Cargo handling, ballast operations, tank management — 9 questions
The risk assessment must reflect the prevailing characteristics of the speci fic voyage, ship and operations and not just be a repetition of advice e.g. relating to different geographical regions and different pirate modus operandi.
Detailed guidance on preparing risk assessments can be found from a variety of sources including the ISPS code.
Section 5 Company planning 5.1 Company planning prior to entering an area of increased risk increased risk identified through the risk assessment in order to mitigate against the risk of attack.
It should be noted that pirate and armed robbery risk will vary across regions. 5.1.6 Offer guidance to the Master as to recommended route Offer the Master guidance regarding recommended routeing through areas of increased risk identified through the risk assessment.
Guidance should be provided on using recommended transit corridors or other supported routes (e.g. a Group Transit or National Convoys where these exist).
If anchoring, consideration should be given to the use of protected anchorages where available recognising that standards of protection vary widely.
The company should appreciate that the voyage routeing may need to be reviewed and amended at short notice in light of updated information.
Industry: BMP5 Best Management Practices to Deter Piracy and Enhance Maritime Security in the Red Sea, Gulf of Aden, Indian Ocean and Arabian Sea and Industry: BMP West Africa.
Best Management Practices to Deter Piracy and Enhance Maritime Security off the Coast of West Africa including the Gulf of Guinea. 1 st Edition.
Annex B - Maritime security charts (similar advice and guidance is provided in both publications) Maritime security charts contain safety -critical information to assist bridge crews in the planning of safe passages through high risk areas.
All information has been gathered by the UKHO through work with NATO and other government organisations, ensuring each chart has the most accurate, up-to -date and verified information availabl e.
Each maritime security chart includes: • Information about dangers to the security of navigation including piracy, terrorism, embargoes, mine warfare, exclusion zones, blockades and illegal fishing.
This information, when used alongside official navigational charts, can help to ensure the safety of ships, crew and cargo. • General security advice, self -protective measures, security procedures and regional contacts, as well as routeing and reporting requirements implemented by military or security forces.
ReCAAP: Regional Guide to Counter Piracy & Armed Robbery against Ships in Asia (2021).
TMSA KPI 13.2.1 requires that formal risk assessments of company activities are undertaken to identify and mitigate potential security threats.
Ship specific security risk assessments are reviewed prior to entry into areas identified as having increased risk.
IMO: ISM Code 7.
The company should establish procedures, plans and instructions, including checklists as appropriate, for key shipboard operations concerning the safety of the personnel, ship and the protection of the environment.
The various tasks should be defined and assigned to qualified personnel.
The passage plan and voyage charts should contain security related information for each leg of the voyage.
In order to plan a voyage or transit through a security risk area, the Master should have available current threat information and a security risk assessment based on that information.
The information available should include: • Industry best management practice guidance (BMP) publications. • Regional guidance where available. • Company specific guidance regarding recommended routeing, speed, waiting areas and anchorages.
A detailed threat and risk assessment should be completed for each voyage and activity within a security risk area.
This should be reviewed and updated prior to entering an area which requires an increased state of readiness and vigilance and the passage plan amended if necessary.
The passage plan should identify points where there will be, for example: • Changes to security levels. • Points at which maritime reports should be made (e.g., entering a VRA/VCR) • Enhanced bridge manning levels (e.g., extra lookouts). • Vessel speed requirements. • Restricted access controls. • Voyage day/night transit considerations. • Hardening of the vessel. • No planned maintenance on voyage critical equipment.
The vessel operator should have provided bridge security cards and/or checklists to ensure that all security related considerations were included within the passage plan.
The ships security plan is confidential and approved by flag state.
Where the master advises that the ship security plan and any other plans relating to security are confidential, the inspector should only confirm their existence by inspection of the front cover.
The inspector should address the question based on those documents and records that are not considered confidential in conjunction with the explanations of the accompanying off icer.
Where a comment is required to support an observation, it must not provide any detail relating to the content of plans or risk assessments that are reported as confidential.
Inspectors should note that a company may instruct its vessel not to participate in a VRA based on their own internal security assessment.
