MODEL SHIP SECURITY PLAN GUIDANCE TO

ACCOMPANY THE SECURITY PLAN TEMPLATE

Ship Security Plan and Consulting
<Company X>

P.O. Box 247 Cebu City, Cebu, Philippines6000

Tel: 63-999-336-2000 www.seatek-export.com
Reviewed Date : 15 April 2012
Reviewed By : GISSPI
Office Phone : +63-999-336-2000
Business Cell Phone: +63-999-336-2000
Version: 2

Distribution

1- Ship
Security Plan Guidance
 Name Company Phone Approvals
Signature
SEA

Carl Leo SEATEK +639993362000

Cesar De La Pena GISSPI +639285596878
Dr. Mohktar Fatah Shipping Security Advisor +971503261832

2- Ship
Security Plan Guidance
Introduction
In response to the growing threat of terrorism, the International Maritime Organization (IMO) has adopted
new security measures and procedures for ships and port facilities. Among the new security initiatives, each
ship will have to develop a comprehensive Ship Security Plan. Fixed and floating platforms are not covered
by this template and instruction as the security needs for these marine facilities and the implementation of
their plans will be very different from that of seagoing ships and ships that are engaged in international
trade.

To help ship owners and operators implement the new security requirements, the Commonwealth of
Philippines Maritime Registry (DMRI) developed this Ship Security Plan Template. The template offers step-
by-step directions, based on guidance from the IMO, to develop a Ship Security Plan.

Every ship security plan must describe actions the crew will take to:

• Prevent terrorist or criminal activities happening on board or to the ship,

• Identify the potential for criminal or terrorist activities happening on board or to the ship,
• Deter terrorist or criminal activities, and
• React when terrorist or criminal activities are encountered.

By answering a series of questions in the following guides and completing the template that follows, users
will be able to conduct a survey to assess ship security, determine vulnerabilities, and develop specific
recommendations to improve security and mitigate risks. This book also includes guidance to develop a
threat assessment and to continue to evaluate security at sea and in ports. Some of print in the template
will be in green. This green print will include further guidance and instruction for the user.

The following guides were developed to assist the Company Security Officer in developing a Ship
Security Plan for each of the ships for which he is responsible:

• Guide 1 Developing Threat Assessments,

• Guide 2 Ship Security Assessment (Survey)
• Guide 3 How to Identify and Mitigate Security Vulnerabilities, and
• Guide 4 Establishing Protective Measures
• Guide 5 Performing Verification Security Assessments

The end product of the ship survey and security assessment is a Ship Security Plan. The plan includes a
decision trees for Company and Ship Security Officers to determine when it is advisable to elevate Security
Levels or readiness conditions in response to a threat(s).

Users of the Security Plan Template will be able to answer questions and supply information on specific
issues, required to generate a complete Ship Security Plan. The template greatly facilitates the
development of threat assessments between each port-to-port call, allowing Ship Security Officers to best
respond to potential threats, from piracy attacks to terrorist stowaways.

By understanding threats, knowing a ship’s vulnerabilities, and implementing appropriate security measures
and procedures, Company and Ship Security Officers can reduce security risks and safeguard the ship,
crew, and cargo.
The company security Officer should keep the list of who was issued a copy of each security plan. To assist
him in this effort, we have attached Appendix A titled Distribution of Security Plans a Controlled Document.
One of these should be completed for each vessel.

3- Ship
Security Plan Guidance
 TABLE OF CONTENTS

Introduction..................................................................................................................................................3
2. Definitions................................................................................................................................................5
Guide 1: Developing Threat Assessments....................................................................................................7
1 Introduction....................................................................................................................................7
2 Threats to Ships.............................................................................................................................7
3 Threat Assessment Criteria............................................................................................................8
4 Worksheet....................................................................................................................................10
5 Threat Assessment.......................................................................................................................11
Guide 2: Ship Initial Security Assessment (Survey).....................................................................................12
1 Survey: Introduction....................................................................................................................12
3 On-scene Security Survey...........................................................................................................13
5 Ship Access Control....................................................................................................................14
5.1 Ship Interior..........................................................................................................................14
5.2 Identification Systems..........................................................................................................15
6 Restricted Areas..........................................................................................................................18
7 Security Alarm, Surveillance and Communications Systems..................................................19
8 Emergency Plans and Equipment................................................................................................21
Guide 3: How to Identify and Mitigate Security Vulnerabilities.....................................................................22
1 Introduction................................................................................................................................22
2 Security Observations & Recommendations............................................................................22
2.1 Deck and ship side Lighting................................................................................................22
2.2. Interior Ship Access Control...............................................................................................23
2.3 Identification Systems.........................................................................................................23
2.4 Key Control........................................................................................................................24
2.5. Restricted Areas...................................................................................................................24
2.6 Security Alarm, Surveillance, and Communications Systems............................................25
2.7 Emergency Plans and Equipment.........................................................................................25
Guide 4: Guidance for Establishing Protective Measures............................................................................27
1 Introduction.................................................................................................................................27
2 Ensuring the performance of all vessel security duties:.............................................................27
3 Monitoring Restricted areas to ensure that only authorized persons have access......................28
4 Controlling Access to the Ship...................................................................................................29
5 Monitoring deck areas and areas surrounding the ship...............................................................30
6 Controlling the embarkation of persons and their effects...........................................................31
7 Controlling the embarkation of persons and their effects...........................................................32
8 Ensuring that port-specific security communication is readily available...................................33
Guide 5: Developing Final Security Assessment........................................................................................34
1 Introduction.................................................................................................................................34
2 Risk Based Security Assessment Simplified..............................................................................34
2.1 Potential Threats...................................................................................................................34
......................................................................................................................................................34
Table 1: Notional List of Scenarios................................................................................................35
Typical Types of Scenarios............................................................................................................35

4- Ship
Security Plan Guidance
 2.2 Consequence assessment......................................................................................................35
Table 2: Consequence Score......................................................................................................36
2.3 Vulnerability Assessment.....................................................................................................36
2.4 Mitigation............................................................................................................................37
Table 5
.....................................................................................................................................................38
2.5 Implementation Methods.....................................................................................................38
Table 6........................................................................................................................................39
Appendix A: Distribution List Of Security Plans ..........................................................................................41
A Controlled Document...............................................................................................................................41

2. Definitions

Bulk carrier – Single-deck ships designed to transport dry cargo, such as grain or coal. See SOLAS
regulation IX/1.6.

Chemical tanker – A tanker constructed or adapted and used for the carriage in bulk of any liquid
product. Chemical tankers usually have large numbers of very small capacity tanks. See SOLAS
regulation IX/1.6.

