9.48Additional lighting may be necessary to protect against a heightened risk of a security incident. When necessary, the additional lighting requirements may be accomplished by coordinating with the port facility to provide additional shoreside lighting. Security level 3 9.49At security level 3, the ship should comply with the instructions issued by those responding to the security incident or threat thereof. The SSP should detail the security measures which could be taken by the ship, in close cooperation with those responding and the port facility, which may include: .1switching on of all lighting on, or illuminating the vicinity of, the ship; .2switching on of all on-board surveillance equipment capable of recording activities on, or in the vicinity of, the ship; .3maximising the length of time such surveillance equipment can continue to record; .4preparation for underwater inspection of the hull of the ship; and .5initiation of measures, including the slow revolution of the ship's propellers, if practicable, to deter underwater access to the hull of the ship. Differing security levels 9.50The SSP should establish details of the procedures and security measures the ship could adopt if the ship is at a higher security level than that applying to a port facility. Activities not covered by the Code 9.51The SSP should establish details of the procedures and security measures the ship should apply when: .1it is at a port of a State which is not a Contracting Government; .2it is interfacing with a ship to which this Code does not apply; .3it is interfacing with fixed or floating platforms or a mobile drilling unit on location; or .4it is interfacing with a port or port facility which is not required to comply with chapter XI-2 and part A of this Code. Declarations of Security 9.52The SSP should detail how requests for Declarations of Security from a port facility will be handled and the circumstances under which the ship itself should request a DoS. Audit and review 9.53The SSP should establish how the CSO and the SSO intend to audit the continued effectiveness of the SSP and the procedure to be followed to review, update or amend the SSP. 10.RECORDS General 10.1Records should be available to duly authorised officers of Contracting Governments to verify that the provisions of ship security plans are being implemented. 10.2Records may be kept in any format but should be protected from unauthorised access or disclosure. 11.COMPANY SECURITY OFFICER Relevant guidance is provided under sections 8, 9 and 13. 12.SHIP SECURITY OFFICER Relevant guidance is provided under sections 8, 9 and 13. 13.TRAINING, DRILLS AND EXERCISES ON SHIP SECURITY Training 13.1The company security officer (CSO) and appropriate shore-based Company personnel, and the ship security officer (SSO), should have knowledge of, and receive training, in some or all of the following, as appropriate: .1security administration; .2relevant international conventions, codes and recommendations; .3relevant Government legislation and regulations; .4responsibilities and functions of other security organisations; .5methodology of ship security assessment; .6methods of ship security surveys and inspections; .7ship and port operations and conditions; .8ship and port facility security measures; .9emergency preparedness and response and contingency planning; .10instruction techniques for security training and education, including security measures and procedures; .11handling sensitive security-related information and security-related communications; .12knowledge of current security threats and patterns; .13recognition and detection of weapons, dangerous substances and devices; .14recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security; .15techniques used to circumvent security measures; .16security equipment and systems and their operational limitations; .17methods of conducting audits, inspection, control and monitoring; .18methods of physical searches and non-intrusive inspections; .19security drills and exercises, including drills and exercises with port facilities; and .20assessment of security drills and exercises. 13.2In addition, the SSO should have adequate knowledge of, and receive training in, some or all of the following, as appropriate: .1the layout of the ship; .2the ship security plan and related procedures (including scenario-based training on how to respond); .3crowd management and control techniques; .4operations of security equipment and systems; and .5testing, calibration and at-sea maintenance of security equipment and systems. 13.3Shipboard personnel having specific security duties should have sufficient knowledge and ability to perform their assigned duties, including, as appropriate: .1knowledge of current security threats and patterns; .2recognition and detection of weapons, dangerous substances and devices; .3recognition of characteristics and behavioural patterns of persons who are likely to threaten security; .4techniques used to circumvent security measures; .5crowd management and control techniques; .6security-related communications; .7knowledge of the emergency procedures and contingency plans; .8operations of security equipment and systems; .9testing, calibration and at-sea maintenance of security equipment and systems; .10inspection, control, and monitoring techniques; and .11methods of physical searches of persons, personal effects, baggage, cargo, and ship's stores. 13.4All other shipboard personnel should have sufficient knowledge of and be familiar with relevant provisions of the ship security plan (SSP), including: .1the meaning and the consequential requirements of the different security levels; .2knowledge of the emergency procedures and contingency plans; .3recognition and detection of weapons, dangerous substances and devices; .4recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security; and .5techniques used to circumvent security measures. Drills and exercises 13.5The objective of drills and exercises is to ensure that shipboard personnel are proficient in all assigned security duties at all security levels and the identification of any security-related deficiencies which need to be addressed. 13.6To ensure the effective implementation of the provisions of the ship security plan, drills should be conducted at least once every three months. In addition, in cases where more than 25 percent of the ship's personnel has been changed, at any one time, with personnel that has not previously participated in any drill on that ship within the last 3 months, a drill should be conducted within one week of the change. These drills should test individual elements of the plan such as those security threats listed in paragraph 8.9. 