If shipping companies are working up a sweat trying to get the ISPS Code requirements in place before the 1 July deadline, they would shiver if they knew what the ports are doing - not enough!

But after a slow start, the global port industry finally seems to have woken up to the fact that ISPS Code compliance is a ticket to trade, not only for ships, but for ports too. A port must also go through the same ISPS Code processes, i.e. perform Port Facility Security Assessments (PFSA); write a Port Facility Security Plan (PFSP); get the PFSA/PFSP approved by the contracting government; implement approved security measures (cargo control, access control, contact points, etc); and get approval of implementation by the contracting government.

However, the vast nature and scope of ports pose a number of other concerns than those associated with ships; the numbers of stakeholders that are involved in port decisions are plentiful, including governmental agencies on state, regional and local level, plus a plethora of private enterprises.

Progress with ISPS implementation in different parts of the world varies, although the world's major ports do seem to be on track, while, unsurprisingly, smaller ports are lagging behind. Shipping companies should be prepared to meet plenty of ports in Asia, Africa, and much of South America and the CSI that are not ISPS Code compliant after 1 July. The big container ports are in a league of their own and are already being included in security programmes such as the US-led CSI (Container Security Initiative) and C-TPAT (Customs-Trade Partnership Against Terrorism).

But what will happen if a port is not ISPS certified by 1 July? The answer: ships should avoid such ports, for if not, their ships may become 'contaminated'. If it is not possible to avoid blacklisted ports, the use of DOS (Declaration of Security) may become an emergency tool, and this, to use the language of the ISPS Code, is an agreement between port and ship that documents the sharing of responsibility between the two parties.

DNV assistance
DNV (Maritime Solutions) is assisting port administrations and governments in 'getting to grips' with the new security Code. A case in point is the work carried out with the government of Norway and its coastal department, which is responsible for implementing the ISPS Code regime for the country's ports. Big progress has been made, and the work has attracted positive interest from all over the world. Indeed, it seems that Norway is light-years ahead of many other countries.

In short, what DNV has done includes the following:
1. Identified the responsibilities and activities of the government in the ISPS process.

2. Prepared a guideline for the ports on how to perform the PFSA, and write the PFSP - a Master Plan for the PFSP has been made.

3. Trained personnel in the coastal department, having delivered both PFSO (Port Facility Security Officer) course and internal auditor training.

4. Approval process for the plan review (PFSA, PFSP), then assisted the coastal department in approving the plans. The first plans for approval were received in December.

5. Approval process for verification of the implementation, and assisted the coastal department in approving the implementation.

6. Prepared a tailor-made security solution for the cruise industry, carried out the selection of RSOs, and other facilitating tasks.

While the ISPS Code defines the broad sets of standards, DNV has further refined these security standards through a fruitful cooperation and coordination among the many stakeholders to make the security measures actually work - in time.