Maritime & Ship Management

ISPS Code

International Ship and Port Facility Security Code

The International Ship and Port Facility Security (ISPS) Code is the IMO's mandatory security framework for ships and port facilities, adopted in 2002 and effective from 1 July 2004 in response to 9/11. It is implemented as Chapter XI-2 of SOLAS and applies to passenger ships, cargo ships of 500 GT and above, mobile offshore drilling units, and port facilities serving international shipping.

The Code requires three security levels (1=normal, 2=heightened, 3=exceptional threat), a designated Ship Security Officer (SSO) on each ship, a Port Facility Security Officer (PFSO) at each port, a Ship Security Plan (SSP) and a Port Facility Security Plan (PFSP), both subject to audit and approval by the flag state or its recognised security organisation.

ISPS compliance generates extensive documentation — security drills, exercise records, incident reports, restricted area access logs — all of which must be retained and audit-ready.

Why it matters

ISPS is the maritime security regime born after 9/11. It requires ships and ports to plan for, and escalate against, security threats — with designated officers, approved security plans and detailed records. Non-compliance can bar a ship from port, so security drills, access logs and incident reports must be retained and audit-ready.

Diagram
Level 1
Normal
Level 2
Heightened
Level 3
Exceptional threat
ISPS operates at three security levels, escalating protective measures as the threat rises.
Also known as
ISPSShip Security Code
Related terms
Where this matters at WHIZTEC
Frequently asked
Who are the SSO and PFSO under ISPS?

The Ship Security Officer (SSO) is the designated officer on each ship; the Port Facility Security Officer (PFSO) is their counterpart at each port facility. Each maintains an approved security plan.

What are the three ISPS security levels?

Level 1 is normal operation, Level 2 is heightened (a probable threat), and Level 3 is exceptional (a specific, imminent threat) — each triggering progressively stricter measures.

More Maritime & Ship Management terms

See WHIZ in your operation.

A Solutions Architect will tailor a 30-minute walkthrough to your modules, integrations and rollout plan. No commitment required.