Company Security Officer (CSO) – A security expert designated by the ship’s company to develop
and maintain a Ship Security Plan and coordinate security measures and procedures with Port Facility
Security Officers to protect ships, crew, passengers, and cargo.

Declaration of Security – A written record of understanding(s) between a Ship Security Officer and a
Port Facility Security Officer to indicate security measures implemented to respond to a designated
security level.

Designated Authority –An organization(s) or administration(s) identified by or within the Contracting

Government as responsible for the implementation of the security measures and procedures.

Gas carrier – A tanker constructed or adapted and used for the carriage in bulk of any liquefied gas or
other substance of a flammable nature. See definition in SOLAS regulation VII/8.2.

High-speed Craft – A craft capable of traveling at high speeds as defined in SOLAS regulation X/1.2.

Oil Tanker – A tanker carrying crude oil, fuel oil, heavy diesel oil or lubricating oil as cargo. See
definition in SOLAS regulation II-1/2.12.

Port Facility Security Plan – A plan to ensure the application of measures designed to protect the
port facility and ships, their cargoes and persons on board from the risks of a security accident.

Recognized Security Organization – An organization with expertise in security and anti-terrorism

matters, which is recognized by the Administration or the designated authority and authorized by it to
conduct survey, assessment, verification, and certification activities, as required by IMO regulations.

Security Incident – Any act threatening the security of a ship or a port facility.

5- Ship
Security Plan Guidance
Security Level – A description of the degree of risk associated with the threat of an unlawful act
against a ship or port.

Non-specific Threat – A threat based on a high probability or likelihood that an attack or incident may
occur in a particular area (e.g., an attack has occurred in the recent past in the area and there is a
likelihood of a future attack or a government has issued a warning about possible attacks in the
region).

Piracy – Any illegal acts of violence, detention, or depredation committed for private ends on the high
seas against another ship or against persons or property on board the ship. Piracy occurs outside the
jurisdiction of any state.

Port Facility – A separate location within a port at which commercial maritime activities occur.

Port Facility Security Officer (PFSO) – The person appointed as responsible for the development,
implementation, revision, and maintenance of the Port Facility Security Plan and for liaison with the
ship security officers and company security officers.

Port Facility Security Survey – A survey that examines the strengths and weaknesses of security
systems and procedures at a port facility.
Security Readiness Conditions – Security Levels or operating procedures that are modified to help a
ship and crew respond to variations in threats.

Ship Security Assessment – includes a Ship security survey, threat assessment, and vulnerability
assessment.

Ship Security Officer (SSO) – A person on board the Ship accountable to the master for the security
of the Ship, including the implementation and maintenance of the Ship Security Plan and for liaison
with the Company Security Officer and the Port Facility Security Officer.

Ship Security Plan – A plan developed to ensure the application of security measures on board a
Ship. The plan provides measures and procedures to protect persons, cargo, and the ship from the
risks of a security incident.

Ship Security Survey – A Security Survey is an evaluation of the Ship’s security systems, measures,
and procedures. The survey allows the SSO to determine potential strengths and weaknesses in
security and a ship’s ability to counter potential threats at port, anchor, and sea.

Specific Threat – A threat in which specific information is available about a pending/potential attack in
a specific region/location.

Threat Assessment – The process of identifying and analyzing credible threats of danger, damage, or
loss to a ship, its crew, and cargo.

Vulnerability Assessment – An examination of potential shortfalls in the ship’s existing security

systems and procedures.

6- Ship
Security Plan Guidance
Guide 1: Developing Threat Assessments

1 Introduction

Company Security Officer are required to assess the potential threats to their ships, determine the
level of risk, and set the Security Level (readiness condition) to provide guidance for protection from
security incidents.

Threats will vary during transit between ports. The Ship Security Officer (SSO) is required to provide
advice on the level of threats likely to be encountered by a Ship, using appropriate security
assessments and other relevant information.

Below is information on potential threats, threat assessment criteria, and a worksheet to assess
potential threats.

2 Threats to Ships

There is a wide range of potential threats to a ship. Threats to a ship can quickly change. A ship’s
location, the time of day, and international events can dramatically alter the threat to a ship. As a
consequence, it is critical for the SSO to regularly monitor events to determine potential threats in the
path of the ship as it travels to its next destination. Following is information on potential threats to a
ship:

 Piracy and Armed Attacks – Raiders pose a serious threat to ships in many parts of the
world. Most attacks occur while in port. While at sea, ships are most vulnerable when
passing close to land or when transiting narrow channels. Almost any item of value on a
ship may be of interest to robbers. Pirate attacks are often organized by crime syndicates.
In nearly a third of reported cases, there is reported violence or a threat of violence to the
crew.

 Terrorism – Historically few ships have been attacked by terrorists. One of the most
notable incidents occurred in 1985 when terrorists took control of a cruise ship and held the
passengers hostage to secure the release of terrorists in prison. In October 2002, the oil
tanker Limburg was attacked by terrorists. Terrorists are targeting ships and they are
becoming increasingly violent. Authorities are concerned that a ship could be used as a
weapon; an explosive device in the cargo area could be detonated while in port. Terrorists
may seek to use a ship to smuggle weapons or mount an attack using chemical, biological,
radiological, or nuclear materials (weapons of mass destruction). Terrorists may attempt to
use cargo containers to smuggle personnel to another country.

 Cargo Tampering – Billions of dollars in high-value cargo, such as furs, alcohol, and
electronics, is stolen annually while ships are in port. Crewmembers have also been known
to steal items from cargo containers, ship’s stores, and equipment or to assist thieves.

7- Ship
Security Plan Guidance
  Drug/Weapons Smuggling – A small fraction of internationally shipped containers are
inspected. As there is a minimal risk of detection, smugglers can potentially conceal illegal
drugs/weapons in cargo containers. The ships at greatest risk for this type of criminal
activity are container ships transporting cargo to or from areas of civil unrest and known
drug producing nations.

 Stowaways, Refugees, and Asylum Seekers – Stowaways present an ongoing problem

and liability for the maritime industry. Most incidents involve bribery to smuggle people on
board. International laws and conventions provide guidelines and responsibilities for
handling stowaways, refugees, and asylum seekers.

 Sabotage – While cargos have been destroyed and/or ships sunk to collect insurance, the
number of reported cases in the maritime industry is small.

 Environmental and Political Extremists – Actions taken by extremist environmental

groups can threaten the safety of a ship and its crew. Such extremists have been known to
chain themselves to a ship to impede a ship’s passage. The threat is largely dependant on
the type of cargo a ship carries and the nature of its trade (i.e., heavy oils, forest products,
petroleum, whaling, etc.)

 Natural Disasters – Natural disasters have always posed serious threats to ships at sea
and in port. All ships should have crisis management plans to deal with such emergencies.

