ISPS is the amendment of SOLAS Convention on minimum security arrangements for ships, ports and government agencies. Having came into force in 2004. It was developed in response to the threats to ships and port facilities after the 9/11 attacks.

ISPS formulate responsibilities for the governments, shipping companies, shipboard personnel, & port or facility personnel

To identify security threats & take protective actions against security incidents affecting ships or port facilities used in the international trade.

Enforced on 1st July 2004, the International Ship & Port Facility Security Code has since formed the basis for a complete mandatory security management for the international shipping.

The Code is divided into two sections, Part A & Part B.

Obligatory Part A outlines details about ship & port security related requirements which SOLAS contracting governments, port authorities & shipping companies must cohere to, in order to be in accordance with the Code.

Part B of the Code provides a series of recommendatory guidelines on how to meet the requirements and obligations set out within the provisions of Part A.

The main objectives of the ISPS Code include:

  • Formation of an international organization which encourages cooperation between Contracting Governments, Government agencies, local administrations & the shipping & port industries, in assessing & detecting potential security threats to ships or port facilities used for the international trade, so as to implement preventive security measures against such threats;
  • Determining the respective roles & responsibilities of all parties concerned with safeguarding maritime security in ports & on board ships, at the national, regional and international levels;
  • To ensure that there is early & efficient collation & exchange of maritime security-related information, at national, regional and international levels;
  • To provide a method for ship & port security assessments, which facilitates the development of ship, company & port facility security plans & procedures, which must be utilised to respond to ships’ or ports’ varying security levels;
  • To ensure that adequate & proportionate maritime security measures are in place on board ships & in ports.

To realize the above objectives, SOLAS contracting governments, port authorities & shipping companies are required, under the ISPS Code, to designate appropriate security officers & personnel, on each ship, port facility & shipping company.

These security officers, designated Port Facility Security Officers (PFSOs), Ship Security Officers (SSOs) and Company Security Officers (CSOs), are charged with the duties of assessing, as well as preparing & implementing useful security plans that are able to manage any potential security threat.

IMO is capable to give support to Member states in need of assistance in implementing the Code, by way of national & regional workshops, seminars, needs assessment missions, etc.

Applicable to the Vessels:

The ISPS Code applicable on ships which are on the international voyages (including passenger ships, cargo ships of 500 GT & upwards, & mobile offshore drilling units) & the port facilities serving such ships. The Code doesn’t apply on the warships, naval auxiliaries or other ships owned or operated by the contracting government & used only on government non-commercial service.


The ISPS Code states that it is the sole responsibility of the Company Security Officer (CSO) & Company to approve the Ship Security Officer (SSO). This process should be approved by the administration of the flag state of the ship or verified security organization with approval of the Ship Security Plan or Vessel Security Plan (VSP)

Regulation XI-2/3 ensures that administrations establish security levels & guarantee the provisions of strict security level data to ships that fly their flag. Ships that are preceding to docking in port must immediately comply with all requirements for security levels that are determined by that contracting government. This also concern to the security level that is established by the Administration for that ship.

Regulation XI-2/6 makes sure that all ships are equipped with the security alarm system. The alarm system works from the ship to administration ashore with the transmitted signals that are communicated via satellite. The advanced security alarm system shall send a signal indicating ship name, location, and the security threat that the ship is undergoing. The ships alarm system may be activated from navigation bridge by the captain without alarming the crew on-board

The Regulation XI-2/8 organizes the primary role of the Sea Master, which authorizes him to maintain order & conduct decisions for the sake of the personnel & security of the ship.

Regulations XI-2/8 states that the Sea Master must not by challenged or withheld from completing his duties.

The Code is a two-part document describing minimum requirements for security of ships & ports. Part A provides mandatory requirements. Part B provides guidance for implementation. Some contracting governments have selected to also treat Part B as mandatory.

