Module 1

Question 1

What is the primary objective of the ISPS Code?

Answer 1

To establish an international framework through which ships and port facilities cooperate to detect and deter threats to maritime security and to respond to security threats and incidents.

Question 2

Under which SOLAS chapter is the ISPS Code implemented?

Answer 2

SOLAS Chapter XI-2, ‘Special measures to enhance maritime security,’ adopted in 2002.

Question 3

Who appoints the Company Security Officer (CSO)?

Answer 3

The shipping company (the ‘Company’) appoints the CSO and must notify the Administration and Recognized Security Organization in writing.

Question 4

Define the Company Security Officer (CSO).

Answer 4

A CSO is the person designated by the Company to ensure that:
1. Ship Security Assessments are carried out,
2. Ship Security Plans are developed, approved, and maintained,
3. Security measures are properly implemented on board,
4. Liaison is maintained with Port Facility Security Officers and the Administration.

Question 5

What are the four core responsibilities of the CSO?

Answer 5

1. Conduct and review the Ship Security Assessment (SSA),
2. Develop, approve, and update the Ship Security Plan (SSP),
3. Monitor onboard security measures and drills,
4. Maintain communication with port facility and national authorities.

Question 6

Define the Ship Security Officer (SSO).

Answer 6

An SSO is the person on board, appointed by the Master, responsible to the Master for the implementation and maintenance of the Ship Security Plan and for liaising with the CSO and port facility security officers.

Question 7

How does the CSO interact with the SSO and Port Facility Security Officers?

Answer 7

The CSO issues instructions and guidance to the SSO for onboard implementation and coordinates with Port Facility Security Officers to ensure shore–ship interface security measures are aligned.

Question 8

What minimum qualifications and training must a CSO have?

Answer 8

Demonstrable knowledge of the ISPS Code, relevant company procedures, international and local security regulations, plus approved security training for CSOs and refresher courses at least every five years.

Question 9

What is the Ship Security Plan (SSP)?

Answer 9

The SSP is the detailed, company-approved document that prescribes the ship-specific security measures, procedures, and resources required to address identified threats and vulnerabilities.

Question 10

What must the CSO do after approving an SSP?

Answer 10

Ensure the SSP is:
• Implemented by the SSO,
• Regularly tested via drills and exercises,
• Reviewed and updated following any security incident or change in operations.

Question 11

How often must the CSO review and, if necessary, update the SSP?

Answer 11

At least annually and whenever there is a change in risk level, operational profile, or after an actual security incident.

Question 12

What records is the CSO required to maintain?

Answer 12

Records of:
• Security assessments,
• SSP approvals and revisions,
• Training and drills,
• Correspondence with authorities and port facilities.

Question 13

What is the primary purpose of the ISPS Code?

Answer 13

To establish an international framework through which ships and port facilities cooperate to detect and deter threats to maritime security and to respond to security threats and incidents

Question 14

Under which SOLAS chapter is the ISPS Code implemented?

Answer 14

SOLAS Chapter XI-2, “Special measures to enhance maritime security”

Question 15

When did the ISPS Code enter into force?

Answer 15

1 July 2004

Question 16

Which organization developed the ISPS Code?

Answer 16

The International Maritime Organization (IMO), following the 2002 SOLAS amendments

Question 17

To which vessels and facilities does the ISPS Code apply?

Answer 17

All passenger ships, cargo ships of 500 GT and above, and the port facilities that service them

Question 18

Define the Company Security Officer (CSO).

Answer 18

The CSO is the person designated by the Company to ensure that Ship Security Assessments are conducted, Ship Security Plans are developed and maintained, measures are implemented, and liaison with authorities is maintained

Question 19

Who appoints the CSO and how must this be documented?

Answer 19

The Company appoints the CSO and must notify the Flag State Administration (or Recognized Security Organization) in writing

Question 20

List four core responsibilities of the CSO.

Answer 20

1. Conduct and review Ship Security Assessments
2. Develop, approve, and update Ship Security Plans
3. Monitor implementation of security measures and drills
4. Maintain communication with Port Facility Security Officers and authorities

Question 21

Define the Ship Security Officer (SSO).

Answer 21

The SSO is the person on board, appointed by the Master, responsible for implementing and maintaining the Ship Security Plan and liaising with the CSO and PFSO

Question 22

What are three key duties of the SSO?