13.713.7 Various types of exercises, which may include participation of company security officers, port facility security officers, relevant authorities of Contracting Governments as well as ship security officers, if available, should be carried out at least once each calendar year with no more than 18 months between the exercises. These exercises should test communications, coordination, resource availability, and response. These exercises may be: .1full-scale or live; .2tabletop simulation or seminar; or .3combined with other exercises held, such as search and rescue or emergency response exercises. 13.8Company participation in an exercise with another Contracting Government should be recognised by the Administration. 14.PORT FACILITY SECURITY Relevant guidance is provided under sections 15, 16 and 18. 15.PORT FACILITY SECURITY ASSESSMENT General 15.1The port facility security assessment (PFSA) may be conducted by a recognised security organisation (RSO). However, approval of a completed PFSA should only be given by the relevant Contracting Government. 15.2If a Contracting Government uses a RSO to review or verify compliance of the PFSA, the RSO should not be associated with any other RSO that prepared or assisted in the preparation of that assessment. 15.3A PFSA should address the following elements within a port facility: .1physical security; .2structural integrity; .3personnel protection systems; .4procedural policies; .5radio and telecommunication systems, including computer systems and networks; .6relevant transportation infrastructure; .7utilities; and .8other areas that may, if damaged or used for illicit observation, pose a risk to persons, property, or operations within the port facility. 15.4Those involved in a PFSA should be able to draw upon expert assistance in relation to: .1knowledge of current security threats and patterns; .2recognition and detection of weapons, dangerous substances and devices; .3recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security; .4techniques used to circumvent security measures; .5methods used to cause a security incident; .6effects of explosives on structures and port facility services; .7port facility security; .8port business practices; .9contingency planning, emergency preparedness and response; .10physical security measures, e.g. fences; .11radio and telecommunications systems, including computer systems and networks; .12transport and civil engineering; and .13ship and port operations. Identification and evaluation of important assets and infrastructure it is important to protect 15.5The identification and evaluation of important assets and infrastructure is a process through which the relative importance of structures and installations to the functioning of the port facility can be established. This identification and evaluation process is important because it provides a basis for focusing mitigation strategies on those assets and structures which it is more important to protect from a security incident. This process should take into account potential loss of life, the economic significance of the port, symbolic value, and the presence of Government installations. 15.6Identification and evaluation of assets and infrastructure should be used to prioritise their relative importance for protection. The primary concern should be avoidance of death or injury. It is also important to consider whether the port facility, structure or installation can continue to function without the asset, and the extent to which rapid re-establishment of normal functioning is possible. 15.7Assets and infrastructure that should be considered important to protect may include: .1accesses, entrances, approaches, and anchorages, manoeuvring and berthing areas; .2cargo facilities, terminals, storage areas, and cargo handling equipment; .3systems such as electrical distribution systems, radio and telecommunication systems and computer systems and networks; .4port vessel traffic management systems and aids to navigation; .5power plants, cargo transfer piping, and water supplies; .6bridges, railways, roads; .7port service vessels, including pilot boats, tugs, lighters, etc.; .8security and surveillance equipment and systems; and .9the waters adjacent to the port facility. 15.8The clear identification of assets and infrastructure is essential to the evaluation of the port facility's security requirements, the prioritisation of protective measures, and decisions concerning the allocation of resources to better protect the port facility. The process may involve consultation with the relevant authorities relating to structures adjacent to the port facility which could cause damage within the facility or be used for the purpose of causing damage to the facility or for illicit observation of the facility or for diverting attention. Identification of the possible threats to the assets and infrastructure and the likelihood of their occurrence, in order to establish and prioritise security measures 15.9Possible acts that could threaten the security of assets and infrastructure, and the methods of carrying out those acts, should be identified to evaluate the vulnerability of a given asset or location to a security incident, and to establish and prioritise security requirements to enable planning and resource allocations. Identification and evaluation of each potential act and its method should be based on various factors, including threat assessments by Government agencies. By identifying and assessing threats, those conducting the assessment do not have to rely on worst-case scenarios to guide planning and resource allocations. 15.10The PFSA should include an assessment undertaken in consultation with the relevant national security organisations to determine: .1any particular aspects of the port facility, including the vessel traffic using the facility, which make it likely to be the target of an attack; .2the likely consequences in terms of loss of life, damage to property and economic disruption, including disruption to transport systems, of an attack on, or at, the port facility; .3the capability and intent of those likely to mount such an attack; and .4the possible type, or types, of attack,producing an overall assessment of the level of risk against which security measures have to be developed. 