HZS ISPS 2006-20074.1 ISPS 4. Ship Security Assessment.

Slides:

Advertisements

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Advertisements

1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.

RISK ANALYSIS.  Almost all of the things that we do involve risk of some kind, but it can sometimes be challenging to identify risk, let alone to prepare.

MARITIME SECURITY REGULATIONS

FACILITY SAFETY: Creating a Safe and Secure Environment in the Community Health Center Presented by Steve Wilder, BA, CHSP, STS Sorensen, Wilder & Associates.

IAEA International Atomic Energy Agency. IAEA Outline Learning objectives Introduction Functions of Regulatory Body (RB) on EPR Appraisal guidance: Part.

Contractor Safety Management

Alexander Brandl ERHS 561 Emergency Response Environmental and Radiological Health Sciences.

BRC Storage & Distribution Safety and Quality Management System Training Guide

October ISPS and SMDG What is the possible impact of the ISPS code on the messages controlled by SMDG?

Safety and Health Programs

The Australian/New Zealand Standard on Risk Management

Auditing A Risk-Based Approach To Conducting A Quality Audit

Computer Security: Principles and Practice

NVIC VESSEL SECURITY PLAN OUTLINE

Top 10 Security-Related Discrepancies ///MARSEC Corporation.

Obligations of the Company

1.2.1 > ISPS Module ISPS Code Responsibilities

Responsible CarE® Employee health and Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.

Developing a Chemical Risk Management Program

WORK HEALTH AND SAFETY ACT IMPLICATIONS FOR SMALL BUSINESS

Safety and Health Programs

Actionable Process Steps and Focused Mitigation Strategies

ISPS 6. Ship Security Plan HZS ISPS

INTERTANKO ISTEC Meeting 26 – 28 March ISPS Code Areas of particular concern during Shipboard Verifications.

Network security policy: best practices

4. Quality Management System (QMS)

Workshop Summary ISPS Drills & Exercises Workshop Port Moresby 2006.

OH&S Management System

Risk Assessment – An Essential Standard

1 CHCOHS312A Follow safety procedures for direct care work.

Assets Ship in Service Training Material A-M CHAUVEL 2009.

Unit Introduction and Overview

Online Learning 1 Marine Facility Personnel with Security Responsibilities Canaport LNG

Firefighter III Introduction Mod A Identify the Firefighter III’s role as a member of the organization. (4-2.1) The role of a firefighter III.

Hazard Identification

HZS ISPS ISPS 10. Security Administration.

Occupational Health and Safety

Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Basics of OHSAS Occupational Health & Safety Management System

How to implement In Port Facility

ISO 9001:2000 QUALITY MANAGEMENT SYSTEM REQUIREMENTS

Unit 8:COOP Plan and Procedures  Explain purpose of a COOP plan  Propose an outline for a COOP plan  Identify procedures that can effectively support.

Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.

IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

Port Security Safeguarding ISPS Drills & Exercises Workshop

OSHA Office of Training and Education1 Safety and Health Programs.

ASSURANCE PINNACOL ASSURANCE Wants you to know about : EMERGENCY/DISASTER PREPAREDNESS.

A European campaign on Risk Assessment Common errors in Risk Assessment.

Alaa Mubaied Risk Management Alaa Mubaied

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

1 Commissioned by PAMSA and German Technical Co-Operation National Certificate in Paper & Pulp Manufacturing NQF Level 4 Perform physical and chemical.

THE COUNTY OF YUBA OFFICE OF EMERGENCY SERVICES The Disaster Mitigation Act of 2000.

NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.

The Risk Management Process

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

How to prepare Report for Ship Security Assessment December 2003 December 2003 ClassNK.

Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 16 – IT Security.

IIPP An Overview of the Injury and Illness Prevention Program.

Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.

By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Essential Requirements of Pool Management Companies

OH&S Management System

OH&S Management System

Top 10 Security-Related Discrepancies

Presentation transcript:

HZS ISPS ISPS 4. Ship Security Assessment

HZS ISPS Ship Security Assessment I.Risk Assessment Methodology II.Assessment Tools III.On-scene security surveys IV.Practical steps to conduct a SSA V.Security assessment documentation

HZS ISPS I. Risk Assessment Methodology What is SSA: It is a process that identifies weaknesses in physical structures, personnel protection systems, processes, or other areas that may lead to a security breach, and may suggest options to eliminate or mitigate those weaknesses. Objective: Detect threats to critical assets of the company and define preventive measures against security incidents affecting the company and the ships in order to prioritise security measures.

HZS ISPS I. Risk Assessment Methodology Must be carried out by: Persons With Appropriate Skills To Evaluate The Security of A Ship (see next) Under supervision of / assigned by: Company Security Officer And this: In Accordance With Part A Of The Code, Taking Into Account Part B Of The Code.

