M500-4.1.13

The ISPS Code - purpose and application

Sign in to track progress

Why the ISPS Code Exists

The International Ship and Port Facility Security (ISPS) Code emerged from the recognition, sharpened after 9/11, that ships and ports are potential targets and vectors for terrorism, piracy, and unlawful acts. SOLAS Chapter XI-2 provides the legal hook; the ISPS Code gives the operational detail. Its fundamental principle is that security is a risk-management discipline: assess the threat, assign a level, apply proportionate measures.

Structure

The Code has two parts:

  • Part A — mandatory requirements.
  • Part B — guidance (but flag states may make elements of Part B mandatory; the MCA does).

Who It Applies To

The ISPS Code applies to ships on international voyages in the following categories: cargo ships ≥500 GT, passenger ships, mobile offshore drilling units, and high-speed craft. Yachts under 500 GT operating as private vessels on international voyages are not within the mandatory ISPS framework. However, a yacht certificated and operated as a commercial vessel may fall within flag state or port state requirements — the Red Ensign Group Yacht Code (REG YC Part A, which superseded LY3) addresses this — and any port the yacht enters may impose ISPS-driven requirements on non-ISPS vessels as a condition of entry. The Master must understand the Code whether or not the yacht holds an ISSC.

Security Levels

Three levels set the operational tempo:

  • Level 1 — normal operations; routine protective measures.
  • Level 2 — heightened threat; additional measures activated.
  • Level 3 — specific or imminent threat; exceptional measures, likely directed by the Contracting Government.

Levels are set by the Contracting Government and communicated to the ship. The Master acts on the level in force for the port being approached, not just the level the flag state has set.

The Ship Security Plan and the Master's Authority

ISSC vessels carry a Ship Security Plan (SSP), approved by the flag administration. The SSP defines measures for each security level, restricted areas, access control, declarations of security with port facilities, and crew duties. The Ship Security Officer (SSO) manages day-to-day implementation; the Company Security Officer (CSO) bridges ship and company. Critically, nothing in the ISPS Code limits the Master's overriding authority to take whatever action is necessary for the safety and security of the ship — this is explicit in SOLAS XI-2/8.

The Decision the Master Makes

On approaching a port, the Master must: confirm the security level in force, ensure the SSP measures for that level are active, have the last ten port facility interactions logged (the 'continuous synopsis' security element), and — if directed to security level 3 — comply with Contracting Government instructions while exercising overriding authority if life or ship safety is threatened.

Practice questions

recallcore

What are the three ISPS security levels and what does each indicate?

recallcore

Does a commercial yacht under 500 GT on an international voyage automatically fall within the mandatory ISPS framework?

scenariocore

You are approaching a port in a Contracting Government state that has raised its port facility to Security Level 2. Your flag state has not raised the ship's security level above Level 1. What do you do?

oralstretch

As Master, if you believed that complying with a Security Level 3 instruction from the port authority would put the ship or crew in danger, what is your position under the ISPS Code?

scenariostretch

A port state control officer boards and asks to see records of your last ten port calls for security purposes. Under what requirement does this obligation arise, and where would you find the record?

Independent preparatory study aligned to the MCA Master (Yachts less than 500 GT) oral examination syllabus. Not an MCA-approved course and confers no credit toward a Certificate of Competency.