15.11The PFSA should consider all possible threats, which may include the following types of security incidents: .1damage to, or destruction of, the port facility or of the ship, e.g. by explosive devices, arson, sabotage or vandalism; .2hijacking or seizure of the ship or of persons on board; .3tampering with cargo, essential ship equipment or systems or ship's stores; .4unauthorised access or use, including presence of stowaways; .5smuggling weapons or equipment, including weapons of mass destruction; .6use of the ship to carry those intending to cause a security incident and their equipment; .7use of the ship itself as a weapon or as a means to cause damage or destruction; .8blockage of port entrances, locks, approaches, etc.; and .9nuclear, biological and chemical attack. 15.12The process should involve consultation with the relevant authorities relating to structures adjacent to the port facility which could cause damage within the facility or be used for the purpose of causing damage to the facility or for illicit observation of the facility or for diverting attention. Identification, selection, and prioritisation of countermeasures and procedural changes and their level of effectiveness in reducing vulnerability 15.13The identification and prioritisation of countermeasures is designed to ensure that the most effective security measures are employed to reduce the vulnerability of a port facility or ship/port interface to the possible threats. 15.14Security measures should be selected on the basis of factors such as whether they reduce the probability of an attack and should be evaluated using information that includes: .1security surveys, inspections and audits; .2consultation with port facility owners and operators, and owners/operators of adjacent structures if appropriate; .3historical information on security incidents; and .4operations within the port facility. Identification of vulnerabilities 15.15Identification of vulnerabilities in physical structures, personnel protection systems, processes, or other areas that may lead to a security incident can be used to establish options to eliminate or mitigate those vulnerabilities. For example, an analysis might reveal vulnerabilities in a port facility's security systems or unprotected infrastructure such as water supplies, bridges, etc. that could be resolved through physical measures, e.g. permanent barriers, alarms, surveillance equipment, etc. 15.16Identification of vulnerabilities should include consideration of: .1water-side and shore-side access to the port facility and ships berthing at the facility; .2structural integrity of the piers, facilities, and associated structures; .3existing security measures and procedures, including identification systems; .4existing security measures and procedures relating to port services and utilities; .5measures to protect radio and telecommunication equipment, port services and utilities, including computer systems and networks; .6adjacent areas that may be exploited during, or for, an attack; .7existing agreements with private security companies providing water-side/shore-side security services; .8any conflicting policies between safety and security measures and procedures; .9any conflicting port facility and security duty assignments; .10any enforcement and personnel constraints; .11any deficiencies identified during training and drills; and .12any deficiencies identified during daily operation, following incidents or alerts, the report of security concerns, the exercise of control measures, audits, etc. 16.PORT FACILITY SECURITY PLAN General 16.1Preparation of the port facility security plan (PFSP) is the responsibility of the port facility security officer (PFSO). While the PFSO need not necessarily personally undertake all the duties associated with the post, the ultimate responsibility for ensuring that they are properly performed remains with the individual PFSO. 16.2The content of each individual PFSP should vary depending on the particular circumstances of the port facility, or facilities, it covers. The port facility security assessment (PFSA) will have identified the particular features of the port facility, and of the potential security risks, that have led to the need to appoint a PFSO and to prepare a PFSP. The preparation of the PFSP will require these features, and other local or national security considerations, to be addressed in the PFSP and for appropriate security measures to be established so as to minimise the likelihood of a breach of security and the consequences of potential risks. Contracting Governments may prepare advice on the preparation and content of a PFSP. 16.3All PFSPs should: .1detail the security organisation of the port facility; .2detail the organisation's links with other relevant authorities and the necessary communication systems to allow the effective continuous operation of the organisation and its links with others, including ships in port; .3detail the basic security level 1 measures, both operational and physical, that will be in place; .4detail the additional security measures that will allow the port facility to progress without delay to security level 2 and, when necessary, to security level 3; .5provide for regular review, or audit, of the PFSP and for its amendment in response to experience or changing circumstances; and .6detail reporting procedures to the appropriate Contracting Government's contact points. 16.4Preparation of an effective PFSP will rest on a thorough assessment of all issues that relate to the security of the port facility, including, in particular, a thorough appreciation of the physical and operational characteristics of the individual port facility. 16.5Contracting Governments should approve the PFSPs of the port facilities under their jurisdiction. Contracting Governments should develop procedures to assess the continuing effectiveness of each PFSP and may require amendment of the PFSP prior to its initial approval or subsequent to its approval. The PFSP should make provision for the retention of records of security incidents and threats, reviews, audits, training, drills and exercises as evidence of compliance with those requirements. 16.6The security measures included in the PFSP should be in place within a reasonable period of the PFSP's approval and the PFSP should establish when each measure will be in place. If there is likely to be any delay in their provision, this should be discussed with the Contracting Government responsible for approval of the PFSP and satisfactory alternative temporary security measures that provide an equivalent level of security should be agreed to cover any interim period. 