πŸ›‘οΈ ISPS Code Explained: Maritime Security Fundamentals for Ships and Ports

Jib Avatar

Ahoy, my friend!

Jib

A passenger vessel implementing the ISPS Code with their security guards and checks while in port.

🌐 What is the ISPS Code?

The International Ship and Port Facility Security (ISPS) Code is a maritime security framework adopted under SOLAS Chapter XI-2, designed to safeguard ships, port facilities, cargo, and personnel against acts of terrorism, piracy, and other unlawful threats.

Enforced globally since 1 July 2004, the ISPS Code:

  • Enhances shipboard and port security,
  • Establishes protocols to manage security threats,
  • Requires ships and ports to operate under defined MARSEC (security) levels.

πŸ“Œ The ISPS Code is legally binding under the SOLAS Convention, meaning compliance is mandatory for specific vessels and ports worldwide.

βš“ Maritime Security Before the ISPS Code

Before 2004, maritime security was largely neglected, especially in commercial shipping.

Unlike the strict standards in place for safety (SOLAS), ships had no unified international guidelines to prevent intrusions, unauthorized access, or terror threats.

Typical pre-ISPS practices:

  • Visitors boarded without strict verification.
  • No assigned security duties; the gangway was often unattended.
  • Suspicious individuals were only flagged if visibly armed.
  • Security responsibilities were often handled case-by-case at the Master’s discretion.

🧭 In short, the industry treated safety as paramount while security remained reactive and informal until a global crisis reshaped everything.

🚨 Notable Maritime Security Incidents (Pre-2004)

Several high-profile attacks highlighted the vulnerabilities in the shipping sector:

πŸ”Ή Achille Lauro Hijacking (1985)

  • Attackers: 4 armed Palestinian terrorists
  • Target: Italian cruise ship Achille Lauro
  • Outcome: Hostage situation; 1 American passenger killed
  • Result: IMO issued anti-piracy advisories, mostly adopted only by cruise lines

πŸ”Ή Avrasya Ferry Hijacking (1996)

  • Location: Sailing along the Black Sea
  • Passengers: 177; Crew: 55
  • Threat: Kill 100 Russian passengers unless demands met
  • Outcome: Resolved without casualties

πŸ”Ή USS Cole Bombing (2000)

  • Type: Suicide boat attack in Yemen
  • Casualties: 17 U.S. sailors killed, 39 injured

πŸ”Ή MT Limburg Attack (2002)

  • Method: Explosive-laden dinghy
  • Impact: Tanker set ablaze, 90,000 barrels of oil spilled, 1 crew member killed

These incidents revealed the gaping holes in maritime security, especially regarding asymmetric threats like terrorism.

Crew entering the watertight door marked with "Restricted Area".
Doors leading to restricted Area.

πŸ›‘ The 9/11 Impact: Turning Point in Maritime Security

The September 11, 2001 attacks triggered a global reckoning- not just for aviation, but also for shipping.

The maritime industry, realizing its own exposure to similar threats (e.g., weaponized cargo or ship hijacking), responded swiftly.

Just three months later, the International Maritime Organization (IMO) convened to revamp its maritime security framework.

πŸ“œ History and Adoption of the ISPS Code

πŸ”Έ Development Timeline:

  • Sep 2001: Post-9/11 review of maritime security begins
  • Dec 12, 2002: IMO adopts the ISPS Code under SOLAS 1974 Convention
  • Jul 01, 2004: Full implementation of the ISPS Code becomes mandatory

πŸ”Έ SOLAS Amendments:

  • Chapter XI becomes XI-1 – β€œSpecial Measures to Enhance Maritime Safety”
  • A new Chapter XI-2 is introduced – β€œSpecial Measures to Enhance Maritime Security”

🎯 Core Objectives of the ISPS Code

The ISPS Code outlines a global strategy for preventing and responding to maritime threats.