 Collateral Damage – An explosion or terrorist attack could cause collateral damage to a

nearby ship in port. Additionally, petrochemical plants and terminals are located in harbors,
and if a plant were targeted, a cloud of toxic gas could threaten the lives of crewmembers.

 Labor Strife – Labor groups protesting in port can disrupt operations. Often additional
security measures are warranted to protect crewmembers and prevent unauthorized access
to a ship.

 Labor Unrest – A host of crew complaints, including excessively long shifts, poor
food/water, cramped and dirty conditions, and failing to pay wages have precipitated
protests by crewmembers. In some cases, they have walked off ships, while others have
held a ship hostage until their demands are met.

 Crew Violence – Crew violence is best deterred through continued vigilance by the Master
and officers.

 Mutiny – Crews can threaten to mutiny as a last resort when their complaints about
financial, working and living conditions are not remedied by the ship’s officers or operators.
Most reported mutinies, although rare in recent times, involve fishing boats with small
crews.

3 Threat Assessment Criteria

Issues to consider when developing a threat assessment are:

8- Ship
Security Plan Guidance
  Location – A ship’s location can be important in determining a potential threat. For instance,
ships are most vulnerable to attack by pirates at sea when near land and when sailing through
narrow channels where speed and maneuverability may be restricted. Government/general
warnings are announced for specific countries or regions of high pirate activity.

 Ship Owner’s Nationality – Nationality of the ship’s owners, and operators may increase the
profile of the ship as a target, to terrorists.

 Crew

• Nationality of the crew may increase the profile of the ship as a target, to terrorists.
• Nationality of the crew should be also considered when evaluating potential internal
threats.

 Neighboring ship’s Nationality - should be considered as certain flags, for one reason or
another, will be more likely to harbor terrorists or support other criminal activities.

 Time of day – Ships are most vulnerable undercover of darkness when there is inadequate
light to detect or protect against an unauthorized boarding at sea, while moored, or at anchor.

 Type of ship – General Cargo Ships, Reefers, Bulk Carriers Container Ships, Ro.Ros are
more vulnerable to theft and drug smuggling than other types of ships. If terrorists are seeking
to smuggle weapons into a country, they may choose a low profile cargo ship. But if terrorists
want to block a channel, a larger ship like a bulk/ore carrier may be targeted. If terrorists are
seeking to use a ship as a weapon, they may seek to gain control of a ship transporting
hazardous materials.

9- Ship
Security Plan Guidance
4 Worksheet

Contracting Governments are responsible for assessing threats at ports and setting the Security Level.
For best practices, a Ship Security Officer may independently assess the quality of the security
measures at port using this worksheet.

The worksheet also provides a tool to assess potential threats for each port-to-port segment of a ship’s
itinerary. Information about potential threats is available from a variety of sources. These include port
authorities, Captains of the Port, Port Security Officers, local law enforcement officers, and local
consular or diplomatic representatives. A variety of government, industry, and international business
organizations offer information on potential threats. Data is also available from Internet sites on piracy
and other threats.

Below are potential threats ships can face while at sea or while in port. Check the appropriate box if:

1) a current warning has been issued by a government official or organization about the threat;
2) a previous official warning was issued; and/or
3) there have been previous reported incidents.

Threats Current Warning Previous Warning Reported Incidents

Criminal Activity
Piracy and armed attacks
Terrorism
Theft
Drug/weapons smuggling
Stowaways, refuges, &
asylum seekers

Sabotage
Environmental Extremists
Natural Disasters
Labor Unrest
Collateral Damage
Crew Violence
Mutiny

10- Ship
Security Plan Guidance
5 Threat Assessment

Based on intelligence gathered from official sources and the information above, make a determination
whether a potential threat meets either of the following definitions:

 Non-specific threat – An attack(s) has occurred in the recent past in the area and there is a
likelihood of a future attack or a government has issued a warning about a region.
Alternatively, there have been recent civil/internal problems, such as cargo theft, piracy, or
smuggling, and they are likely to re-occur in the future.

 Specific threat – Specific information is available about a pending/potential attack in a specific

region/location.

Using information gathered from intelligence sources and the above criteria, determine if there are
non-specific or specific threats of:

Type of Threat Threat Status Environmental conditions that

provide opportunities
No Non Specific Weather Transiting Moonlight
Threat Specific Threat Conditions At Night While
At Sea
No Threat
Threat to To
Human Human
Life Life

Piracy &
Armed Attacks
Terrorism

Drug/Weapons
Smuggling

Stowaways,
Refugees, and
Asylum
Seekers
Sabotage
Environmental
Extremists
Labor Strife
Labor Unrest
Crew Violence
Mutiny

11- Ship
Security Plan Guidance
Guide 2: Ship Initial Security Assessment (Survey)
1 Survey: Introduction

The Ship Security Survey is the first step to developing a Ship Security Assessment. It is the
responsibility of the Company Security Officer (the SSO can act on behalf of the CSO) to ensure a
Ship Security Assessment is carried out by competent persons with skills to evaluate the security of a
ship.

The survey identifies and evaluates the necessary security measures to counter potential threats to the
ship at port, at anchor, and at sea. An assessment must be documented and a copy retained by the
Company. The assessment must include an on-scene security survey with, at least, the following
elements:

• Identify the existing security measures, procedures, and operations.

• Identify and evaluate the key shipboard operations that are important to protect.
• Identify the possible threats to the key shipboard operations and the likelihood of their occurrence, in
order to establish and prioritize security measures.
• Identify security weaknesses, including human factors in the infrastructure, policies, and procedures.

2 Review Information

Prior to an assessment, the CSO should review available information on potential threats at the ports
where the ship will call or passengers embark or disembark. The CSO should assess security
measures at the port facilities and previous reports on similar security needs. Where feasible, the CSO
should meet with appropriate persons on the ship and in the port facilities to discuss the purpose and
methodology of the assessment.

Following is a checklist of information the CSO should obtain to conduct an assessment:

General layout of the Ship.

Location of areas that should have restricted access, such as the bridge, engine room, radio room, etc.

Location and function of each actual or potential access point to the Ship.

Open deck arrangement including the height of the deck above water.

Emergency and stand-by equipment available to maintain essential services.

Numerical strength, reliability, and security duties of the ship ’s crew.

Existing security and safety equipment for protecting the passengers and crew.

Existing agreements with private security companies for providing ship and waterside security services.

Existing protective measures and procedures in practice, including inspection, control and monitoring
equipment, personnel identification documents and communication, alarm, lighting, access control and
other appropriate systems.

12- Ship
Security Plan Guidance
3 On-scene Security Survey

The CSO should examine and evaluate existing shipboard protective measures, procedures, and
operations to:

• Ensure the performance of all ship security duties.