In these circumstances the voyage planning records should identify the VRA reporting points and indicate that reports must not be made to comply with company instructions.
Suggested I nspector Actions • Sight UKHO or equivalent security charts and industry best management practice guidance (BMP) publications and/or regional guidance. • Review the passage plan for a recently completed voyage including security related notations on voyage charts. • Review the security risk assessment for the same voyage. • Review if necessary, the records of the same voyage in the Bridge Log Book.
Expected Evidence • UKHO or equivalent security charts. • Industry best management practice guidance (BMP) publications. • Regional Security Guidance (e.g., ReCAAP Guidance) • Company passage plan appraisal form checklist for a recently completed voyage. • Passage plan for the same recently completed voyage. • Security risk assessment for the same recently completed voyage. • Bridge security cards and/or checklists.
Potential Grounds for a
All ships must be provided with at least one search and rescue transmitter (SART).
Ships over 500 gross ton nage must carry two SARTs.
A SART may operate either in the 9 GHz band or on frequencies dedicated for AIS.
SART self -tests will use some of the beacon’s limited battery power and should only be performed in accordance with the transponder manufacturer’s guidance.
['Sight, and where necessary review, the company procedure to ensure that SARTs were periodically inspected, tested and ready for immediate use in an emergency.', 'Review records of periodic inspections and tests of the SART(s).', 'Inspect the SART(s).', 'Interview the accompanying officer and verify their familiarity with: o The purpose and operation of the SARTs carried onboard. o How to conduct the self', 'test function for each type of SART carried.
Expected Evidence', 'The company procedure to ensure that SARTs were periodically inspected, tested and ready for immediate use in an emergency.', 'The GMDSS Radio Log Book.', 'Records of periodic inspections and tests of the SART(s).
Potential Grounds for a']
Industry Guidance OCIMF: Guidelines to Harden Vessels.
First Edition. 1.1 Assessing risks, detecting threats and defending the vess el Vessel hardening is the physical measures taken to improve a vessel's security integrity.
Any vessel hardening measures adopted should not compromise the vessel’s compliance with the International Convention for the Safety of Life at Sea (SOLAS) regulations.
Escape routes should be kept clear and nothing should interfere with the crew’s ability to respond to non-security related emergencies. 2 Risk assessment It is recommended a Vessel Hardening Plan (VHP) is created, based on the company risk assessment.
The VHP should outline what mitigation measures are needed to reduce the risk to As Low as Reasonably Practicable (ALARP).
It could be a stand- alone document, be incorporated into company procedures or be contained within the Ship Security Plan (SSP).
An example of a VHP is given in appendix C.
Appendix C Vessel Hardening Plan A Vessel Hardening Plan (VHP) can ensure vessels are prepared for operations in areas of increased security.
A VHP ought to be considered as part of any voyage preparation and more so when the vessel will cross known areas of maritime crime or piracy.
The requirement for a VHP should be defined within the company management procedures for security.
The Company Security Officer should be responsible for the VHP ensuring process is in place for hardening the vessel.
The Master and the Ship's Security Officer are responsible for reviewing the VHP before transit or operation within known security risk areas.
It is recommended that vessel owners and managers should develop and use a VHP.
TMSA KPI 13.1.3 requires that measures have been developed to mitigate and respond to all identified threats to vessels and shore- based locations.
Mitigating measures may include: IMO: ISM Code 7 The Company should establish procedures, plans and instructions, including checklists as appropriate, for key shipboard operations concerning the safety of the personnel, ship and protection of the environment.
The various tasks involved should be defined and assigned to qualified personnel.
The vessel operator should have developed procedures for hardening the vessel when entering areas of increased security risk that included: • A ship -specific Vessel Hardening Plan (VHP), including a list of materials needed to implement the VHP and the required quantities. • Guidance on when the required quantities of hardening material should be available on board, i.e. always or only as needed. • A requirement to maintain an inventory of the materials needed to implement the VHP currently on board. • Inspection and maintenance requirements for security equipment such as water cannons, CCTV etc. • Safety guidance to crew when rigging security equipment, e.g., working with razor wire or near the ships side.