16.7The use of firearms on or near ships and in port facilities may pose particular and significant safety risks, in particular in connection with certain dangerous or hazardous substances, and should be considered very carefully. In the event that a Contracting Government decides that it is necessary to use armed personnel in these areas, that Contracting Government should ensure that these personnel are duly authorised and trained in the use of their weapons and that they are aware of the specific risks to safety that are present in these areas. If a Contracting Government authorises the use of firearms they should issue specific safety guidelines on their use. The PFSP should contain specific guidance on this matter, in particular with regard its application to ships carrying dangerous goods or hazardous substances. Organisation and performance of port facility security duties 16.8In addition to the guidance given under paragraph 16.3, the PFSP should establish the following, which relate to all security levels: .1the role and structure of the port facility security organisation; .2the duties, responsibilities and training requirements of all port facility personnel with a security role and the performance measures needed to allow their individual effectiveness to be assessed; .3the port facility security organisation's links with other national or local authorities with security responsibilities; .4the communication systems provided to allow effective and continuous communication between port facility security personnel, ships in port and, when appropriate, with national or local authorities with security responsibilities; .5the procedures or safeguards necessary to allow such continuous communications to be maintained at all times; .6the procedures and practices to protect security-sensitive information held in paper or electronic format; .7the procedures to assess the continuing effectiveness of security measures, procedures and equipment, including identification of, and response to, equipment failure or malfunction; .8the procedures to allow the submission, and assessment, of reports relating to possible breaches of security or security concerns; .9procedures relating to cargo handling; .10procedures covering the delivery of ship's stores; .11the procedures to maintain, and update, records of dangerous goods and hazardous substances and their location within the port facility; .12the means of alerting and obtaining the services of waterside patrols and specialist search teams, including bomb searches and underwater searches; .13the procedures for assisting ship security officers in confirming the identity of those seeking to board the ship when requested; and .14the procedures for facilitating shore leave for ship's personnel or personnel changes, as well as access of visitors to the ship, including representatives of seafarers' welfare and labour organisations. 16.9The remainder of section 16 addresses specifically the security measures that could be taken at each security level covering: .1access to the port facility; .2restricted areas within the port facility; .3handling of cargo; .4delivery of ship's stores; .5handling unaccompanied baggage; and .6monitoring the security of the port facility. Access to the port facility 16.10The PFSP should establish the security measures covering all means of access to the port facility identified in the PFSA. 16.11For each of these the PFSP should identify the appropriate locations where access restrictions or prohibitions should be applied for each of the security levels. For each security level the PFSP should specify the type of restriction or prohibition to be applied and the means of enforcing them. 16.12The PFSP should establish for each security level the means of identification required to allow access to the port facility and for individuals to remain within the port facility without challenge. This may involve developing an appropriate identification system, allowing for permanent and temporary identifications, for port facility personnel and for visitors respectively. Any port facility identification system should, when it is practicable to do so, be coordinated with that applying to ships that regularly use the port facility. Passengers should be able to prove their identity by boarding passes, tickets, etc., but should not be permitted access to restricted areas unless supervised. The PFSP should establish provisions to ensure that the identification systems are regularly updated, and that abuse of procedures should be subject to disciplinary action. 16.13Those unwilling or unable to establish their identity and/or to confirm the purpose of their visit when requested to do so should be denied access to the port facility and their attempt to obtain access should be reported to the PFSO and to the national or local authorities with security responsibilities. 16.14The PFSP should identify the locations where persons, personal effects, and vehicle searches are to be undertaken. Such locations should be covered to facilitate continuous operation, regardless of prevailing weather conditions, in accordance with the frequency laid down in the PFSP. Once subjected to search, persons, personal effects and vehicles should proceed directly to the restricted holding, embarkation or car loading areas. 16.15The PFSP should establish separate locations for checked and unchecked persons and their effects and if possible separate areas for embarking/disembarking passengers, ship's personnel and their effects to ensure that unchecked persons are not able to come in contact with checked persons. 16.16The PFSP should establish the frequency of application of any access controls, particularly if they are to be applied on a random, or occasional, basis. Security level 1 16.17At security level 1, the PFSP should establish the control points where the following security measures may be applied: .1restricted areas, which should be bounded by fencing or other barriers to a standard which should be approved by the Contracting Government; .2checking identity of all persons seeking entry to the port facility in connection with a ship, including passengers, ship's personnel and visitors, and confirming their reasons for doing so by checking, for example, joining instructions, passenger tickets, boarding passes, work orders, etc.; .3checking vehicles used by those seeking entry to the port facility in connection with a ship; .4verification of the identity of port facility personnel and those employed within the port facility and their vehicles; .5restricting access to exclude those not employed by the port facility or working within it, if they are unable to establish their identity; .6undertaking searches of persons, personal effects, vehicles and their contents; and .7identification of any access points not in regular use, which should be permanently closed and locked. 