• Control access to all areas of the ship.
• Monitor the deck areas and areas surrounding the ship.
• Control access to restricted areas of the ship.
• Control the embarkation of persons and their effects (luggage, baggage, and crew’s personal
gear).
• Supervise the handling of cargo and ship’s stores.
• Ensure that port-specific security communication, information, and equipment are readily
available.

The CSO should also identify potential weaknesses, including factors in the infrastructure, which may
include:

▪ Conflicting policies between safety and security measure.

• Conflicting shipboard and security duty assignments.
• Watchkeeping and manning constraints.
• Training deficiencies.

This security survey was completed by:      

Date completed:      

4 Deck and Ship side Lighting

Type of lighting used:      

The lighting is: Manual Automatic

Who is responsible for the lighting maintenance?      

Yes No: Are all access points to the Ship lighted?

Exceptions:      

Yes No: Do light patterns overlap?

Yes No: Are all perimeter areas lighted during hours of darkness?

If not, explain:      

Yes No: Does the system include multiple circuits to prevent the entire system from failing if
one light malfunctions?

Yes No: Is someone responsible for turning lights on and off?

If so, whom?      

13- Ship
Security Plan Guidance
 Yes No: Are there adequate lighting supplies? (bulbs, fuses, etc.)

Yes No: Does the lighting protect the guards?

Yes No: Are critical and vulnerable areas well lit?

Yes No: Is there an auxiliary power source available?

The auxiliary power source is: Manual Automatic
Who is responsible for the manual start?      

5 Ship Access Control

5.1 Ship Interior

List hatches and other openings:

1.      
2.      
3.      
4.      
5.      
6.      
7.      
8.      
9.      
10.      

Describe the types of locks that secure the hatches and openings:      

Yes No: Are hinges and lock hasps securely installed?

Who is responsible for making sure hatches and doors are secured?      

Yes No: Are all portholes and windows that are not used permanently closed?

Yes No: Do mesh or bars protect all accessible portholes and windows?

Yes No: Are portholes and windows covered by wire mesh?

Yes No: If yes, are the mesh coverings fastened from the inside or secured with locks?

Describe the materials used and type of construction of the frames:      

14- Ship
Security Plan Guidance
 Yes No: Have glass panes been hardened?

Yes No: If portholes and windows can be opened and are locked, are they protected by ordinary
window level locks or key locks?

Yes No: Are there ladders (permanent or nonpermanent) that should be removed, secured, or
blocked from unauthorized usage?

List gangways, ramps, side ports, etc. and current security measures:

Access Point Security Control Measures & Equipment

1.            
2.            
3.            
4.            
5.            
6.            
7.            
8.            
9.            
10.            

1.      
2.      
3.      
4.      
5.      
6.      
7.      
8.      

5.2 Identification Systems

Yes No: Is a personnel identification system used?

If yes, what methods are used?

Guard Describe:      

Badge Describe:      

Other Describe:      

How are vendors, visitors, and repairman controlled? (check appropriate box)

Log Describe:      

15- Ship
Security Plan Guidance
 Escorted Describe:      

Badge Describe:      

Yes No: Are vendors and visitors escorted throughout the ship at all times?

Yes No: Is there a single egress/ingress control point for all vendors?

Yes No: Is the personnel egress/ingress control points the same as for visitors?

16- Ship
Security Plan Guidance
Following are the main access points to the ship and other potential access points, including open
weather decks (each access point should be examined and evaluated to determine the potential for
use by persons engaged in unlawful actions):

     

List special procedures to secure equipment and materials on deck:      

Yes No: Is a property pass system used to remove property?

Height of the deck above water (freeboard):      

5.3 Key Control

Yes No: Is there a log for issuing keys?

Yes No: Are keys signed for?

Yes No: Are all the keys accounted for?

Yes No: Is the log up to date?

Number of master keys:      

List of individuals who have master keys:

Name:      
Position:      

17- Ship
Security Plan Guidance
Name:      
Position:      

Name:      
Position:      

Yes No: Are there procedures for returning keys when personnel are terminated or
transferred?

If yes, describe the procedures:      

6 Restricted Areas

Yes No: Has the SSO established restricted areas throughout the ship?

Yes No: Do all staff know the proper procedures when an unauthorized person is detected in a
restricted area?

Following are the ship’s restricted areas, such as the bridge, control station, machinery spaces, radio
room, etc.:

1.      
2.      
3.      
4.      
5.      
6.      
7.      
8.      
9.      
10.      

Yes No: Are all restricted areas clearly labeled as such?

18- Ship
Security Plan Guidance
7 Security Alarm, Surveillance and Communications Systems

New regulations require ships to be fitted with a Ship security alarm system. The regulations apply to
oil tankers, chemical tankers, gas carriers, bulk carriers, cargo high-speed craft of 500 gross tons and
upward constructed before July 1, 2004. After this date, all new Ships will come equipped with the
alarm system.

The alarm must automatically initiate and transmit a ship-to-shore security alert to a “competent
authority by the Administration” that identifies the Ship, its location, and indicates the Ship is under
threat or has been compromised.

The alarm should not send the ship security alert to other ships, it should not raise an alarm on board
the Ship, and should continuously transmit the Ship security alert until it has be deactivated and reset
by authorized personnel on board the ship.

The alarm must be able to be activated on the navigation bridge and at least one other location. The
location of the activation points must be designed to prevent the inadvertent or unauthorized initiation
of the ship security alert.

Te following information is Confidential and should be retained as such on board and under
the control of the Captain and Ship’s Security Officer:

Locations of the security      

alarm :

Procedures for using the      

security alarm:

Testing:      

Activation:      

Deactivation:      

Resetting:
Yes No: Are other security alarms used on board?
Date of installation:      
Date last inspected:      

Procedures for activating and deactivating the system:      

Who is authorized to turn off the systems?      

19- Ship
Security Plan Guidance
 Yes No: Are surveillance systems used on board?
Date of installation:      
Date last inspected:      

Procedures for activating and deactivating the system:      

Who is authorized to turn off the systems?      

Following is a description of the Ship’s communication equipment and backup systems to ensure
effective continuous communication between shipboard security personnel, port facilities, other Ships,
and when appropriate, with national or local authorities with security responsibilities:

     

Yes No: Are internal communication systems used on board?

Date of installation:      
Date last inspected:      

Procedures for activating and deactivating the system:

     

Who is authorized to turn off the systems?      

20- Ship
Security Plan Guidance
8 Emergency Plans and Equipment

Does the Ship have the following emergency plans?

Yes No: Fire and Explosion

Yes No: Hurricane and Heavy Weather

Yes No: Collision

Yes No: Grounding

Yes No: Loss of Stability

Yes No: Loss of power/Steering

Yes No: Loss of Cargo and/or Fuel Oil

Yes No: Piracy

Yes No: Bomb Threat

Yes No: Terrorism

Yes No: Other

Yes No: Have the plans been tested?