There are 19 chapters in ISPS

a. General

b. Definition

c. Application

d. Responsibilities of contacting government

e. Declaration of security

f. Obligation of company

g. Ship security

h. Ship security assessment

i. Ship security plan

j. Record

k. Company security officer

l. Ship security officer

m. Training, drill and exercise

n. Port facility security

o. Port facility security assessment

p. Port security plan

q. Port facility security officer

r. Training, drill and exercise at port

s. Verification and certification for ships

There are three levels in ISPS:

LEVEL-1 : Background level of threat that is normal operating condition on ports. Maintain minimum appropriate protective security measure at all time.

LEVEL-2 :Heightened threat but no defined target. Maintaining additional protective security measure for period of time.

LEVEL-3 : High level of threat against the specific target. Maintaining further high level of security measures for a limited period of time.

Level -1

1) Adequate deck & over side lighting.

2) Crew member should be issued photo identification.

3) Access on and off the vessel should be control and all person identify.

4) Access to certain area of vessel to be limited with key control.

5) Unused room and spaces should be kept locked.

6) Periodic inspection or patrol should be made a regular interval.

Level -2

In addition to level -1

1) Occasional search should be carried out at random interval.

2) Access of all visitors to the vessel should be strictly control.

3) Close security to be paid on deliveries & stores.

4) Baggage should not be unattended.

5) Check should make on seal on container and other cargo.

6) No person other than crew member should be allowed on bridge or engine room.

7) Maintain close liaison with shore concerned.

8) All crew should be reminded of bomb alert security of the vessel.


In addition to level 1 & 2 :

1) Limiting access to a single & controlled access.

2) Granting access only to those acknowledging to the security incident.

3) Carry out full or partial search of ship.

4) Suspending cargo handling operation.

5) Tighten security patrol of the vessel.

6) Crew members should be briefed on seriousness of the situation.


1) Navigation room

2) Radio room

3) Engine room

4) Steering room

5) Emergency generator area

6) Bow thruster

7) Fire control room

8) Crew accommodation area

9) Ventilation, air conditioning equipment room,

10) Similar key area which is essential for the safe operation of ship.

How can a second engineer help in the implementation of ISPS on board ships ?

Basically, it will depend if the second engineer is the ship security officer or not. In many companies second engineer is the designated ship security officer(SSO).

If so then the second engineer need to perform all the duties which includes

  • Regular security inspections performed on the ship
  • Implementation of the ship security plan onboard
  • Reporting any security related deficiencies on board to the company security officer(CSO).
  • Enhancing security awareness onboard & conducting security training
  • Reporting any security related incidents
  • Maintaining security equipments

What if we are talking about second engineer’s role in implementation of ISPS when he or she is not ship security officer?

Well then the area of responsibility is narrowed to only engine room but the responsibilities remains the same. Let us discuss few of these.

1. Controlling access to the Engine room

Second engineer is responsible for the security aspects in the engine room & as such he must have the control of access into the engine room. This would include that during port stays, he must ensure that there is only one access to the engine room.

2. Controlling access inside the key areas such as CO2 room

CO2 can be used as a weapon & second engineer must ensure that the access to it is controlled specially during the port stay. Normally CO2 room is locked with one key in the ECR and other in the CCR.

3. Supervising and handling engine room stores

Other key security area is ship’s stores. Second engineer should supervise receiving of the engine stores. He must check that the stores received are as per the invoice & what was ordered.

4. Citadel equipments in place

On most of the ships, ER or ECR is the designated CITADEL. If so, second engineer must ensure that CITADEL equipments are in place, are working.

Also the ration and water in the citadel is appropriate & as required.

5. Main engine and other machinary ready to deal with any security incident

And finally, the second engineer must ensure that the main engine and other ship’s machinary is maintained in good working order to deal with any security incident.

For example, fire pumps are required to give good water pressure as a deterrance for access to the ship. Main engines are required to operate at the MCR when passing high risk area.

Auxilary engines and main engine are required to withstand the load of sudden course alterations in case of a pirate attack.

All the equipments must be able to work at their optimum capacity. Maintaining all these machineries contributes towards the ISPS duties of the second engineer.