The VHP should not conflict with lifesaving appliance operation, e.g., life rafts should not be obstructed.
The ships security plan is confidential and approved by flag state.
Where the master advises that the ship security plan and any other plans relating to security are confidential, the inspector should only confirm their existence by inspection of the front cover.
The inspector should address the question based on those documents and records that are not considered confidential in conjunction with the explanations of the accompanying officer.
Where a comment is required to support an observation, it must not provide any detail relating to the content of plans or risk assessments that are reported as confidential.
This question will only be allocated to vessels where the vessel operator had declared through the pre-inspection questionnaire that: • The vessel’s usual trading area included entering or transiting areas of increased security risk.
In which case, the vessel operator will have declared whether the vessel always carried materials to implement its hardening plan.
The response will be inserted in the inspection editor and the final report.
['Sight and where necessary, review the company procedures for hardening the vessel when entering areas of increased security risk.', 'Review: o Vessel Hardening Plan (VHP). o Records of implementation of the VHP such as logbooks, work planning records, reports, photographs etc. o Inventory of hardening materials. o Inspection and maintenance records for security equipment such as water cannons, CCTV, infrared detection cameras, etc.', 'If the vessel is hardened in accordance with the VHP at the time of the inspection, verify that LS A and FFA is accessible and unobstructed.', 'Interview the Ship Security Officer to verify their familiarity with the company procedures for hardening the vessel when entering areas of increased security risk, particularly the VHP.
Where the VHP was reported to be an integral part of the ship security plan and confidential, the date of the last review/major changes to the plan should be sighted to verify that a VHP plan existed.
Expected Evidence', 'Company procedures for hardening the vessel.', 'Vessel Hardening plan (VHP).', 'Inventory of hardening materials.', 'Inspection and maintenance records for security equipment such as water cannons, CCTV, infrared detection cameras, etc.', 'Bridge Log Book.', 'Work planning records.', 'Any other records of hardening being implemented, e.g., reports, photographs.
Potential Grounds for a']
The procedures may refer to the manufacturer’s manuals for detailed guidance on individual instruments.
['Sight, and where necessary review the: o Company procedures for the operation, testing, maintenance and calibration of the portable and personal gas measurement instruments. o Instruction manuals for the portable and personal gas measurement instruments. o Portable and personal gas measurement instruments. o Associated spare parts and test gases. o The tubes, chips or other consumables available on board for measuring toxic gases. o Hoses or cables used to sample tank atmospheres and verify that they were of sufficient length to reach the bottom of the deepest tank.', 'Review the: o Inventory of portable and personal gas measurement instruments, spare parts, test gases and tubes, chips or other consumables for measuring toxic gases. o Test and calibration r ecords for the portable and personal gas measurement instruments. o Records of the date when each disposable personal gas monitor was first commissioned.', 'Interview the accompanying officer to assess their familiarity with the: o Purpose and operation of the portable and personal gas measurement instruments. o Testing, maintenance and calibration of the portable and personal gas measurement instruments, including the correct use of test gases. o Records required to be kept for the portable and personal gas measurement instruments.', 'Request that the accompanying officer demonstrates the pre', 'operational accuracy test, in accordance with the manufacturer’s instructions, for a selected portable or personal gas measurement instrument.
Where the vessel was provided with portable gas measuring equipment and consumables from different manufacturer’s the vessel staff must be able to demonstrate that the items are mutually compatible through manufacturer’s instructions. (Particularly when considering gas testing tubes and hand pumps) Expected Evidence', 'The company procedures for the operation, testing, maintenance and calibration of the vessel’s portable and personal gas measurement instruments.', 'The inventory of portable and personal gas measurement instruments, spare parts, test gases and tubes, chips or other consumables for measuring toxic gases.', 'Instruction manuals for the portable and personal gas measurement instruments.', 'Test and calibration records for the portable and personal gas measurement instruments.', 'Records of the date when each disposable personal gas monitor was first commissioned.