Yes No: Are drills conducted?

Following is a description of the emergency and stand-by equipment:

     

21- Ship
Security Plan Guidance
Guide 3: How to Identify and Mitigate Security Vulnerabilities

1 Introduction

The Ship Security Plan offers observations about security vulnerabilities and recommendations to
mitigate risks. The Plan also provides:

• Guidance to determine when higher readiness conditions are warranted.

• Procedures to evacuate in case of security threats or breaches of security.
• Procedures to ensure the inspection, testing, calibration, and maintenance of any security
equipment provided on board.

• Measures and equipment designed to prevent weapons, dangerous substances, and devices
intended for use against people, ships, or ports and the carriage of which is not authorized,
from being introduced by any means on board a ship.

2 Security Observations & Recommendations

In this section, recommendations are provided to mitigate security vulnerabilities. Determining the most
effective and prudent security measures and procedures to reduce risks can be a complex process.
Following are different security methodologies for consideration in the analysis:

• Create layers of increasing defense, starting at the perimeter and working inward to the
center of the ship. If intruders penetrate the perimeter, they should face more stringent
security measures as they move inward.

• Maximize human surveillance and the visibility of people and security measures. The better
protected a ship appears to be, the less chance an intruder will attempt to board.

• Clearly mark all restricted areas and access points with signs. Marked boundaries create a
sense of control and increase the probability that an intruder will be deterred from attempting to
board the ship.

2.1 Deck and ship side Lighting

Observation – Describe below any weaknesses in deck and ship side lighting outlined in the
vulnerability assessment and explain the potential consequences to the ship, crew, and cargo:

     

22- Ship
Security Plan Guidance
Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.2. Interior Ship Access Control

Observation – Describe below any weaknesses in the interior ship access control measures and
procedures outlined in the vulnerability assessment and explain the potential consequences to the
ship, crew, and cargo:

     

Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.3 Identification Systems

Observation – Describe below any weaknesses in the identification systems and measures outlined in
the vulnerability assessment and explain the potential consequences to the ship, crew, and cargo:

     

23- Ship
Security Plan Guidance
Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.4 Key Control

Observation – Describe below any weaknesses in the key control measures and procedures outlined
in the vulnerability assessment and explain the potential consequences to the ship, crew, and cargo:
     

Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.5. Restricted Areas

Observation – Describe below any weaknesses in the control measures and procedures for restricted
areas outlined in the vulnerability assessment and explain the potential consequences to the ship,
crew, and cargo:

     

24- Ship
Security Plan Guidance
Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.6 Security Alarm, Surveillance, and Communications Systems

Observation – Describe below any weaknesses in the security alarm, surveillance, and
communications systems outlined in the vulnerability assessment and explain the potential
consequences to the ship, crew, and cargo:

     

Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

2.7 Emergency Plans and Equipment

Observation – Describe below any weaknesses in the emergency plans and equipment outlined in
the vulnerability assessment and explains the potential consequences to the ship, crew, and cargo:

     

25- Ship
Security Plan Guidance
Recommendation – Based on the observations and analyses above, provide recommendations below
to correct the security deficiencies:

     

26- Ship
Security Plan Guidance
Guide 4: Guidance for Establishing Protective Measures

1 Introduction

The Vulnerability Assessment previously completed determines potential shortfalls in the ship’s
existing security systems and procedures. We have taken information from the USCG’s Guidance on
Establishing Protective Measures found in Appendix A to enclosure (1) of NVIC 10-02 to provide the
vessel Owners and operators with additional guidance which may help to select the appropriate
protective measures allowing the ship to achieve an acceptable level of protection for each activity. A
ship may consider implementing those protective measures that are indicated by a yes in a table. For
example, found in Table2. While locking or securing a restricted area may be more protective and
reliable, using a combination of roving patrols and security alarms may provide and acceptable level of
protection for a specific security level.

Security measures and initiatives may be incorporated into existing duties for specific crewmembers.
For example, fire patrols and roving engineering watches make rounds and may perform security
patrol duties during the performance of their current duties.

2 Ensuring the performance of all vessel security duties:

2.1 Ships may incorporate relevant security elements into the duties and responsibilities of
watchstanders. Such elements may include, but not be restricted to:

2.1.1 Heighten awareness that includes observing and reporting malfunctioning security
equipment, suspicious persons, objects and activities during rounds; and
2.1.2 Additional duties as required by the security plan.

2.2 The following Tableprovides additional guidance on protective measures and procedures for
ensuring performance of all security duties:

TABLE 1 Security Level

PROTECTIVE MEASURE 1 2 2
All ship’s crewmembers normally review and exercise their security Yes* Yes* Yes*
duties and responsibilities through drills and training.

Provide security information to all crewmembers and any security Optional Yes Yes
personnel that includes the specific security and any specific threat.
Ship’s Security Officer should normally communicate with waterfront Yes Yes# Yes#
facility to coordinate protective measures

*Drills are conducted monthly

#Coordinate additional protective measures with Port facility Office

27- Ship
Security Plan Guidance
3 Monitoring Restricted areas to ensure that only authorized persons have access

3.1 Ships should establish restricted areas to control access to key areas. The following areas
may be designated as restricted areas and, if identified as restricted areas, shall be listed as
such in the Ship’s Security Plan
 Navigation Bridge,
 Control Stations and central control stations,
 Machinery Spaces containing [propulsion machinery, generators and major electrical
machinery, main and auxiliary steering gear, ventilations and air conditioning
machinery and similar spaces,
 Spaces with access to portable water tanks, pumps, or manifolds;
 Cargo pump room; and
 •Any other areas as determined by the Company Security Officer to which access may
be restricted to maintain the security of the ship.

3.2 All restricted areas may be marked indicating that the area has restricted access. Markings do
not need to be conspicuous to persons other than the crew.

3.3 Restricted area monitoring may be accomplished as indicated in the following table:

TABLE 2 Security Level

PROTECTIVE MEASURE 1 2 2
Locking or security access to restricted areas@ Optional Yes Yes

Using personnel as security guards or patrols Optional Yes* Yes*

*Dedicating personnel to guarding or patrolling restricting areas may include:

#Posting personnel to continuously guard restricted areas and/or assigning personnel to continuously patrol
restricted areas adjacent to restricted areas
@Doors in escape routes must be capable of being operated without keys from the direction for which the
escape is required.

3.4 Additional Protective measures to monitor restricted areas may include:

 Using surveillance equipment, such as closed circuit televisions (CTV); or

 Using automatic intrusion detection devices to alert the crew of unauthorized.