HZS ISPS I. Risk Assessment Methodology Persons With Appropriate Skills Remark by Classification Company: We understand the CSO should decide who has the appropriate skills although the Code does not stipulate specifically who will evaluate the appropriate skills. We also understand persons to carry out SSA may draw upon expert assistance as in Code B/8.4 in addition to his own skills. The specific ways to draw upon expert assistance are considered to be security consultant, literature, internet web site, services delivered by and various information issued by each country. We advise to make a list of those assistance methods to use for carrying out SSA.

HZS ISPS I. Risk Assessment Methodology 3 Key steps: 1.Identify the key ship board operations important to protect. RISK ASSESSMENT 2.Identify the possible threats to the ship and their probability of occurrence against the requirements of the ISPS Code. THREAT ASSESSMENT 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology What is “ RISK ” & for “ What ” ? Estimated impact X = Estimated likelihood Risk Lives Property Societal disruption Image Money 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology Sequence of activities: Define the system being studied Identify the hazards associated with that system Assess the likelihood of the hazards occurring Identify how each hazard might progress to various outcomes 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology Sequence of activities (cont’d): Assess the likelihood of progression to each outcome Asses the consequences associated with each outcome Multiply likelihood and consequence to obtain the risk associated with each outcome Sum the risks associated with the outcomes to produce an overall risk 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology The Threats according to the ISPS Code are:  Damage to, or destruction of, the port facility or of the ship (by explosive devices, arson, sabotage, vandalism)  Hijacking or seizure of the ship or the persons on board  Tampering with cargo, essential ship equipment or systems or ship’s stores  Attacks whilst at sea or from seaward at berth or at anchor 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology Threats according to the ISPS Code are: (Cont.) Unauthorized access or use including the presence of stowaways Smuggling weapons or equipment Use of the ship to carry those intending to cause a security incident and their equipment Use of the ship itself as a weapon or as means to cause damage or destruction Blockage of port entrances, locks, approaches, etc. Nuclear, biological and chemical attack 1.Risk Assessment 2.Threat Assessment

HZS ISPS Security Objects according to the ISPS Code are: The port ’ s infrastructure, especially the port ’ s accesses, entrances, approaches, etc The port ’ s facilities The port ’ s employees / the employees of the port ’ s companies The cargo present at the port The port ’ s environment (surrounding areas, air, water) The ships (and the passengers) in the port The IT systems 1.Risk Assessment 2.Threat Assessment I. Risk Assessment Methodology

HZS ISPS I. Risk Assessment Methodology Items to be protected include: The ship’s personnel Passengers, visitors, vendors, repair technicians, port facility personnel etc. The capacity to maintain safe navigation and emergency response The cargo, particularly dangerous goods or hazardous supstances Ship’s stores 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology Items to be protected include: (Cont.) Any ship security communication equipment and systems Any ship’s security surveillance equipment and systems 1.Risk Assessment 2.Threat Assessment

HZS ISPS I. Risk Assessment Methodology Items to be taken into account that could create vulnerabilities: Conflicts between safety and security measures Conflicts between shipboars duties and security assignments Watchkeeping duties, number of ship’s personnell, and any implications to crew fatigue, alertness and performance Any identified security training dificiencies Any security equipment and systems, including communication systems 1.Risk Assessment 2.Threat Assessment

HZS ISPS Ship Security Assessment I.Risk Assessment Methodology II.Assessment Tools III.On-scene security surveys IV.Practical steps to conduct a SSA V.Security assessment documentation

HZS ISPS II. Assessment Tools The Ship Security Officer must use systematic and consistent approaches to evaluate the security conditions and vulnerabilities. The operational aspects will be the main focus. A checklist can/will be used and must include items like:

HZS ISPS II. Assessment Tools Minimum Checklist items: General layout of the ship Location of areas that should have restricted access, such as the bridge, engine room, radio room etc. Location and function of each or potential access point to the ship Open deck arrangements including the height of the deck above water Emergency and stand-by equipment available to maintain essential services

HZS ISPS II. Assessment Tools Minimum Checklist items: (Cont.) Numerical strength, reliability, and security duties of the ship’s crew Existing security and safety equipment for protecting the passengers and crew Existing agreements with private companies for providing ship an waterside security services Existing protective measures and procedures in practice, uncluding inspection, control and monitoring equipment, personnel identification documents and communication, alarm, lighting, access control and other appropriate systems

HZS ISPS Ship Security Assessment I.Risk Assessment Methodology II.Assessment Tools III.On-scene security surveys IV.Practical steps to conduct a SSA V.Security assessment documentation

HZS ISPS III. On-scene security surveys The on-scene security survey is an integral part of any SSA. A SSA is not complete without an on- scene security survey. A company can use 1 assessment for different ships but the survey is unique for every vessel.