Potential Grounds for a']
Industry Guidance Industry: Global Counter Piracy Guidance for Companies, Masters and Seafarers Section 3 Voluntary Reporting A major lesson learnt from operations against piracy and armed robbery to date is the importance of liaison with the military and law enforcement.
This is an essential part of self -protection that applies to all ships.
To ensure these forces are aware of the intended sea passage and to understand the ships’ vulnerability to an attack, ships are encouraged to report to the centres overseeing the Voluntary Reporting Areas (VRAs).
This information is essential to enable the centres to best use any assets available to them and to assist in an emergency.
Once ships have entered a VRA it is important that they continue to report while transiting within the area.
This will allow the reporting centres to update the ship of any maritime security related incidents or threats in that region.
Ships are strongly encouraged to register and report with the respective reporting centres as appropriate and, then send regular reports.
See also Industry: BMP5 Best Management Practices to Deter Piracy and Enhance Maritime Security in the Red Sea, Gulf of Aden, Indian Ocean and Arabian Sea Industry: BMP West Africa.
Best Management Practices to Deter Piracy and Enhance Maritime Security off the Coast of West Africa including the Gulf of Guinea. 1 st Edition.
TMSA KPI 13.1.5 requires that procedures include the reporting of potential security threats and actual security incidents.
The reporting procedures may include: • Vessel to the company. • Vessel to external authorities.
IMO: ISM Code 8.3 The SMS should provide for measures ensuring that the Company’s organization can respond at any time to hazards, accidents and emergency situations involving its ships.
IMO: Guide to Maritime Security and the ISPS Code 2012 edition Part A 9.
Ship Security Plan 9.4 The plan should address at least the following: .14 identification of the company security officer, including 24-hour contact details 10 Records 10.1 Records of the following activities addressed in the ship security plan shall be kept on board for at least the minimum period specified by the Administration, bearing in mind the provisions of regulation XI -2/9.2.3 .10 maintenance, calibration and testing of any security equipment provided on board, including testing the ship security alert system. 2.12 Ship security communications Requirement for alert and identification systems 2.12.1 Under the Maritime Security Measures, all SOLAS ships have to have a ship security alert system (SSAS). 2.12.3 Also under provision elsewhere in the SOLAS Convention, the following SOLAS ships engaged on international voyages have to be fitted with a long-range identification and tracking (LRIT) system: 2 cargo ships, including high -speed craft, of 300 gross tonnage and upwards.
The Master and officers should be aware of the name and 24-hour contact details of the Company Security Officer (CSO), and these details should be posted appropriately.
The Master and Ship Security Officer (SSO) should be familiar with the company procedures for voluntary security reporting in VRAs.
Security communication equipment provided on board, including the ship security alert system (SSAS), long-range identification and tracking (LRIT) equ ipment and dedicated standalone security communications equipment, if fitted, should be regularly tested and in satisfactory condition. the SSAS activation buttons.
The ships security plan is confidential and approved by flag state.
Where the master advises that the ship security plan and any other plans relating to security are confidential, the inspector should only confirm their existen ce by inspection of the front cover.
The inspector should address the question based on those documents and records that are not considered confidential in conjunction with the explanations of the accompanying officer.
Where a comment is required to suppor t an observation, it must not provide any detail relating to the content of plans or risk assessments that are reported as confidential.
Inspectors should note that a company may instruct its vessel not to participate in a VRA based on their own internal security assessment.
In these circumstances the voyage planning records should identify the VRA reporting points and indicate that reports must not be made to comply with company instructions.
['Sight the 24', 'hour contact details for the CSO.', 'Verify with the Master or SSO that: o They were familiar with the company procedures for voluntary security reporting in VRAs. o SSAS, LRIT and dedicated standalone security communications equipment, if fitted, is in satisfactory condition, regularly tested and records maintained.', 'Verify that participation in operational VRAs had been considered during each passage planning phase, and; o Where security reporting to VRAs was required by company procedures, there was evidence that reports had been made as required, or o Where security reporting to VRAs was not to be made in accordance with company procedures the passage plan was annotated with the actions to take, if any, when passing reporting points.', 'Interview the accompanying officer to verify their awareness of the:', 'o Purpose and operation of the SSAS, LRIT and dedicated standalone security communications equipment, if fitted. o 24', 'hour contact details of the CSO. (Inspectors should not request details of communications equipment or to sight test and maintenance records. ) Expected Evidence', 'Contact details of the CSO.', 'Records of participation in voluntary security reporting.