3.5 When automatic intrusion detection devices are used to monitor unauthorized access to
restricted areas, automatic intrusion devices may:
 Activate an audible and or visual alarm:
 Indicate in a location that is continuously staffed or monitored; and be regularly tested.

28- Ship
Security Plan Guidance
4 Controlling Access to the Ship

4.1 When implementing protective measures the following access points shall be evaluated:

 Ladders
 Gangways
 Side ports
 Adjacent piers and aprons, and
 Other access points identified in the vessels security assessment.

4.2 Ships may implement the protective measures or combination of protective measures provided
in the Tablebelow to control access to the ship.

TABLE 3 Security Level

PROTECTIVE MEASURE 1 2 2
Access points are normally secured@ or continuously attended to Yes Yes# Yes#
prevent unauthorized access

Weather-deck access vents, storage boxes, and doors to normally Yes Yes Yes
unmanned spaces (such as storerooms, auxiliary machinery rooms,
etc) may be locked@ or precautions taken to prevent unauthorized
access.
Limit entry to the shop to minimum number of access points+ Optional Yes Yes*
Coordinate with the waterfront facility to extend access control Optional Yes Yes
beyond the immediate area of the ship

*Limit entry to single access point.

#Assign additional personnel to appropriate access points as designated in the Security Plan
@Doors in escape routes must be capable of being operated without keys from the direction for which the
escape is required.
+While not restricting egress from the ship in the event of an emergency

4.3 Access may be denied to any person refusing to submit to security verification or inspection at
an access point. Each person denied entry for refusing should be described in a report to the
appropriate authorities.

29- Ship
Security Plan Guidance
5 Monitoring deck areas and areas surrounding the ship

5.1 A ship’s capabilities should normally include the ability to perform monitoring at all times and
under all conditions.

5.2 Monitoring of deck areas and areas surrounding the ship to identify and take preventive
measures against security incidents may be accomplished by using:

 Equipment such as alarms and CCTV, and

 Personnel, such as security patrols and access point guards.

TABLE 4 Security Level

PROTECTIVE MEASURE 1 2 2
Use security lockouts and our security patrols Optional Yes Yes*
Perform waterside boat patrols Optional Optional Yes
Use divers to inspect the underwater pier structures prior to the Optional Optional Yes
ship’s arrival, upon the ship’s arrival and in other cases as deemed

*Increase the number and frequency of: Security patrols; and Waterside boat patrols to ensure continuous
monitoring.

5.3.1 Ships may consider illuminating their deck and access points to the ship while conducting
ship/water front facility interface activities. Ships may co-ordinate lighting with other entities
involved in the interface. While underway, ships shall consider using maximum lighting
available consistent with the ship’s safe navigation. A ship shall also consider the following in
establishing the appropriate level and location of lighting:

 Crewmembers are generally able to see beyond the ship on both the pier side and the
waterside; and
 Coverage normally includes the area around the ship.

5.4 At heightened security levels, additional lighting may be coordinated with the waterfront facility
to provide additional shore side lighting. Additional lighting may include:

 Using spotlights and floodlights to enhance visibility of the deck and areas surrounding
the vessel; and
 Using lighting to enhance visibility of the surrounding water and waterline.

30- Ship
Security Plan Guidance
6 Controlling the embarkation of persons and their effects

6.1 Controlling the embarkation of persons and their effects to adequately identify and take
preventative measures against security incidents may include the protective measures
provided in the following table:

TABLE 5 Security Level

PROTECTIVE MEASURE 1 2 2
Verify reason personnel are embarking by using tickets, Yes Yes# Yes*
Boarding passes, work orders, or other means.
Positively identify crewmembers, passengers, vendors, visitors, and Yes Yes Yes
other persons prior to each embarkation.
Arriving crew verified as authorized to serve on board the ship. Yes Yes Yes
Inspect persons, baggage, carry on items, and personal gear for: Yes# Yes@ Yes
weapons, incendiaries, explosives, etc.
Security briefings provided to all passengers prior to departing, on Optional Yes Yes*
any specific threats and vigilance and reporting of suspicious
persons, objects or activities.
Assign personnel to guard designated inspection areas. Optional Yes Yes

Limit entry to only passengers and crewmembers. Optional Optional Yes

Escort all service providers or other personnel needed aboard to Optional Optional Yes
provide essential services to the ship.

*Security briefings are generally provided to all passengers, prior to embarkation and disembarkation.
#This may be accomplished by random inspections, such as 5-20% or some other method addressed in the
ship’s security plan.
@Increase the frequency, such as 25-50% and increase the scope of the inspection.

6.2 Areas should be designated to inspect baggage, carry-on items, and personal gear. Access to
and from these areas should be controlled to segregate inspected persons ands articles form
un-inspected persons and or articles.

6.3 The purpose of the inspection of private entities to secure their personal safety and the safety
of their property. Such inspections are intended to ensure that incendiary devices, explosives
or other items that pose a threat to the ship are removed. Inspections may be limited and no
more intrusive than necessary to protect against the danger of sabotage or similar destructive
acts of violence. Inspection techniques may include, but are not limited to: magnetometers,
physical examination of the person or object visually, the use of trained animals, electronic
devices or a combination of methods.

31- Ship
Security Plan Guidance
7 Controlling the embarkation of persons and their effects

7.1 Ship’s may use the following Tableas a guide on supervising the handling of cargo, vessel’s
stores and bunkers to adequately identify and take preventative measures against security
incidents:

TABLE 6 Security Level

PROTECTIVE MEASURE 1 2 2
Verify non-containerized cargo against the manifest.# Yes* All All
Verify the container identification numbers of loaded containers All All All
against the manifest. #
Verify the container identification numbers of empty containers Yes* All All
against the manifest. #
Inspect the ship’s store and provisions Yes* Yes+ All

*This may be accomplished by random verification, such as 25-50%.

#Companies are encouraged to participate in government programs such as the U.S. Customs Service
program titled: “Custom Trade Partnership Against terrorism (C-PTAT).
+Increase the frequency and depth of inspections, such as 25-50%

7.2 Verification and inspection of cargo and ship’s stores may be accomplished by:
 Visual and physical examination:
 Using scanning/detection equipments, mechanical devices or canines; or
 Coordinating with the shipper or other responsible party through and established
agreement and procedures.

7.3 At heightened security levels, the detail or depth of the above methods may be increased
commensurate with the threat.

32- Ship
Security Plan Guidance
8 Ensuring that port-specific security communication is readily available

8.1 Ship’s normally ensure that means of communication for reporting threats to the ship are:

 Maintained and operable

 Readily available
 Able to communicate within the ship, to the waterfront facility, and with the appropriate
authorities (law enforcement personnel); and
 Able to relay essential information related to the nature and extent of the threat.

8.2 At heightened Security levels, ships may enhance their means of communication of reports of
threatening act as provided in the following table.

