15 Port facility security assessment
Clasification Society 2024 - Version 9.40
Statutory Documents - IMO Publications and Documents - International Codes - ISPS Code - International Code for the Security of Ships and of Port Facilities - Annex - International Code for the Security of Ships and of Port Facilities - Part B - Guidance regarding the provisions of chapter XI-2 of the Annex to the International Convention for the Safety of Life at Sea, 1974 as amended and part A of this Code - 15 Port facility security assessment

15 Port facility security assessment

  General

  15.1 The port facility security assessment (PFSA) may be conducted by a recognized security organization (RSO). However, approval of a completed PFSA should only be given by the relevant Contracting Government.

  15.2 If a Contracting Government uses a RSO, to review or verify compliance of the PFSA, the RSO should not be associated with any other RSO that prepared or assisted in the preparation of that assessment.

  15.3 A PFSA should address the following elements within a port facility:

  • .1 physical security;

  • .2 structural integrity;

  • .3 personnel protection systems;

  • .4 procedural policies;

  • .5 radio and telecommunication systems, including computer systems and networks;

  • .6 relevant transportation infrastructure;

  • .7 utilities; and

  • .8 other areas that may, if damaged or used for illicit observation, pose a risk to persons, property, or operations within the port facility.

  15.4 Those involved in a PFSA should be able to draw upon expert assistance in relation to:

  • .1 knowledge of current security threats and patterns;

  • .2 recognition and detection of weapons, dangerous substances and devices;

  • .3 recognition, on a non-discriminatory basis, of characteristics and behavioural patterns of persons who are likely to threaten security;

  • .4 techniques used to circumvent security measures;

  • .5 methods used to cause a security incident; .6 effects of explosives on structures and port facility services;

  • .6 effects of explosives on structures and port facility services;

  • .7 port facility security;

  • .8 port business practices;

  • .9 contingency planning, emergency preparedness and response;

  • .10 physical security measures e.g. fences;

  • .11 radio and telecommunications systems, including computer systems and networks;

  • .12 transport and civil engineering; and

  • .13 ship and port operations.

  Identification and evaluation of important assets and infrastructure it is important to protect

  15.5 The identification and evaluation of important assets and infrastructure is a process through which the relative importance of structures and installations to the functioning of the port facility can be established. This identification and evaluation process is important because it provides a basis for focusing mitigation strategies on those assets and structures which it is more important to protect from a security incident. This process should take into account potential loss of life, the economic significance of the port, symbolic value, and the presence of Government installations.

  15.6 Identification and evaluation of assets and infrastructure should be used to prioritise their relative importance for protection. The primary concern should be avoidance of death or injury. It is also important to consider whether the port facility, structure or installation can continue to function without the asset, and the extent to which rapid re-establishment of normal functioning is possible.

  15.7 Assets and infrastructure that should be considered important to protect may include:

  • .1 accesses, entrances, approaches, and anchorages, manoeuvring and berthing areas;

  • .2 cargo facilities, terminals, storage areas, and cargo handling equipment;

  • .3 systems such as electrical distribution systems, radio and telecommunication systems and computer systems and networks;

  • .4 port vessel traffic management systems and aids to navigation;

  • .5 power plants, cargo transfer piping, and water supplies;

  • .6 bridges, railways, roads;

  • .7 port service vessels, including pilot boats, tugs, lighters etc;

  • .8 security and surveillance equipment and systems; and

  • .9 the waters adjacent to the port facility.

  15.8 The clear identification of assets and infrastructure is essential to the evaluation of the port facility's security requirements, the prioritisation of protective measures, and decisions concerning the allocation of resources to better protect the port facility. The process may involve consultation with the relevant authorities relating to structures adjacent to the port facility which could cause damage within the facility or be used for the purpose of causing damage tothe facility or for illicit observation of the facility or for diverting attention.

  Identification of the possible threats to the assets and infrastructure and the likelihood of their occurrence, in order to establish and prioritise security measures

  15.9 Possible acts that could threaten the security of assets and infrastructure, and the methods of carrying out those acts, should be identified to evaluate the vulnerability of a given asset or location to a security incident, and to establish and prioritise security requirements to enable planning and resource allocations. Identification and evaluation of each potential act and its method should be based on various factors, including threat assessments by Government agencies. By identifying and assessing threats, those conducting the assessment do not have to rely on worst-case scenarios to guide planning and resource allocations.