16.18At security level 1, all those seeking access to the port facility should be liable to search. The frequency of such searches, including random searches, should be specified in the approved PFSP and should be specifically approved by the Contracting Government. Unless there are clear security grounds for doing so, members of the ship's personnel should not be required to search their colleagues or their personal effects. Any such search shall be undertaken in a manner which fully takes into account the human rights of the individual and preserves their basic human dignity. Security level 2 16.19At security level 2, the PFSP should establish the additional security measures to be applied, which may include: .1assigning additional personnel to guard access points and patrol perimeter barriers; .2limiting the number of access points to the port facility, and identifying those to be closed and the means of adequately securing them; .3providing for means of impeding movement through the remaining access points, e.g. security barriers; .4increasing the frequency of searches of persons, personal effects, and vehicles; .5denying access to visitors who are unable to provide a verifiable justification for seeking access to the port facility; and .6using patrol vessels to enhance water-side security. Security level 3 16.20At security level 3, the port facility should comply with instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility, in close cooperation with those responding and the ships at the port facility, which may include: .1suspension of access to all, or part, of the port facility; .2granting access only to those responding to the security incident or threat thereof; .3suspension of pedestrian or vehicular movement within all, or part, of the port facility; .4increased security patrols within the port facility, if appropriate; .5suspension of port operations within all, or part, of the port facility; .6direction of vessel movements relating to all, or part, of the port facility; and .7evacuation of all, or part, of the port facility. Restricted areas within the port facility 16.21The PFSP should identify the restricted areas to be established within the port facility and specify their extent, times of application, the security measures to be taken to control access to them and those to be taken to control activities within them. This should also include, in appropriate circumstances, measures to ensure that temporary restricted areas are security swept both before and after that area is established. The purpose of restricted areas is to: .1protect passengers, ship's personnel, port facility personnel and visitors, including those visiting in connection with a ship; .2protect the port facility; .3protect ships using, and serving, the port facility; .4protect security-sensitive locations and areas within the port facility; .5protect security and surveillance equipment and systems; and .6protect cargo and ship's stores from tampering. 16.22The PFSP should ensure that all restricted areas have clearly established security measures to control: .1access by individuals; .2the entry, parking, loading and unloading of vehicles; .3movement and storage of cargo and ship's stores; and .4unaccompanied baggage or personal effects. 16.23The PFSP should provide that all restricted areas should be clearly marked, indicating that access to the area is restricted and that unauthorised presence within the area constitutes a breach of security. 16.24When automatic intrusion-detection devices are installed they should alert a control centre which can respond to the triggering of an alarm. 16.25Restricted areas may include: .1shore- and water-side areas immediately adjacent to the ship; .2embarkation and disembarkation areas, passenger and ship's personnel holding and processing areas, including search points; .3areas where loading, unloading or storage of cargo and stores is undertaken; .4locations where security-sensitive information, including cargo documentation, is held; .5areas where dangerous goods and hazardous substances are held; .6vessel traffic management system control rooms, aids to navigation and port control buildings, including security and surveillance control rooms; .7areas where security and surveillance equipment are stored or located; .8essential electrical, radio and telecommunication, water and other utility installations; and .9other locations in the port facility where access by vessels, vehicles and individuals should be restricted. 16.26The security measures may extend, with the agreement of the relevant authorities, to restrictions on unauthorised access to structures from which the port facility can be observed. Security level 1 16.27At security level 1, the PFSP should establish the security measures to be applied to restricted areas, which may include: .1provision of permanent or temporary barriers to surround the restricted area, whose standard should be accepted by the Contracting Government; .2provision of access points where access can be controlled by security guards when in operation and which can be effectively locked or barred when not in use; .3providing passes which must be displayed to identify individual's entitlement to be within the restricted area; .4clearly marking vehicles allowed access to restricted areas; .5providing guards and patrols; .6providing automatic intrusion-detection devices, or surveillance equipment or systems to detect unauthorised access into, or movement within, restricted areas; and .7control of the movement of vessels in the vicinity of ships using the port facility. Security level 2 16.28At security level 2, the PFSP should establish the enhancement of the frequency and intensity of the monitoring of, and control of access to, restricted areas. The PFSP should establish the additional security measures, which may include: .1enhancing the effectiveness of the barriers or fencing surrounding restricted areas, including the use of patrols or automatic intrusion-detection devices; .2reducing the number of access points to restricted areas and enhancing the controls applied at the remaining accesses; .3restrictions on parking adjacent to berthed ships; .4further restricting access to the restricted areas and movements and storage within them; .5use of continuously monitored and recording surveillance equipment; .6enhancing the number and frequency of patrols, including water-side patrols, undertaken on the boundaries of the restricted areas and within the areas; .7establishing and restricting access to areas adjacent to the restricted areas; and .8enforcing restrictions on access by unauthorised craft to the waters adjacent to ships using the port facility. Security level 3 16.29At security level 3, the port facility should comply with the instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility in close cooperation with those responding and the ships at the port facility, which may include: .1setting up of additional restricted areas within the port facility in proximity to the security incident, or the believed location of the security threat, to which access is denied; and .2preparing for the searching of restricted areas as part of a search of all, or part, of the port facility. Handling of cargo 16.30The security measures relating to cargo handling should: .1prevent tampering; and .2prevent cargo that is not meant for carriage from being accepted and stored within the port facility. 