It aims to:

βœ… Establish a cooperative framework between governments, port authorities, and shipping companies
βœ… Clearly define roles and responsibilities in maritime security
βœ… Enable real-time exchange of threat intelligence
βœ… Create standardized assessment procedures
βœ… Build confidence in global maritime security systems

βš™οΈ Functional Requirements of the ISPS Code

To achieve its objectives, the ISPS Code mandates several security functions for both ships and port facilities:

  • πŸ” Prevent unauthorized access to ships, ports, and restricted areas
  • πŸ“‘ Maintain reliable ship-port communication protocols
  • 🚨 Ensure clear procedures to raise alarms in case of threats
  • πŸ“‘ Conduct security assessments (SSA/PFSA) and create approved security plans (SSP/PFSP)
  • 🧯 Prevent introduction of weapons or explosives
  • 🧠 Require security training, drills, and familiarization for crew and port personnel

πŸ“˜ These requirements must be documented and verifiable during audits, inspections, and Port State Control (PSC) checks.

Door marked with "Restricted Area". This is in accordance with ISPS Code.
The Ship Security Plan includes marking of “Restricted Area” to some important spaces on board.

πŸ“‹ Scope of Application: Who Must Comply?

The ISPS Code applies to the following ships engaged in international voyages:

  • πŸ›³οΈ Passenger ships (including high-speed passenger craft)
  • 🚒 Cargo ships of 500 gross tonnage or more (including high-speed craft)
  • πŸ›’οΈ Mobile offshore drilling units
  • βš“ Port facilities serving any of the above ships

🚫 Exempted Vessels:

  • Warships
  • Naval auxiliaries
  • State-owned vessels on non-commercial government service

πŸ“Œ For merchant vessels, ISPS compliance is not optional. Non-compliance can lead to detentions, fines, or denial of port entry.

🚒 How the ISPS Code is Applied Onboard Ships

The ISPS Code requires every ship in scope to maintain a documented, working Ship Security Plan (SSP) and designate onboard personnel responsible for implementing security measures.

πŸ” Key Onboard Security Measures Include:

  • Gangway control and restricted area monitoring
  • Seafarer and visitor ID verification
  • Surveillance of cargo operations and mooring areas
  • Monitoring deck areas and blind spots
  • Controlling access via accommodation ladder or pilot ladder
  • Conducting regular drills and security audits

πŸ“Œ The ship’s Master remains legally responsible for ensuring the SSP is followed, but actual tasks are delegated to a trained Ship Security Officer (SSO) and crew.

πŸ›³οΈ ISPS Code Responsibilities in Ports

Port facilities play a crucial role in securing the maritime domain.

Under the ISPS Code, all designated port facilities must have a Port Facility Security Plan (PFSP) and trained personnel responsible for implementing it.

πŸ”’ Key Port Security Tasks Include:

  • Screening cargo and baggage
  • Monitoring perimeter fencing and restricted zones
  • CCTV surveillance of gates and berths
  • Coordinating with ship security teams during calls
  • Designating port access routes for ISPS-covered vessels
  • Handling Declaration of Security (DoS) formalities

🧭 Without a valid PFSP or designated Port Facility Security Officer (PFSO), port authorities risk non-compliance and potential international penalties.

πŸ‘€ Key Security Personnel Under the ISPS Code

1. Company Security Officer (CSO)

πŸ”Ή Appointed by the shipping company
πŸ”Ή Acts as the link between ship and shore security
πŸ”Ή Ensures each ship has a valid, updated SSP
πŸ”Ή Conducts Ship Security Assessments (SSA)
πŸ”Ή Coordinates drills, exercises, and audits

πŸ“Œ The CSO is usually based ashore and may oversee multiple ships within a fleet.

2. Ship Security Officer (SSO)

πŸ”Ή Designated by the Master and approved by the CSO
πŸ”Ή Implements and maintains the SSP onboard
πŸ”Ή Conducts security rounds, inspections, and crew training
πŸ”Ή Coordinates with PFSO during port stays
πŸ”Ή Monitors security equipment like CCTV, alarms, and SSAS

πŸ“˜ The Ship Security Officer (SSO) must undergo STCW-approved training and hold a valid certificate.

