Home IMO SOLAS ISPS Code › You are here

IMO ISPS Code Section 8 - Requirements and Guidance for Ship Security Assessment (SSA) and Security Risk Analysis of Ships

isps ship security assessment

The International Maritime Organization (IMO) mandated International Ship and Port Facility Security Code (ISPS Code) is a supplement to the International Convention for the Safety of Life at Sea, 1974, as amended (SOLAS). ISPS Code intends to provide an international framework for mandatory requirements regarding the provisions of Chapter XI-2 of SOLAS.

According to Section 8 of Part A of the ISPS Code, the Ship Security Assessment (SSA) is a risk-based analysis of security hazards or threats for each ship the Company operates. It is an essential and integral part carried out before developing the Ship Security Plan (SSP). It is also a crucial component of the Ship Security Plan (SSP) development or update process.

The Company Security Officer (CSO) is responsible for SSA and, the CSO must ensure that the SSA is carried out for each ship in the company fleet by competent persons.

SSA must consider the continuing relevance of the existing security measures and procedures under routine and emergency conditions. The SSA should also address the detailing of the ship, its cargoes and crew, and the locations where it will operate apart from various security-related scenarios and responses. Once the Ship Security Assessment is ready, the Ship Security Plan (SSP) is prepared and submitted for approval and placed onboard each ship.


isps code ssa

ISPS Code - Ship Security Assessment

ISPS Code Part A Section 8 - Ship Security Assessment

Ship Security Assessment (SSA) Requirements

8 Ship Security Assessment

8.1 The ship security assessment is an essential and integral part of the process of developing and updating the ship security plan.

8.2 The company security officer shall ensure that the ship security assessment is carried out by persons with appropriate skills to evaluate the security of a ship, in accordance with this section, taking into account the guidance given in part B of this Code.

8.3 Subject to the provisions of section 9.2.1, a recognized security organization may carry out the ship security assessment of a specific ship.

8.4 The ship security assessment shall include an on-scene security survey and, at least, the following elements:

.1 identification of existing security measures, procedures and operations;

.2 identification and evaluation of key ship board operations that it is important to protect;

.3 identification of possible threats to the key ship board operations and the likelihood of their occurrence, in order to establish and prioritise security measures; and

.4 identification of weaknesses, including human factors in the infrastructure, policies and procedures.

8.5 The ship security assessment shall be documented, reviewed, accepted and retained by the Company.

ISPS Code Part B Section 8 - Ship Security Assessment

Guidance regarding Ship Security Assessment

8 Ship Security Assessment

Security assessment

8.1 The Company Security Officer (CSO) is responsible for ensuring that a Ship Security Assessment (SSA) is carried out for each of the ships in the Company’s fleet which is required to comply with the provisions of chapter XI-2 and part A of this Code for which the CSO is responsible. While the CSO need not necessarily personally undertake all the duties associated with the post, the ultimate responsibility for ensuring that they are properly performed remains with the individual CSO.

8.2 Prior to commencing the SSA, the CSO should ensure that advantage is taken of information available on the assessment of threat for the ports at which the ship will call or at which passengers embark or disembark and about the port facilities and their protective measures. The CSO should study previous reports on similar security needs. Where feasible, the CSO should meet with appropriate persons on the ship and in the port facilities to discuss the purpose and methodology of the assessment. The CSO should follow any specific guidance offered by the Contracting Governments.

8.3 A SSA should address the following elements on board or within the ship:

.1 physical security;

.2 structural integrity;

.3 personnel protection systems;

.4 procedural policies;

.5 radio and telecommunication systems, including computer systems and networks; and

.6 other areas that may, if damaged or used for illicit observation, pose a risk to persons, property, or operations on board the ship or within a port facility.

8.4 Those involved in a SSA should be able to draw upon expert assistance in relation to:

.1 knowledge of current security threats and patterns;

.2 recognition and detection of weapons, dangerous substances and devices;

.3 recognition, on a non- discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security;

.4 techniques used to circumvent security measures;

.5 methods used to cause a security incident;

.6 effects of explosives on ship’s structures and equipment;

.7 ship security;

.8 ship/port interface business practices;

.9 contingency planning, emergency preparedness and response;

.10 physical security;

.11 radio and telecommunications systems, including computer systems and networks;

.12 marine engineering; and

.13 ship and port operations.

