Cyber security is a key challenge in the maritime industry. This news contains practical recommendations from DNV experts for maritime advice in the field of cyber security. They aim to support DOC holders handling the cyber challenge through their safety management system (SMS), as mandated by the ISM Code.
Relevant for ship owners and managers.
In Resolution MSC.428(98), the IMO, “AFFIRMES that an approved SMS should take into account cyber risk management in accordance with objectives and functional requirements of the ISM Code”, and encourages enforcement starting with the Document of Compliance (DOC) audits from 1 January 2021
The recommendations available in the pdf version of this news (page 2 - 8) were developed by our cyber security experts from the maritime advisory division. They are based on extensive experience supporting companies around the world in handling cyber security and the ISM Code requirements across all vessel segments. It is important to note that the management system measures must fit the needs of the individual DOC holder and that the DOC holder remains responsible for the measures to meet objectives and to ensure ongoing compliance with requirements in the ISM Code.
For companies with an existing SMS, we advise using the recommendations in the Appendix as support when performing a gap analysis, keeping the existing measures and systematics whenever possible and updating them whenever necessary.
For companies that do not have an existing SMS, we advise using the recommendations in the Appendix in support of handling cyber security in the safety management system, while noting the objectives and functional requirements of the ISM Code.
Recommendations on the ISM Code and Cyber Security available in pdf version of this news, page 2 – 8.
- DNV maritime cyber security
- DNV's ISM services
- Statutory News - Cyber security to be covered in SMS from 1 January 2021 - are you prepared?
- SMS cyber security quick check