3. Port Facility Security Officer (PFSO)

πŸ”Ή Appointed by port authority or terminal operator
πŸ”Ή Conducts Port Facility Security Assessments (PFSA)
πŸ”Ή Develops and maintains the PFSP
πŸ”Ή Coordinates with CSOs and SSOs for DoS and real-time threat response
πŸ”Ή Oversees port drills and security infrastructure (e.g., barriers, scanners)

🧾 Security Assessments and Plans Explained

Before implementing security measures, both ships and ports must undergo detailed assessments to identify vulnerabilities.

βœ… Ship Security Assessment (SSA)

  • Evaluates shipboard access points, lighting, blind zones, gangways
  • Assesses past incidents, port states visited, and likely threats
  • Forms the basis of the Ship Security Plan (SSP)

βœ… Port Facility Security Assessment (PFSA)

  • Examines facility layout, access routes, and cargo operations
  • Considers threat levels based on port type (e.g., oil terminals, RoRo, container hubs)
  • Becomes the foundation for the Port Facility Security Plan (PFSP)

πŸ“„ Both the SSP and PFSP must be approved by the relevant national authority or Recognized Security Organization (RSO).

πŸ†˜ Ship Security Alert System (SSAS)

The SSAS is a silent alarm system mandated by the ISPS Code.

It enables ships to notify flag state authorities instantly when under security threat without alerting onboard attackers.

πŸ“‘ How It Works:

  • Hidden switch is activated by the crew (usually SSO or Master)
  • Signal is sent via satellite to a pre-registered contact point (e.g., CSO or flag state security agency)
  • The alert does not trigger any external noise or visible response onboard

🚨 SSAS is required on cargo ships β‰₯500 GT, all passenger ships, and MODUs under ISPS jurisdiction.

🀝 Declaration of Security (DoS)

A Declaration of Security is a formal agreement between the ship and port facility that outlines security responsibilities during a port stay.

πŸ“ It includes:

  • MARSEC level at the time of arrival
  • Assigned responsibilities (gangway control, visitor screening)
  • Security equipment to be used (e.g., scanners, CCTV, ID checks)
  • Contact persons (SSO and PFSO details)

When is a DoS Required?

  • When the ship docks in port.
  • Upon request by the ship or port based on risk assessment
  • For ship-to-ship transfers in port or at anchorage
  • When calling a non-ISPS compliant facility

πŸ›‘οΈ A signed DoS helps align expectations and ensures both sides are prepared for coordinated threat management.

Maritime Security Level Displayed On Board.
Maritime Security Level 1.

πŸ“Ά Maritime Security (MARSEC) Levels

The MARSEC Levels are a 3-tier security system used to indicate the threat condition to ships and port facilities.

They guide how the ISPS Code should be applied in real-time.

LevelDescriptionApplication
Level 1Default – normal operations with standard security measuresContinuous
Level 2Heightened threat – more targeted security actions requiredTemporary
Level 3Imminent or actual threat – maximum security responseExceptional

πŸ” Examples:

  • Level 1: Routine port calls, standard access control
  • Level 2: Political unrest near port, suspicious activity reports
  • Level 3: Active piracy threat, bomb threat, terrorist intelligence

πŸ“Œ All crew must know their responsibilities at each level as outlined in the Ship Security Plan (SSP).

πŸ“„ Continuous Synopsis Record (CSR)

The CSR is a unique security document required under SOLAS Chapter XI-1 Regulation 5 and directly supports ISPS Code compliance.

πŸ“˜ What’s in the CSR?

  • Ship’s IMO number and flag
  • Ownership and management details
  • History of previous owners/operators
  • Dates of changes (name, flag, company, etc.)

πŸ›‚ Purpose: To maintain a transparent, tamper-proof history of the ship throughout its life – improving identity verification and deterring unlawful activities.

πŸŽ“ ISPS Training Requirements

The ISPS Code mandates security training for all personnel based on their roles.