Potential Grounds for a']
Industry Guidance OCIMF/ICS: International Safety Guide for Oil Tankers and Terminals.
Sixth Edition. 6.6 Responsibilities under the International Ship and Port Facility Security Code For tankers at a terminal, while the PFSO is responsible for the port security plan, the Master has overriding authority to make decisions about the safety and security of the tanker.
A Ship Security Officer (SSO) should be appointed who is trained and capable of implementing the ship security plan and security measures on board.
The SSO could be the Master but is often one of the senior officers.
IMO: Guide to Maritime Security and the ISPS Code 2012 edition 1.8 Definitions Ship security officer means the person on board the ship, accountable to the master, designated by the company as responsible for the security of the ship including implementation and maintenance of the ship security plan and liaison with the company security officer and port facility security officers. 4.5.16 An SSO must be designated for every SOLAS ship.
To allow for crew changes, a number of SSOs may be designated to serve on each ship.
The duties of an SSO include: 1.
Undertaking regular security inspections of the ship to ensure that appropriate security measures are maintained; 2.
Maintaining and supervising the implementation of the SSP, including any amendments; 3.
Co-ordinating the security aspects of the handling of cargo and ship’s stores with other shipboard personnel and relevant PFS Os; 4.
Proposing modifications to the SSP; 5.
Reporting any deficiencies and non- conformities identified during internal audits, periodic reviews, security inspections and verifications of compliance to the CSO; 7.
Enhancing sec urity awareness and vigilance on board the ship; 8.
Ensuring that adequate training has been provided to shipboard personnel, including security -related familiarization training; 9.
Reporting all security incidents; 10.
Co-ordinating implementation of the SSP with the CSO and relevant PFSOs; 11.
Ensuring that security equipment is properly operated, tested, calibrated and maintained; and 12.
Ensuring the effective implementation of the SSP by organizing drills at appropriate intervals. 4.5.17 Effective 1 January 2012, SSOs are required to hold a certificate of proficiency confirming they: 1. have approved seagoing service of not less than 12 months (or appropriate seagoing service and knowledge of ship operations) and: 2. meet the minimum standards of competency specified in the STCW Code, which are listed in appendix 4.3 – Competency matrix for ship security officers.
TMSA KPI 13.2.2 requires that the personnel responsible for security receive training appropriate to their role and the company’s activities.
IMO: ISM Code 6.2 The Company should ensure that each ship is: 1. manned with qualified, certificated and medically fit seafarers in accordance with national and international requirements; and 2. appropriately manned in order to encompass all aspects of maintaining safe operatio ns on board.
IMO: SOLAS Chapter XI -2 Regulation 9 2.1 For the purpose of this chapter, a Contracting Government may require that ships intending to enter its ports provide the following information to officers duly authorized by that Government to ensure compliance with this chapter prior to entry into port with the aim of avoiding the need to impose control measures or steps: 1.
That the ship possesses a valid Certificate and the name of the issuing authority; 2.
The security level at which the ship is c urrently operating; 3.
The security level at which the ship operated in any previous port where it has conducted a ship/port interface within the time frame specified in paragraph 2.3; 4.
Any special or additional security measures that were taken by the ship in any previous port where it has conducted a ship/port interface within the time frame specified in paragraph 2.3; 5.
That the appropriate ship security procedures were maintained during any ship-to -ship activity within the time frame specified in paragraph 2. 3; 6.
Other practical security -related information (but not the details of the ship security plan), taking into account the guidance given in part B of the ISPS Code.
If requested by the Contracting Government, the ship or the Company shall provide confirmation, acceptable to that Contracting Government, of the information required above. 2.2 Every ship to which this chapter applies intending to enter the port of another Contracting Government shall provide the information described in paragraph 2.1 on the request of the officers duly authorized by that Government.