16.31The security measures should include inventory control procedures at access points to the port facility. Once within the port facility, cargo should be capable of being identified as having been checked and accepted for loading onto a ship or for temporary storage in a restricted area while awaiting loading. It may be appropriate to restrict the entry of cargo to the port facility that does not have a confirmed date for loading. Security level 1 16.32At security level 1, the PFSP should establish the security measures to be applied during cargo handling, which may include: .1routine checking of cargo, cargo transport units and cargo storage areas within the port facility prior to, and during, cargo handling operations; .2checks to ensure that cargo entering the port facility matches the delivery note or equivalent cargo documentation; .3searches of vehicles; and .4checking of seals and other methods used to prevent tampering upon entering the port facility and upon storage within the port facility. 16.33Checking of cargo may be accomplished by some or all of the following means: .1visual and physical examination; and .2using scanning/detection equipment, mechanical devices, or dogs. 16.34When there are regular or repeated cargo movements, the CSO or the SSO may, in consultation with the port facility, agree arrangements with shippers or others responsible for such cargo covering off-site checking, sealing, scheduling, supporting documentation, etc. Such arrangements should be communicated to and agreed with the PFSO concerned. Security level 2 16.35At security level 2, the PFSP should establish the additional security measures to be applied during cargo handling to enhance control, which may include: .1detailed checking of cargo, cargo transport units and cargo storage areas within the port facility; .2intensified checks, as appropriate, to ensure that only the documented cargo enters the port facility, is temporarily stored there and is then loaded onto the ship; .3intensified searches of vehicles; and .4increased frequency and detail in checking of seals and other methods used to prevent tampering. 16.36Detailed checking of cargo may be accomplished by some or all of the following means: .1increasing the frequency and detail of checking of cargo, cargo transport units and cargo storage areas within the port facility (visual and physical examination); .2increasing the frequency of the use of scanning/detection equipment, mechanical devices, or dogs; and .3coordinating enhanced security measures with the shipper or other responsible party in addition to an established agreement and procedures. Security level 3 16.37At security level 3, the port facility should comply with the instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility in close cooperation with those responding and the ships at the port facility, which may include: .1restriction or suspension of cargo movements or operations within all, or part, of the port facility or specific ships; and .2verifying the inventory of dangerous goods and hazardous substances held within the port facility and their location. Delivery of ship's stores 16.38The security measures relating to the delivery of ship's stores should: .1ensure checking of ship's stores and package integrity; .2prevent ship's stores from being accepted without inspection; .3prevent tampering; .4prevent ship's stores from being accepted unless ordered; .5ensure searching the delivery vehicle; and .6ensure escorting delivery vehicles within the port facility. 16.39For ships regularly using the port facility it may be appropriate to establish procedures involving the ship, its suppliers and the port facility covering notification and timing of deliveries and their documentation. There should always be some way of confirming that stores presented for delivery are accompanied by evidence that they have been ordered by the ship. Security level 1 16.40At security level 1, the PFSP should establish the security measures to be applied to control the delivery of ship's stores, which may include: .1checking of ship's stores; .2advance notification as to composition of load, driver details and vehicle registration; and .3searching the delivery vehicle. 16.41Checking of ship's stores may be accomplished by some or all of the following means: .1visual and physical examination; and .2using scanning/detection equipment, mechanical devices or dogs. Security level 2 16.42At security level 2, the PFSP should establish the additional security measures to be applied to enhance the control of the delivery of ship's stores, which may include: .1detailed checking of ship's stores; .2detailed searches of the delivery vehicles; .3coordination with ship personnel to check the order against the delivery note prior to entry to the port facility; and .4escorting the delivery vehicle within the port facility. 