HZS ISPS The survey should fulfill the following functions: Identification of existing security measures, procedures and operations Identification and evaluation of key shipboard operations that it is important to protect Identification of possible threats to the key shipboard operations and the likelihood of their occurrence, in order to establish and prioritize security measures Identification of weaknesses, including human factors in the infrastructure, policies and procedures III. On-scene security surveys

HZS ISPS III. On-scene security surveys Min. items to be examined by On-scene security survey: Ensuring the performance of all ship security duties Monitoring restricted areas to endure that only authorized persons have access Controlling access to the ship, including any identification systems Monitoring of deck areas and areas surrounding the ship

HZS ISPS III. On-scene security surveys Min. items to be examined by On-scene security survey: (Cont.) Controlling the embarkation of persons and their effects (accompanied and unaccompanied baggage and ship’s personnel personal effects) Supervising the handling of cargo and the delivery of ship’s stores Ensuring that ship security communication, information, and equipment are readily available

HZS ISPS III. On-scene security surveys Threats... May imply risks for... Security Objects. Preventive Measures Detective Measures Corrective Measures

HZS ISPS Ship Security Assessment I.Risk Assessment Methodology II.Assessment Tools III.On-scene security surveys IV.Practical steps to conduct a SSA V.Security assessment documentation

HZS ISPS Overall steps to produce a SSA IV. Practical steps to conduct a SSA

HZS ISPS IV. Practical steps to conduct a SSA Step 1: Obtain and record the following information required to conduct an assessment: 1.Ship and company documentation as detailed in section 1 (should contribute to the threat evaluation phase) 2.Record and document the following in detail a)Authorised access points as detailed in section 4 b)Restricted areas as detailed within section 5 c)Escape and evacuation routes as detailed in section 6 d)Existing security equipment/systems as detailed in section 7

HZS ISPS A copy of the ships general arrangement plan annotated with: a)Authorised access points as detailed in section 4 b)Restricted areas as detailed within section 5 c)Escape and evacuation routes as detailed in section 6 d)Existing security equipment/systems as detailed in section 7 This gathered information will be used in the following steps. IV. Practical steps to conduct a SSA

HZS ISPS Step 2: Conduct and document a detailed threat evaluation and risk assessment for the ship as detailed in section 8. Assess for any weaknesses, note them and address them in the on-scene security survey. Keep a copy of this documentation and add them to the final SSA. IV. Practical steps to conduct a SSA

HZS ISPS IV. Practical steps to conduct a SSA Step 3: Conduct the on-scene security survey during which all previous information gathered must be confirmed and any weaknesses identified as detailed in section 9. Keep a copy of this survey in the final SSA

HZS ISPS IV. Practical steps to conduct a SSA Step 4: If any ammendments are to be made to one of the previous documents, due to the making of the security survey, it must be done at this point. All additions and ammendments must be documented and copied in the ship security plan. They must also be retained in the SSA.

HZS ISPS IV. Practical steps to conduct a SSA Step 5: Present the SSA to the company for review and acceptance. The SSP will be finalised with the SSA. Step 6: The SSP, accompanied with the assessment, is put forward for approval by the Administration or Recognised Security Organisation (RSO)

HZS ISPS IV. Practical steps to conduct a SSA Practical steps for the mitigation of different threats/ scenario’s:  Step 1: Scenario Selection  Step 2: Evaluate/score the scenario in terms of potential consequences  Step 3: Evaluate/score the scenario in terms of ship’s vulnerability  Step 4: Determine if the scenario requires a mitigation strategy  Step 5: Implement mitigation strategy

HZS ISPS Potential Threat Scenario’s IV. Practical steps to conduct a SSA

HZS ISPS Step 1: Scenario Selection IV. Practical steps to conduct a SSA

HZS ISPS Step 2: Evaluate, score the scenario in terms of potential consequences IV. Practical steps to conduct a SSA

HZS ISPS Step 3: Evaluate, score the scenario in terms of ship’s vulnerability IV. Practical steps to conduct a SSA

HZS ISPS Step 4: Determine if the scenario requires a mitigation strategy IV. Practical steps to conduct a SSA

HZS ISPS Step 5: Implement mitigation strategy IV. Practical steps to conduct a SSA

HZS ISPS IV. Practical steps to conduct a SSA Exercise: Restricted Area’s  Sum up the restricted area’s o/b  Read & Comment

HZS ISPS Ship Security Assessment I.Risk Assessment Methodology II.Assessment Tools III.On-scene security surveys IV.Practical steps to conduct a SSA V.Security assessment documentation

HZS ISPS V. Security assessment documentation After completion of the SSA a report must be prepared, consisting of a summary of how the assessment was cinducted, a description of each vernerability found during the assessment, and a description of counter measures thet could be used to address each vulnerability. This report must be protected from unautherized access or disclosure.