The master may decline to provide such information on the understanding that failure to do so may result in denial of entry into port. 2.3 The ship shall keep records of the information referred to in paragraph 2.1 for the last 10 calls at port facilities.
Certificate of Proficiency acceptable to the flag administration. • The SMS should clearly designate who is the SSO and should contain a description of the role and a list of their duties. • The SSO must be a member of the crew and cannot be an external security consultant, for example. • Ship security records as required by SOLAS must be maintained for the last 10 port calls.
The ships security plan is confidential and approved by flag state.
Where the master advises that the ship security plan and any other plans relating to security are confidential, the inspector should only confirm thei r existence by inspection of the front cover.
The inspector should address the question based on those documents and records that are not considered confidential in conjunction with the explanations of the accompanying officer.
Where a comment is required to support an observation, it must not provide any detail relating to the content of plans or risk assessments that are reported as confidential.
['Sight and verify the SSO’s Certificate of Proficiency.', 'Sight and where necessary review, the sections of the SMS relating to ship security.', 'Sight evidence of regular security inspections of the vessel by the SSO.', 'Sight the ship security records for the last 10 port calls.', 'Interview the SSO to verify their familiarity with their role, responsibilities, and duties.', 'Interview a rating to verify their knowledge of vessel specific security procedures. (Inspectors do not need to review the details of the information maintained in the records but should note whether records are maintained or not.) Expected Evidence', 'SSO’s Certificate of Proficiency.', 'Sections of the SMS relating to ship security.', 'Evidence of regular security inspections of the vessel by the SSO.', 'Ship security records as required by SOLAS.
Potential Grounds for a Neg at ive Observation', 'The SMS did not clearly designate who should be SSO.', 'The SMS did not contain a description of the role of the SSO, and a list of their duties.', 'The SSO did not have a valid Certificate of Proficiency.', 'The designated SSO was not a member of the crew.', 'The SSO did not have a full understanding of their role, responsibilities, and duties.
For example, they were not familiar with one or more of the following: o Purpose of the Ship Security Plan (SSP). o Operation, testing and maintenance of security equipment on board o Vessel Hardening Plan (VHP). o Identity, role and contact details of the CSO o Role of a Port Facility Security Officer (PFSO)', 'There was no evidence of regular security inspections of the vessel by the SSO.', 'Ship security records were not being maintained as required by SOLAS.
Page 707 of 711 – SIRE 2.0 Question Library : Part 1 Version 1.0 (January 2022) 7.5.
Cyber Security']
Industry Guidance OCIMF/ICS: Int ernational Safety Guide for Oil Tankers and Terminals.
Sixth Edition 6.4 Cyber safety and security Cyber security is concerned with the protection of Information Technology (IT), Operational Technology (OT), information and data from unauthorised access, manipulation and disruption.
Cyber safety covers the risks from the loss of availability or integrity of safety critical data and OT.
IMO: MSC -FAL.1/Circ.3 Guidelines on maritime cyber risk management 2.1.2 The distinction between information technology and operational technology systems should be considered.
Information technology systems may be thought of as focusing on the use of data as information.
Operational technology systems may be thought of as focusing on the use of data to c ontrol or monitor physical processes.
Furthermore, the protection of information and data exchange within these systems should also be considered.
Industry: The Guidelines on Cyber Security Onboard Ships Version 4 1.1 Cyber security characteristics of the maritime industry ...Cyber risk management should: • Identify the roles and responsibilities of users, key personnel, and management both ashore and on board. • Identify the systems, assets, data and capabilities, that if disrupted, could pose risks to the shi p’s operations and safety. • Implement technical and procedural measures to protect against a cyber incident, timely detection of incidents and ensure continuity of operations. • A contingency plan which is regularly exercised. applicable to vessels trading areas and shore-based locations.
Security threats may include: • Cyber threat The identified threats are reviewed as required by changes in circumstance.
IMO: ISM Code 8.1 The Company should establish procedures to identify describe and respond to potential emergency shipboard situations.