16.43Detailed checking of ship's stores may be accomplished by some or all of the following means: .1increasing the frequency and detail of searches of delivery vehicles; .2increasing the use of scanning/detection equipment, mechanical devices, or dogs; and .3restricting, or prohibiting, entry of stores that will not leave the port facility within a specified period. Security level 3 16.44At security level 3, the port facility should comply with the instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility, in close cooperation with those responding and the ships at the port facility, which may include preparation for restriction, or suspension, of the delivery of ship's stores within all, or part, of the port facility. Handling unaccompanied baggage 16.45The PFSP should establish the security measures to be applied to ensure that unaccompanied baggage (i.e. any baggage, including personal effects, which is not with the passenger or member of ship's personnel at the point of inspection or search) is identified and subjected to appropriate screening, including searching, before is allowed in the port facility and, depending on the storage arrangements, before it is transferred between the port facility and the ship. It is not envisaged that such baggage will be subjected to screening by both the port facility and the ship, and in cases where both are suitably equipped, the responsibility for screening should rest with the port facility. Close cooperation with the ship is essential and steps should be taken to ensure that unaccompanied baggage is handled securely after screening. Security level 1 16.46At security level 1, the PFSP should establish the security measures to be applied when handling unaccompanied baggage to ensure that unaccompanied baggage is screened or searched up to and including 100 percent, which may include use of x-ray screening. Security level 2 16.47At security level 2, the PFSP should establish the additional security measures to be applied when handling unaccompanied baggage which should include 100 percent x-ray screening of all unaccompanied baggage. Security level 3 16.48At security level 3, the port facility should comply with the instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility in close cooperation with those responding and the ships at the port facility, which may include: .1subjecting such baggage to more extensive screening, for example x-raying it from at least two different angles; .2preparations for restriction or suspension of handling of unaccompanied baggage; and .3refusal to accept unaccompanied baggage into the port facility. Monitoring the security of the port facility 16.49The port facility security organisation should have the capability to monitor the port facility and its nearby approaches, on land and water, at all times, including the night hours and periods of limited visibility, the restricted areas within the port facility, the ships at the port facility and areas surrounding ships. Such monitoring can include use of: .1lighting; .2security guards, including foot, vehicle and waterborne patrols; and .3automatic intrusion-detection devices and surveillance equipment. 16.50When used, automatic intrusion-detection devices should activate an audible and/or visual alarm at a location that is continuously attended or monitored. 16.51The PFSP should establish the procedures and equipment needed at each security level and the means of ensuring that monitoring equipment will be able to perform continually, including consideration of the possible effects of weather or of power disruptions. Security level 1 16.52At security level 1, the PFSP should establish the security measures to be applied, which may be a combination of lighting, security guards or use of security and surveillance equipment to allow port facility security personnel to: .1observe the general port facility area, including shore- and water-side accesses to it; .2observe access points, barriers and restricted areas; and .3allow port facility security personnel to monitor areas and movements adjacent to ships using the port facility, including augmentation of lighting provided by the ship itself. Security level 2 16.53At security level 2, the PFSP should establish the additional security measures to be applied to enhance the monitoring and surveillance capability, which may include: .1increasing the coverage and intensity of lighting and surveillance equipment, including the provision of additional lighting and surveillance coverage; .2increasing the frequency of foot, vehicle or waterborne patrols; and .3assigning additional security personnel to monitor and patrol. Security level 3 16.54At security level 3, the port facility should comply with the instructions issued by those responding to the security incident or threat thereof. The PFSP should detail the security measures which could be taken by the port facility in close cooperation with those responding and the ships at the port facility, which may include: .1switching on all lighting within, or illuminating the vicinity of, the port facility; .2switching on all surveillance equipment capable of recording activities within, or adjacent to, the port facility; and .3maximising the length of time such surveillance equipment can continue to record. Differing security levels 16.55The PFSP should establish details of the procedures and security measures the port facility could adopt if the port facility is at a lower security level than that applying to a ship. Activities not covered by the Code 16.56The PFSP should establish details of the procedures and security measures the port facility should apply when: .1it is interfacing with a ship which has been at a port of a State which is not a Contracting Government; .2it is interfacing with a ship to which this Code does not apply; and .3it is interfacing with fixed or floating platforms or mobile offshore drilling units on location. Declarations of Security 16.57The PFSP should establish the procedures to be followed when, on the instructions of the Contracting Government, the PFSO requests a Declaration of Security (DoS) or when a DoS is requested by a ship. Audit, review and amendment 16.58The PFSP should establish how the PFSO intends to audit the continued effectiveness of the PFSP and the procedure to be followed to review, update or amend the PFSP. 16.59The PFSP should be reviewed at the discretion of the PFSO. In addition it should be reviewed: .1if the PFSA relating to the port facility is altered; .2if an independent audit of the PFSP or the Contracting Government's testing of the port facility security organisation identifies failings in the organisation or questions the continuing relevance of significant elements of the approved PFSP; .3following security incidents or threats thereof involving the port facility; and .4following changes in ownership or operational control of the port facility. 