TABLE 7 Security Level

PROTECTIVE MEASURE 1 2 2
Perform regular communications checks Optional Yes Yes
Provide backup means of communication. Optional Yes Yes*

*Provide redundant and multiple means of communication

33- Ship
Security Plan Guidance
Guide 5: Developing Final Security Assessment

1 Introduction

The Vulnerability Assessment previously completed determines potential shortfalls in the ship’s
existing security systems and procedures. The initial Assessment is required to develop an effective
plan. Refer to the Ship Security Survey (Guide 2) to develop specific details regarding this ship’s
security.

2 Risk Based Security Assessment Simplified

The following is a visual representation of a risk-based assessment that can be tailored to a specific
vessels:

Repeat Process until all unique scenarios have been evaluated

2.1 Potential Threats

To begin an assessment, a ship or company needs to consider attack scenarios consisting of potential
threat to the ship under specific circumstances. It is important that the scenario or scenarios are within
the real of possibility and, at a minimum address known capabilities and intents as given by a threat
assessment. For example a boat containing explosives ramming a tanker (Limburg - October 2002)
(as a specific attack scenario). The tanker could be outbound creating a choke point for the harbor (a
specific circumstance). It may be less credible that a hand held missile would be launched from a
distance at a tanker so that the terrorists could sink a ship that is outbound through a choke point.

The number of scenarios is left to the judgment of plan developers and to the satisfaction of the
Company and ship Security Officers. An initial evaluation should at least consider those scenarios
provided in Table1 with emphasis being placed on the worst-case scenario, and the most probable
scenarios. Care should be taken to avoid unnecessarily evaluating excessive scenarios that result in
low consequences. Minor variations of the same scenarios do not need to be evaluated separately
unless there are measurable differences in the consequences.

34- Ship
Security Plan Guidance
Table 1: Notional List of Scenarios

Typical Types of Scenarios Application Example

1. Intruder – take control of
the ship with intent to:
2. External attack:
3. Use of the vessel as a
means of transporting:
a. Damage and destroy
with explosives
b. Damage and destroy
through malicious
operations or acts
c. Create a hazardous
materials incident/or
pollution incident without
destroying the vessel
d. Take hostages and kill
people on board.
a. Moving explosives next
to the vessel: waterside,
shore side or subsurface.
b. Ramming a stationary
target: With your ship as a
missile.
c. Launching or shooting
weapons from distance
a. Materials to be used as
weapons.
b. People into or out of a
country.
Intruder plants explosives.
▪ Intruder takes control of a vessel and runs it
aground, or intentionally collides with
something.
▪ Intruder intentionally opens valves to sink
the vessel in a specific location.
▪ Intruder opens valves to release a toxic
substance or releases toxic materials brought
with the intruder.
▪ Intruder overrides interlocks leading to
damage and destruction.
▪ USS Cole or LIMBURG type attacks
▪ Car Truck Bomb
▪ Divers or swimmers
International allision meant to damage/destroy
the target (i.e. waterway choke point). Note:
Evaluate overall consequences from the
potential allision, but only evaluate the
vulnerabilities of the vessel and not the
vulnerabilities of any target the ship may be
used to ram.
Shooting your vessel using rifle, missile or
other weapon.

2.2 Consequence assessment

Each Scenario should be evaluated in terms of the potential consequences of an attack. Three
elements are included in the consequence assessment: death and injury, economic impact and
environmental impact. A descriptor of the consequence components follows:

DEATH AND INJURY The potential number of lives that could be lost and injuries occurring
as a result of an attack scenario.
ECONOMIC IMPACT The potential economic impact of an attack scenario.
ENVIRONMENTAL IMPACT The potential environmental impact of an attack scenario.

35- Ship
Security Plan Guidance
The appropriate consequence scoring should be evaluated for each scenario. Consequence ratings
are criteria with benchmarks and are provided in the following table. These ratings are intended to be
broad relative estimates. The appropriate rating is determined by using the consequence component
that results in the highest rating. For example, if the death and injury and economic impacts result in a
moderate or “1” rating, but the environmental impact results in Significant or “2” rating, then the overall
consequence score would be a “2”. A precise calculation of these elements is not necessary or
possible.

Table 2: Consequence Score

Assign a rating of: If the Impact could be
Catastrophic = numerous loss of life or injuries, major national or long term
3 economic impact, complete destruction of multiple aspects of the eco-
system over a large area.
2 SIGNIFICANT = multiple loss of life or injuries, major regional economic
impact, long-term damage to a portion of the eco-system.
1 Moderate = little or no loss of life or injuries, minimal economic impact, or
some environmental damage.

2.3 Vulnerability Assessment

Each Scenario should be evaluated in terms of the ship’s vulnerability to an attack. Four elements of
the vulnerability score are: availability, accessibility, organic security, and ship’s hardness. With the
understanding that the ship’s owner and/or operator has the greatest control over the accessibility and
organic security elements, these elements may be addressed for each scenario. Descriptors for these
two vulnerability elements follow:

ACCESSIBILITY Accessibility of the ship to the attack scenario. This related to the physical and
geographic barriers that deter the threat without organic security. For example:
An attack by swimmers while anchored in a quick running river like the Mississippi
is mot improbable.
ORGANIC The ability of security personnel to deter attack. It includes security plans,
SECURITY communications capabilities, guard force, intrusion detection systems, and
responsiveness of outside law enforcement to prevent an attack.

The vessel owner and operator should address each vulnerability element for a given scenario. The
initial evaluation of vulnerability is normally viewed with only existing strategies and protective
measures meant to lessen vulnerabilities, which are already in place. After the initial evaluation has
been performed, a comparison evaluation can be made with new strategies and protective measures
considered. Assessing the vulnerability with only the existing strategies and protective measures
provides a better understanding of the overall risk associated with the scenario and how new
strategies and protective measures will mitigate the risk.

The vulnerability score and criteria with benchmark examples are provided in the following table.
Each scenario should be evaluated to get the individual score for each element and then sum

36- Ship
Security Plan Guidance
the elements to get the total vulnerability score (Table 5 step 3). This score should be used as
the vulnerability score when evaluating each scenario in the next step of the process.

Table 3: Vulnerability Score

Category Accessibility Organic Security

No deterrence (e.g. unrestricted access
3 to the ship and unrestricted internal
movement
2 Good deterrence (e.g. Single
substantial barrier: unrestricted access
to within 100 yards
3 Excellent deterrence (Expected to deter
an attack; access restricted to within
500 yards of the vessel; multiple
physical and geographic barriers).
No deterrence capability (e.g. no plan, no guard
force, no guard force, no emergency
communication, no outside law enforcements
availability for timely prevention, no detection
capability.
Good deterrence capability (e.g. minimal security
plan, some communications, armed guard force
of limited size relative to the vessel; outside law
enforcement not available for timely prevention,
limited detection systems)
Excellent deterrence capability – (Expected to
deter attack; covert security elements that
represent additional elements not visible or
apparent.