IMO: Resolution MSC.428(98) Maritime cyber risk management in safety management systems The Maritime Safety Committee, 1 Affirms that an approved safety management system should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code; 2 Encourages Administrations to ensure that cyber risks are appropriately addressed in safety management systems no later than the first annual verification of the company's Document of Compliance after 1 January 2021;
The vessel operator should have developed procedures for cyber risk management that: • Identified the roles and responsibilities of users, key personnel, and management both ashore and on board, including: o The officer with responsibility for cyber risk management on board. o The person responsible for managing user profiles and passwords in th e vessel network. • Identified the IT(information technology) and OT(operational technology) systems at risk on board such as: o Cargo management systems. o Bridge systems. o Propulsion and machinery management and power control systems. o Access control systems. o Administrative and crew welfare systems. o Communication systems. • Described technical protection measures to protect against a cyber incident such as o Physical security of network components. o Anti-virus software. o Application software management. o Back- up facilit ies. o Control of crew internet access. o Control of administrator profiles, user profiles and passwords. • Described procedural protection measures to protect against a cyber incident such as: o Cyber security training and awareness raising for crew members. o Cont rol of local and remote access to the IT and OT systems. o Control of the use of personal devices on board. o Equipment disposal including data destruction. o Contingency plans for possible cyber incidents.
Spaces containing sensitive IT or OT control equipment should be securely locked.
Physical access to sensitive user equipment (such as exposed USB ports on bridge systems and wi -fi hub ports) should be secured or disabled.
Only senior officers should have administrator profiles and the responsibility for maintaining user profiles should be clearly set out.
User profiles should only allow workstations etc. to be used for their intended purpose.
User profiles should be carefully managed, and redundant profiles deleted.
Generic user profiles and passwords should not be passed on as part of crew changes.
Passwords should be changed regularly.
Back- up facilities should be available and used to assist recovery following a cyber incident.
OT systems critical to navigation and propulsion should have backup systems enabling quick and safe recovery after a cyber incident.
Application software should be regularly updated with security patches and upgrades.
Crew members should receive cyber security training as appropriate to their responsibilities and duties.
Cyber security awareness should be actively promoted on board using for example, posters, CBT or online courses.
Computer access for visitors such as surveyors, technicians etc. should be restricted.
Unauthorised access to sensitive OT computers should be prohibited.
There should be procedures for the approval of access to sensitive networks, including remote access.
Procedures should strictly restrict the use of portable media.
Where use is unavoidable, such media should be checked for malware etc. in a computer not connected to the ship’s control network.
The following is a sample non- exhaustive list of cyber incidents, which should be addressed in plans for onboard contingencies.
These incidents may be addressed in the company’s procedures for dealing with shipboard emergencies as required by the ISM Code’s Chapter 8 (Emergency preparedness). • Loss of availability of electronic navigational equipment or loss of integrity of navigation related data. • Loss of availability or integrity of external data sources, including but not limited to GNSS. • Loss of essential connectivity with the shore, including but not limited to the availability of Global Maritime Distress and Safety System (GMDSS) communications. • Loss of availability of industrial control systems, including propulsion, auxiliary systems, and other critical systems, as well as loss of integrity of data management and control. • The event of a ransomware or denial of service incident.
Contingency plans and related information should include communications and escalation management to ensure that the correct shore based support can be accessed and should be available in a non-electronic form as some types of cyber incidents can include the deletion of data and shutdown of communication links.
Contact details should be readily available for technical support from the operator’s IT department or external IT contractors as appropriate.
The ships security plan is confidential and approved by flag state.
Where the master advises that the ship security plan and any other plans relating to security are confidential, the inspector should only confirm their existence by inspection of the front cover.
The inspector should address the question based on those documents and records that are not considered confidential in conjunction with the explanations of the accompanying officer.
Where a comment is required to support an observation, it must not provide any detail relating to the content of plans or risk assessments that are reported as confidential.