16.60The PFSO can recommend appropriate amendments to the approved plan following any review of the plan. Amendments to the PFSP relating to: .1proposed changes which could fundamentally alter the approach adopted to maintaining the security of the port facility; and .2the removal, alteration or replacement of permanent barriers, security and surveillance equipment and systems, etc., previously considered essential in maintaining the security of the port facilityshould be submitted to the Contracting Government that approved the original PFSP for their consideration and approval. Such approval can be given by, or on behalf of, the Contracting Government with, or without, amendments to the proposed changes. On approval of the PFSP, the Contracting Government should indicate which procedural or physical alterations have to be submitted to it for approval. Approval of port facility security plans 16.61 PFSPs have to be approved by the relevant Contracting Government, which should establish appropriate procedures to provide for: .1the submission of PFSPs to them; .2the consideration of PFSPs; .3the approval of PFSPs, with or without amendments; .4consideration of amendments submitted after approval; and .5procedures for inspecting or auditing the continuing relevance of the approved PFSP. At all stages, steps should be taken to ensure that the contents of the PFSP remain confidential. Statement of Compliance of a Port Facility 16.62The Contracting Government within whose territory a port facility is located may issue an appropriate Statement of Compliance of a Port Facility (SoCPF) indicating: .1the port facility; .2that the port facility complies with the provisions of chapter XI-2 and part A of the Code; .3the period of validity of the SoCPF, which should be specified by the Contracting Governments but should not exceed five years; and .4the subsequent verification arrangements established by the Contracting Government and a confirmation when these are carried out. 16.63The Statement of Compliance of a Port Facility should be in the form set out in the appendix to this Part of the Code. If the language used is not Spanish, French or English, the Contracting Government, if it considers it appropriate, may also include a translation into one of these languages. 17.PORT FACILITY SECURITY OFFICER General 17.1 In those exceptional instances where the ship security officer has questions about the validity of identification documents of those seeking to board the ship for official purposes, the port facility security officer should assist. 17.2 The port facility security officer should not be responsible for routine confirmation of the identity of those seeking to board the ship.In addition, other relevant guidance is provided under sections 15, 16 and 18. 18.TRAINING, DRILLS AND EXERCISES ON PORT FACILITY SECURITY Training 18.1The port facility security officer should have knowledge and receive training, in some or all of the following, as appropriate: .1security administration; .2relevant international conventions, codes and recommendations; .3relevant Government legislation and regulations; .4responsibilities and functions of other security organisations; .5methodology of port facility security assessment; .6methods of ship and port facility security surveys and inspections; .7ship and port operations and conditions; .8ship and port facility security measures; .9emergency preparedness and response and contingency planning; .10instruction techniques for security training and education, including security measures and procedures; .11handling sensitive security-related information and security-related communications; .12knowledge of current security threats and patterns; .13recognition and detection of weapons, dangerous substances and devices; .14recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten the security; .15techniques used to circumvent security measures; .16security equipment and systems, and their operational limitations; .17methods of conducting audits, inspection, control and monitoring; .18methods of physical searches and non-intrusive inspections; .19security drills and exercises, including drills and exercises with ships; and .20assessment of security drills and exercises. 18.2Port facility personnel having specific security duties should have knowledge and receive training in some or all of the following, as appropriate: .1knowledge of current security threats and patterns; .2recognition and detection of weapons, dangerous substances and devices; .3recognition of characteristics and behavioural patterns of persons who are likely to threaten security; .4techniques used to circumvent security measures; .5crowd management and control techniques; .6security-related communications; .7operations of security equipment and systems; .8testing, calibration and maintenance of security equipment and systems; .9inspection, control, and monitoring techniques; and .10methods of physical searches of persons, personal effects, baggage, cargo, and ship's stores. 18.3All other port facility personnel should have knowledge of and be familiar with relevant provisions of the port facility security plan in some or all of the following, as appropriate: .1the meaning and the consequential requirements of the different security levels; .2recognition and detection of weapons, dangerous substances and devices; .3recognition of characteristics and behavioural patterns of persons who are likely to threaten the security; and .4techniques used to circumvent security measures. Drills and exercises 18.4The objective of drills and exercises is to ensure that port facility personnel are proficient in all assigned security duties, at all security levels, and to identify any security-related deficiencies which need to be addressed. 18.5To ensure the effective implementation of the provisions of the port facility security plan, drills should be conducted at least every three months unless the specific circumstances dictate otherwise. These drills should test individual elements of the plan such as those security threats listed in paragraph 15.11. 18.6Various types of exercises, which may include participation of port facility security officers, in conjunction with relevant authorities of Contracting Governments, company security officers, or ship security officers, if available, should be carried out at least once each calendar year with no more than 18 months between the exercises. Requests for the participation of company security officers or ship security officers in joint exercises should be made, bearing in mind the security and work implications for the ship. These exercises should test communication, coordination, resource availability and response. These exercises may be: .1full-scale or live; .2tabletop simulation or seminar; or .3combined with other exercises held, such as emergency response or other port State authority exercises. 19.Verification and certification for ships No additional guidance." Appendix to Part B Appendix 1 02004R0725-20090420_en_img_6 02004R0725-20090420_en_img_7 Appendix 2 02004R0725-20090420_en_img_8 02004R0725-20090420_en_img_9
----------------------
Protocol of 1988 relating to the International Convention for the Safety of Life at Sea, 1974.