2.4 Mitigation

The vessel owner and operator should next determine which scenarios may have mitigation strategies
(protective measures) implemented. This should be accomplished by determining where the scenario
falls in Table4 based upon the consequences and vulnerability assessment scores. Following are
terms used in Table4 as mitigation categories:

“MITIGATE” means the mitigation strategies, such as security protective measures and/or
procedures, may be developed to reduce risk for the scenario. An appendix to the Ship Security Plan
may contain the scenario(s) evaluated, the result of the evaluation of each, a description of the
mitigation measure evaluated, and the reason measures were or were not chosen.

“CONSIDER” means that the scenario should be considered and mitigation strategies should be
developed on a case-by-case basis. The Ship Security Plan may contain the scenario(s) evaluates, the
results of the evaluation, and the reason mitigation measures were or were not chosen.

“DOCUMENT” means the scenario may not need a mitigation measure at this time and therefore
needs to be documented. However, mitigation measures having little cost may still merit consideration.
The security plan may contain the scenario evaluated and the results. This will be of the security
assessment.

37- Ship
Security Plan Guidance
 Table 4: Vulnerability & Consequence
Matrix

Total Vulnerability Score

2 3-4 5-6
3 CONSIDERED MITIGATE MITIGATE
Consequence
Score 2 DOCUMENT CONSIDER MITIGATE
1 DOCUMENT DOCUMENT CONSIDER

To assist the ship owner and /or operator in determining which scenarios may require mitigation
methods, the ship owner and or operator may find it beneficial to use Table5 provided below. The ship
owner/operator can record the scenarios considered, the consequence score (Table (2), outcome of
each element of vulnerability (Table 3), the total vulnerability score, and the mitigation category (Table
4).

Table 5

MITIGATION DETERMINATION WORKSHEET

Step 1 Step 2 Step 3 Step 4

Scenario/Description Consequence Vulnerability Score (Table 3) Mitigation Results

Score (Table 2) (Table 4)
Accessibility Organic = Total
+ Score Score

2.5 Implementation Methods

The true value of each assessment is realized, once the ship owner and or operator determines, which
scenarios require mitigation, when mitigations strategies (protective measures) are implemented to
reduce vulnerabilities. The overall desire is to reduce the risk associated with identified scenarios. Note
that generally. As mentioned previously, it is easier to reduce vulnerabilities than to reduce
consequences or threats when considering mitigation strategies. To Assist the ship owner or operator
in evaluating the effectiveness of specific mitigation strategies (protective measures) the ship owner or
operator may find it beneficial to use Table 6 provided below:

38- Ship
Security Plan Guidance
 Table 6

MITIGATION IMPLEMENTATION WORKSHEET

Step 1 Step 2 Step 2 Step 3 Step 4

Mitigation Scenarios Consequence New
Strategy that are Score (Remains New Vulnerability Score (Table 3) Mitigation
(Protective affected by the Same) Results
Measure) Mitigation (Table 4)
Strategy Accessibility Organic = Total
From Step 1 + Security Score
in Table 5
1. 1.
2.
>>>
2. 1.
2.

The following steps correspond to each column in Table 6.

1. The ship owner and/or operator should brainstorm mitigation strategies (protective
measures) and record them in the first column of Table 6.
2. Using scenarios from Table 5, list all of the scenarios that would be affected by the
selected mitigation strategy.
The consequence score remains the same as was recorded in Table 5 for each scenario.
4. Re-evaluate the vulnerability score Table 3 for each element, taking into consideration the
benefit of the mitigation strategy, for each scenario.
5. With the consequence score and new vulnerability score, use Table 4 to determine the
new mitigation results.

There are two factors, effectiveness and feasibility, to consider in determining if a mitigation strategy
should be implemented. A strategy may be thought of as highly effective if its implementation lowers
the mitigation category (e.g. from “MITIGATE” to “CONSIDER”). A strategy may be though of as
partially effective if the strategy will lower the overall vulnerability score when implemented by itself or
with one or more other strategies. For example, if a mitigation strategy lowers the vulnerability score
from “5-6” to “3-4” while the consequence score remains “3” and the mitigation category remains
“MITIGATE”.

It should be noted that if a mitigation strategy, when considered individually, does not reduce the
vulnerability, that multiple strategies may be considered in combination. Considering mitigation
strategies as a whole may allow the vulnerability to be reduced.

A strategy may be though of as feasible if it can be implemented with little operational impact or
funding relative to the prospective reduction in vulnerability. A strategy may be thought of as partially
feasible if its implementation requires significant changes or funding relative to the prospective

39- Ship
Security Plan Guidance
reduction invulnerability. A strategy may be thought of as not feasible if its implementation is extremely
problematic or cost prohibitive.

The ship owner and/or operator should keep in mind that some strategies may be deployed
commensurate with various security threat levels established. Feasibility of a mitigation strategy may
vary based on the security level, therefore some strategies may not be warranted at security level 1,
but may be at Security level 2 or 3. For example using divers to inspect the underwater pier structure
and the ship may not be warranted at security level 1, but may be necessary if there is a specific threat
or an increase in the security level. Mitigation strategies should ultimately ensure that a level of
security is maintained to achieve the security objectives discussed in the Ship’s Security Plan.

As an example of a possible vulnerability mitigation measure, a company may implement security

patrols by hiring additional personnel to detect and r prevent unauthorized persons from entering
spaces below the main deck on a passenger ferry. This measure would improve organic security and
may reduce the overall vulnerability score from “high” to a “medium”. This option, however, is specific
for this scenario and also carries certain costs. Another option might be to secure all access points to
spaces below the main deck. This may reduce the accessibility score from “high” to “medium”. This
option does not require additional personnel and is a passive mitigation measure. Similarly, other
scenarios can be tested to determine the most effective strategies for your ship.

The Ship Owner and/or operators should develop a process through which overall security is
continually evaluated by considering consequences and vulnerabilities, how they may change over
time, and what additional mitigation strategies can be applied.

40- Ship
Security Plan Guidance
Appendix A: Distribution List Of Security Plans
A Controlled Document

Ship: _______________

Copy Number Issue Number Issued to: Date: Initials

Ship: _______________

Copy Number Issue Number Issued to: Date: Initials

41- Ship
Security Plan Guidance
 42- Ship
Security Plan Guidance
Ship: _______________

Copy Number Issue Number Issued to: Date: Initials

Ship: _______________

Copy Number Issue Number Issued to: Date: Initials

43- Ship
Security Plan Guidance