  15.10 The PFSA should include an assessment undertaken in consultation with the relevant national security organizations to determine:

  • .1 any particular aspects of the port facility, including the vessel traffic using the facility, which make it likely to be the target of an attack;

  • .2 the likely consequences in terms of loss of life, damage to property, economic disruption, including disruption to transport systems, of an attack on, or at, the port facility;

  • .3 the capability and intent of those likely to mount such an attack; and

  • .4 the possible type, or types, of attack,

producing an overall assessment of the level of risk against which security measures have to be developed.

  15.11 The PFSA should consider all possible threats, which may include the following types of security incidents:

  • .1 damage to, or destruction of, the port facility or of the ship, e.g. by explosive devices, arson, sabotage or vandalism

  • .2 hijacking or seizure of the ship or of persons on board;

  • .3 tampering with cargo, essential ship equipment or systems or ship's stores;

  • .4 unauthorized access or use including presence of stowaways;

  • .5 smuggling weapons or equipment, including weapons of mass destruction;

  • .6 use of the ship to carry those intending to cause a security incident and their equipment;

  • .7 use of the ship itself as a weapon or as a means to cause damage or destruction;

  • .8 blockage; of port entrances, locks, approaches etc; and

  • .9 nuclear, biological and chemical attack.

  15.12 The process should involve consultation with the relevant authorities relating to structures adjacent to the port facility which could cause damage within the facility or be used for the purpose of causing damage to the facility or for illicit observation of the facility or for diverting attention.

  Identification, selection, and prioritisation of countermeasures and procedural changes and their level of effectiveness in reducing vulnerability

  15.13 The identification and prioritisation of countermeasures is designed to ensure that the most effective security measures are employed to reduce the vulnerability of a port facility or ship/port interface to the possible threats.

  15.14 Security measures should be selected on the basis of factors such as whether they reduce the probability of an attack and should be evaluated using information that includes:

  • .1 security surveys, inspections and audits;

  • .2 consultation with port facility owners and operators, and owners/operators of adjacent structures if appropriate;

  • .3 historical information on security incidents; and

  • .4 operations within the port facility.

  Identification of vulnerabilities

  15.15 Identification of vulnerabilities in physical structures, personnel protection systems, processes, or other areas that may lead to a security incident can be used to establish options to eliminate or mitigate those vulnerabilities. For example, an analysis might reveal vulnerabilities in a port facility's security systems or unprotected infrastructure such as water supplies, bridges etc that could be resolved through physical measures, e.g. permanent barriers, alarms, surveillance equipment etc.

  15.16 Identification of vulnerabilities should include consideration of:

  • .1 water-side and shore-side access to the port facility and ships berthing at the facility;

  • .2 structural integrity of the piers, facilities, and associated structures;

  • .3 existing security measures and procedures, including identification systems;

  • .4 existing security measures and procedures relating to port services and utilities;

  • .5 measures to protect radio and telecommunication equipment, port services and utilities, including computer systems and networks;

  • .6 adjacent areas that may be exploited during, or for, an attack;

  • .7 existing agreements with private security companies providing water–side/shore- side security services;

  • .8 any conflicting policies between safety and security measures and procedures;

  • .9 any conflicting port facility and security duty assignments;

  • .10 any enforcement and personnel constraints;

  • .11 any deficiencies identified during training and drills; and

  • .12 any deficiencies identified during daily operation, following incidents or alerts, the report of security concerns, the exercise of control measures, audits etc.

Parent topic: Part B - Guidance regarding the provisions of chapter XI-2 of the Annex to the International Convention for the Safety of Life at Sea, 1974 as amended and part A of this Code
Copyright 2022 Clasifications Register Group Limited, International Maritime Organization, International Labour Organization or Maritime and Coastguard Agency. All rights reserved. Clasifications Register Group Limited, its affiliates and subsidiaries and their respective officers, employees or agents are, individually and collectively, referred to in this clause as 'Clasifications Register'. Clasifications Register assumes no responsibility and shall not be liable to any person for any loss, damage or expense caused by reliance on the information or advice in this document or howsoever provided, unless that person has signed a contract with the relevant Clasifications Register entity for the provision of this information or advice and in that case any responsibility or liability is exclusively on the terms and conditions set out in that contract.