Page 710 of 711 – SIRE 2.0 Question Library : Part 1 Version 1.0 (January 2022)
['Interview the officer with responsibility for cyber risk management on board to confirm the existence of o The company procedures for cyber risk management. o The inventory/register of sensitive IT/OT systems fitted on board. o Records of approval for external local or remote access to sensitive IT/OT systems. o Contact details for technical support from the operator’s IT department or external IT contractors. o Records of cyber security training. o Cyber contingency plans in hard copy.', 'During the tour of the vessel, inspect equipment to verify physical cyber security measures were in place.
Expected Evidence', 'Company procedures for cyber risk management.', 'The inventory/register of sensitive IT/OT systems fitted onboard.', 'Records of approval for external local or remote access to sensitive IT/OT systems.', 'Cyber contingency plans in hard copy.', 'Contact details for technical support from the operator’s IT department or external IT contractors.', 'Records of cyber security training.
The inspector should not request to review any of the documents and records above considered to be confidential.
Potential Grounds for a']
The vessel operator should have developed procedures for the operation and maintenance of the fixed gas detecting systems required under the IGC Code which defined: • The required frequency of fixed gas detector sensor calibration in accordance with the manufacturer's instructions. • The required frequency of verification of the alarm and automated shut down activation point (where fitted) settings for each sensor location. • The required frequency of testing the audible and visual alarms on the bridge, in the relevant control station and at the gas detector read out station. • The required frequency of testing the automated gas safety system shut down arrangements, where fitted. • The identification of portable gas detecting equipment supplied to meet the requirements of the IGC code. • Where the vessel was utilizing portable gas detecting equipment to meet the requirements of the IGC code, the routine gas monitoring that was required to be undertaken and included: o Locations subject to routine monitoring for toxic gases. o The required frequency of routine monitoring for toxic gases. o The method of recording the gas measurements obtained. • The action to take in the circumstances that the fixed gas detection system was defective in any respect.
['gas detecting systems required under the IGC code.', 'Inspect the central control station for the fixed gas detection systems and verify that: o The fixed gas detecting systems were monitoring all sensors provided. o There were no fault alarms showing for either the systems or individual sensors. o The value shown by each sensor was normal based on the location and at mosphere being sampled. o The alarm set points for each sensor had been adjusted to the requirements of the IGC code and the company procedure. o Where a sensor was sampling from an inert atmosphere, the alarm set points had been adjusted to activate when the vapour concentration by volume reached the equivalent of 30% LFL in air. o Where the vessel could carry different grades of cargo, the individual alarm sensor set points had been adjusted to reflect the cargo being carried at the time.', "Review the calibration data available at the central control station and verify: o The individual sensors had been calibrated in accordance with the manufacturer's instructions and company procedure. o The alarm set points had been confirmed as correct. o The automatic shutdown set points, where applicable, had been confirmed as correct.", 'Sight the list of portable gas detecting equipment provided to comply with the IGC code and verify the equipment was available.', "Review the inventory of calibration gases and equipment and verify t hat sufficient materials were onboard to conduct sensor calibrations in accordance with the manufacturer's instructions.", 'Where the vessel was utilising portable gas detecting equipment to comply with the monitoring of toxic gases, verify that routine gas measurements had been taken and recorded in accordance with the company procedure.', 'If necessary, review the records of inspections, tests and maintenance carried out contained in the maintenance plan.', 'Interview the accompanying or responsible officer to verify their familiarity with the purpose and operation of the fixed gas detecting system.
The maintenance and calibration of portable gas detecting equipment required under the IGC code is dealt with in a separate question.
Expected Evidence', 'The company procedures for the operation and maintenance of the fixed gas detecting systems required under the IGC code.', 'Inspection, calibration and maintenance records for the fixed gas detection systems.', 'The list of fixed gas detector sensors and the corresponding alarm (and where appropriate, automatic shutdown) set points.', "The manufacturer's calibration instructions for the fixed gas detecting systems and sensors.", 'Where the vessel was utilising portable gas detecting equipment to comply with the IGC code, the records of routine toxic gas monitoring measurements.', 'The list of portable gas detector equipment carried to comply with the IGC code.', 'The inventory of sensor calibration gases and equipment.
Potential Grounds for a']