Answer 22

1. Ensure onboard compliance with the SSP
2. Conduct regular security inspections and drills
3. Report security incidents and updates to the CSO

Question 23

How should the CSO coordinate with the SSO and PFSO?

Answer 23

By issuing guidance and instructions to the SSO, and aligning ship–shore measures through regular liaison with the Port Facility Security Officer

Question 24

What is a Company Security Assessment (CSA)?

Answer 24

A review of the Company’s policies, procedures, and resources to ensure they adequately address maritime security risks across the fleet

Question 25

What is a Ship Security Assessment (SSA)?

Answer 25

An evaluation of threats, vulnerabilities, and counter-measures specific to an individual vessel’s design, trade routes, and operations

Question 26

Name five elements examined in an SSA.

Answer 26

1. Critical operations and assets 2. Potential threat scenarios 3. Physical security vulnerabilities 4. Access control points 5. On-scene survey findings

Question 27

How often must the SSA be reviewed?

Answer 27

At least annually, and whenever there is a change in threat level, ship configuration, trade pattern, or after an incident

Question 28

What is a Port Facility Security Assessment (PFSA)?

Answer 28

An assessment of port layout, operations, and threat environment to identify required security measures at a facility

Question 29

What is a Company Security Plan (CSP)?

Answer 29

A company-level document that sets out policies, procedures, and organizational measures for maritime security across all ships and terminals

Question 30

What is a Ship Security Plan (SSP)?

Answer 30

The ship-specific document, approved by the Administration, that details required security measures, procedures, and resources based on the SSA

Question 31

List six core elements every SSP must contain.

Answer 31

1. Designation of SSO and chain of command 2. Security levels and associated measures 3. Restricted and monitored areas 4. Access control procedures 5. SSAS operating instructions 6. Drills and exercise schedules

Question 32

Who approves the SSP before implementation?

Answer 32

The Flag State Administration or its Recognized Security Organization under SOLAS XI-2 and the ISPS Code

Question 33

How often must the SSP be updated?

Answer 33

At least annually and whenever there is a change in threat level, ship configuration, trade, or following an incident

Question 34

What is the Continuous Synopsis Record (CSR)?

Answer 34

A document maintained on board that records the ship’s history, ownership, and management changes

Question 35

How long must security-related records be retained?

Answer 35

For at least three years after they are made

Question 36

What are the three security levels defined by the ISPS Code?

Answer 36

• Level 1: Normal • Level 2: Heightened • Level 3: Exceptional

Question 37

What measures are taken at Security Level 1?

Answer 37

Routine security measures as defined in the SSP, including regular patrols, ID checks, and access controls

Question 38

What additional measures apply at Security Level 2?

Answer 38

Increased surveillance, more frequent ID checks, intensified access control, and additional patrols of restricted areas

Question 39

What actions are required at Security Level 3?

Answer 39

Suspend cargo operations, deny all access, secure all openings, prepare for possible evacuation, and liaise with armed response teams

Question 40

What is recorded in the Continuous Synopsis Record?

Answer 40

Changes in ship management, ownership, flag state, and CSO appointment details

Question 41

Which records must the CSO maintain?

Answer 41

Security assessments, SSP approvals and amendments, training and drill logs, SSAS tests, and DoS documentation

Question 42

For how long must these records be kept?

Answer 42

At least three years

Question 43

What training is mandatory for CSOs?

Answer 43

Approved CSO training course and refresher training at intervals not exceeding five years

Question 44

What training is required for SSOs?

Answer 44

An approved SSO course covering the ISPS Code, SSP implementation, and emergency procedures

Question 45

What drill frequency does the ISPS Code prescribe?

Answer 45

• Weekly inspections of restricted areas • Quarterly security drills at each level • Annual ship/shore exercises

Question 46

What is a Declaration of Security (DoS)?

Answer 46

A formal agreement between ship and port facility detailing shared security responsibilities when levels differ or threat is heightened

Question 47

When must a DoS be completed?

Answer 47

Whenever the security level is raised above Level 1 or at the request of either ship or facility

Question 48

How should the CSO liaise with port authorities?

Answer 48

Through regular communication, DoS coordination, and sharing of threat and plan updates

Question 49

What triggers an unscheduled review of the CSP/SSP?

Answer 49

A security incident, change in threat level, ship design alteration, or audit finding