8.5 The CSO should obtain and record the information required to conduct an assessment, including:

.1 the general layout of the ship;

.2 the location of areas which should have restricted access, such as navigation bridge, machinery spaces of category A and other control stations as defined in chapter II-2, etc.;

.3 the location and function of each actual or potential access point to the ship;

.4 changes in the tide which may have an impact on the vulnerability or security of the ship;

.5 the cargo spaces and stowage arrangements;

.6 the locations where the ship’s stores and essential maintenance equipment is stored;

.7 the locations where unaccompanied baggage is stored;

.8 the emergency and stand-by equipment available to maintain essential services;

.9 the number of ship’s personnel, any existing security duties and any existing training requirement practises of the Company;

.10 existing security and safety equipment for the protection of passengers and ship’s personnel;

8.5.11 escape and evacuation routes and assembly stations which have to be maintained to ensure the orderly and safe emergency evacuation of the ship;

.12 existing agreements with private security companies providing ship/waterside security services; and

.13 existing security measures and procedures in effect, including inspection and, control procedures, identification systems, surveillance and monitoring equipment, personnel identification documents and communication, alarms, lighting, access control and other appropriate systems.

8.6 The SSA should examine each identified point of access, including open weather decks, and evaluate its potential for use by individuals who might seek to breach security. This includes points of access available to individuals having legitimate access as well as those who seek to obtain unauthorized entry.

8.7 The SSA should consider the continuing relevance of the existing security measures and guidance, procedures and operations, under both routine and emergency conditions and should determine security guidance including:

.1 the restricted areas;

.2 the response procedures to fire or other emergency conditions;

.3 the level of supervision of the ship’s personnel, passengers, visitors, vendors, repair technicians, dock workers, etc.;

.4 the frequency and effectiveness of security patrols;

.5 the access control systems, including identification systems;

.6 the security communications systems and procedures;

.7 the security doors, barriers and lighting; and

.8 the security and surveillance equipment and systems, if any.

8.8 The SSA should consider the persons, activities, services and operations that it is important to protect. This includes:

.1 the ship’s personnel;

.2 passengers, visitors, vendors, repair technicians, port facility personnel, etc;

.3 the capacity to maintain safe navigation and emergency response;

.4 the cargo, particularly dangerous goods or hazardous substances;

.5 the ship’s stores;

.6 the ship security communication equipment and systems, if any; and

.7 the ship’s security surveillance equipment and systems, if any.

8.9 The SSA should consider all possible threats, which may include the following types of security incidents:

.1      damage to, or destruction of, the ship or of a port facility, e.g. by explosive devices, arson, sabotage or vandalism;

.2      hijacking or seizure of the ship or of persons on board;

.3      tampering with cargo, essential ship equipment or systems or ship’s stores;

.4      unauthorized access or use, including presence of stowaways;

.5      smuggling weapons or equipment, including weapons of mass destruction;

.6      use of the ship to carry those intending to cause a security incident and/or their equipment;

.7      use of the ship itself as a weapon or as a means to cause damage or destruction;

.8      attacks from seaward whilst at berth or at anchor; and

.9      attacks whilst at sea.

8.10 The SSA should take into account all possible vulnerabilities, which may include:

.1    conflicts between safety and security measures;

.2    conflicts between shipboard duties and security assignments;

.3    watch-keeping duties, number of ship’s personnel, particularly with implications on crew fatigue, alertness and performance;

.4    any identified security training deficiencies; and

.5    any security equipment and systems, including communication systems.

8.11 The CSO and SSO should always have regard to the effect that security measures may have on ship’s personnel who will remain on the ship for long periods. When developing security measures, particular consideration should be given to the convenience, comfort and personal privacy of the ship’s personnel and their ability to maintain their effectiveness over long periods.

8.12 Upon completion of the SSA, a report shall be prepared, consisting of a summary of how the assessment was conducted, a description of each vulnerability found during the assessment and a description of counter measures that could be used to address each vulnerability. The report shall be protected from unauthorized access or disclosure.

8.13 If the SSA has not been carried out by the Company, the report of the SSA should be reviewed and accepted by the CSO.

On-scene security survey

8.14 The on-scene security survey is an integral part of any SSA. The on-scene security survey should examine and evaluate existing shipboard protective measures, procedures and operations for:

.1 ensuring the performance of all ship security duties;

.2 monitoring restricted areas to ensure that only authorized persons have access;

.3 controlling access to the ship, including any identification systems;

.4 monitoring of deck areas and areas surrounding the ship;

.5 controlling the embarkation of persons and their effects (accompanied and unaccompanied baggage and ship’s personnel personal effects);

.6 supervising the handling of cargo and the delivery of ship’s stores; and

.7 ensuring that ship security communication, information, and equipment are readily available.

Disclaimer: For general information purpose only - please check IMO ISPS Code - SOLAS Convention for the latest requirements and accurate info

Ship Security Officer Online Training

UK MCA Approved SSO Training Online

The VIRSEC online course give the essential education and training to get certified as a Ship Security Officer and meets the requirements set out in the International Ship and Port Facility Security (ISPS) Code. Read more..

LAST UPDATED ON Jul 16, 2022