πŸ”Ή Mandatory Security Training Courses:

RoleTraining Required
All seafarersShip Security Awareness Training (SSAT)
Crew with dutiesSSAT + Seafarers with Designated Security Duties (SDSD)
SSOShip Security Officer Course
CSOCompany Security Officer Course
PFSOPort Facility Security Officer Course

βœ… All training must comply with STCW Chapter VI and be delivered by an approved maritime training center.

πŸ“‘ ISPS Code Certificates and Validity

Ships and ports must hold valid ISPS Code documents issued by their flag state or a Recognized Security Organization (RSO).

πŸ›₯️ For Ships:

  • International Ship Security Certificate (ISSC)
    β–Έ Valid for 5 years (subject to intermediate verification)
    β–Έ Issued after SSP approval and successful audit
  • πŸ“„ Interim International Ship Security Certificate (IISSC)
    Granted in the following scenarios:
    • βœ… When a new vessel is delivered or enters/re-enters service
    • βœ… If the vessel is transferred between flags of Contracting Governments
    • βœ… When a new company takes over management of a vessel it hasn’t operated before
    • ⏳ Typically valid for 6 months, allowing time for full compliance before ISSC issuance

πŸ” This interim certificate ensures continuous ISPS compliance during transitional periods.

🏒 For Ports:

  • Issued post-PFSP audit and inspection
  • Statement of Compliance for a Port Facility
  • Validity depends on national authority policies

πŸ•΅οΈ Port State Control (PSC) Inspections on ISPS Compliance

ISPS-related checks are part of PSC inspections under regional MOUs (e.g., Tokyo, Paris, Black Sea).

πŸ” PSC May Inspect:

  • Validity of ISSC and CSR
  • Familiarity of crew with MARSEC levels
  • SSO certificate and log entries
  • SSAS test records
  • Declaration of Security (DoS) documentation
  • Physical access control (e.g., guards, signs, CCTV)

🚩 Deficiencies can lead to ship detention, delayed port clearance, or even denial of entry.

⚠️ Penalties for ISPS Code Violations

🚫 Consequences of Non-Compliance:

  • Detention by Port State Control
  • Invalidation of ISSC
  • Fines or legal action from flag/state authorities
  • Blacklisting from secure port facilities
  • Insurance issues due to breach of safety/security clauses

β›” Ignoring ISPS responsibilities can jeopardize ship safety, cargo security, and even crew welfare.

❓ Frequently Asked Questions (SEO-Optimized)

What is the main purpose of the ISPS Code?

To enhance maritime security by preventing unauthorized access, terrorism, piracy, and other unlawful acts on ships and in ports.

Who are the key ISPS officers onboard a ship?

  • Ship Security Officer (SSO) – Implements the SSP.
  • Company Security Officer (CSO) – Oversees ship security from shore.
  • Master – Ultimately responsible for ship security.

What is the difference between SSP and PFSP?

  • SSP (Ship Security Plan) applies to the ship.
  • PFSP (Port Facility Security Plan) applies to the port.
    Both outline security measures under the ISPS Code.

When is a Declaration of Security (DoS) required?

  • When ship docks in port
  • When requested by port or ship
  • During ship-to-ship operations or non-compliant port visits

Is SSAS required on all ships?

Yes, for:

  • Passenger ships
  • Cargo ships β‰₯500 GT in international voyages
  • Mobile Offshore Drilling Units (MODUs)

🧭 Summary and Final Thoughts

The ISPS Code is a cornerstone of global maritime security, developed in response to terrorism and modern threats at sea.

It establishes clear roles, procedures, training standards, and security levels to protect ships, crew, ports, and cargo.

βš“ For seafarers, knowing your ISPS responsibilities isn’t just about compliance.

It’s about keeping your ship, crewmates, and yourself safe in an unpredictable world.

May the winds be in your favor.

Share and Enjoy !
Shares

4 responses to “πŸ›‘οΈ ISPS Code Explained: Maritime Security Fundamentals for Ships and Ports”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.