BS ISO 20858:2007

1 Scope
  1.1 General
  1.2 Conformance
2 Terms and definitions
3 Performance of the security assessment
  3.1 Overview of the security assessment
  3.2 Personnel conducting the security
      assessment
4 Security assessment procedures
  4.1 General
  4.2 Scope of the security assessment
  4.3 Current status of security at the port
      facility
      4.3.1 Identification of assets and
             infrastructure
      4.3.2 Consultations
  4.4 Threat scenarios and security incidents
  4.5 Classification of consequences
  4.6 Classification of likelihood of security
      scenarios
  4.7 Security incident scoring
  4.8 Countermeasures
      4.8.1 General
      4.8.2 Countermeasure exceptions
5 Port Facility Security Plan (PFSP)
  5.1 General
5.2 Prioritization of countermeasures
  5.3 Port Facility Security Plan contents
      5.3.1 General
      5.3.2 Table of contents
      5.3.3 Items in facility plot plan
      5.3.4 Security administration and organization
             of the port facility
      5.3.5 Port Facility Security Officer
      5.3.6 Changes in security levels
      5.3.7 Procedures for interfacing with ships
      5.3.8 Declaration of Security (DoS)
      5.3.9 Additional requirements for port facility
             receiving passenger ship at Security Level 1
      5.3.10 Communications
      5.3.11 Security systems and equipment maintenance
      5.3.12 Security measures for access control,
             including designated public access areas
      5.3.13 Security measures for access control,
             including designated public access areas
             at Security Level 2
      5.3.14 Security measures for access control, including
             designated public access areas at Security
             Level 3
      5.3.15 Security measures for restricted areas
      5.3.16 Access to restricted areas
      5.3.17 Security measures for handling cargo at
             Security Level 2
      5.3.18 Security measures for delivery of ship's
             stores/spare parts and bunkers
      5.3.19 Security measures for monitoring
      5.3.20 Security incident procedures
      5.3.21 Additional requirements for passenger and
             ferry port facilities
      5.3.22 Additional requirements at cruise ship
             terminals
      5.3.23 Audits and security plan amendments
      5.3.24 Skills, knowledge and competencies of
             security and port facility personnel
      5.3.25 Drills and exercises
  5.4 Execution of the supply chain security plan
6 Documentation
  6.1 Safeguarding the documents
  6.2 Port Facility Security Assessment Report
  6.3 Marine Port Facility Security Plan
  6.4 Security operations and security training records
  6.5 Retention of records
Annex A (informative) - Guidance for obtaining advice
                        and certification
      A.1 General
      A.2 Demonstrating conformance with ISO 20858 by
          audit
      A.3 Certification of ISO 20858 by third party
          certification bodies
Bibliography

Establishes a framework to assist marine port facilities in specifying the competence of personnel to conduct a marine port facility security assessment and to develop a security plan as required by the ISPS Code International Standard, conducting the marine port facility security assessment, and drafting/implementing a Port Facility Security Plan (PFSP).

1.1 General

This International Standard establishes a framework to assist marine port facilities in specifying the competence of personnel to conduct a marine port facility security assessment and to develop a security plan as required by the ISPS Code International Standard, conducting the marine port facility security assessment, and drafting/implementing a Port Facility Security Plan (PFSP).

In addition, this International Standard establishes certain documentation requirements designed to ensure that the process used in performing the duties described above was recorded in a manner that would permit independent verification by a qualified and authorized agency (if the port facility has agreed to the review). It is not an objective of this International Standard to set requirements for a contracting government or designated authority in designating a Recognized Security Organization (RSO), or to impose the use of an outside service provider or other third parties to perform the marine port facility security assessment or security plan if the port facility personnel possess the expertise outlined in this specification. Ship operators may be informed that marine port facilities that use this document meet an industry-determined level of compliance with the ISPS Code.

Port infrastructure that falls outside the security perimeter of a marine port facility might affect the security of the facility/ship interface. This International Standard does not address the requirements of the ISPS Code relative to such infrastructures. State governments have a duty to protect their populations and infrastructures from marine incidents occurring outside their marine port facilities. These duties are outside the scope of this International Standard.

1.2 Conformance

While compliance with the ISPS Code is internationally mandated for all signatory countries, the use of this International Standard is voluntary. If a contracting government establishes requirements that preclude the use of this International Standard, local law takes precedence and compliance with this International Standard should not be claimed.