15. pants

Port

facility Security Assessment

General

15.1. The Port Facility Security

Assessment (PFSA) may be conducted by a Recognized Security

Organization (RSO). However, approval of a completed PFSA should

only be given by the relevant Contracting Government.

15.2. If a Contracting Government

uses a RSO, to review or verify compliance of the PFSA, the RSO

should not be associated with any other RSO that prepared or

assisted in the preparation of that assessment.

15.3. A PFSA should address the

following elements within a port facility:

.1. physical security;

.2. structural integrity;

.3. personnel protection

systems;

.4. procedural policies;

.5. radio and telecommunication

systems, including computer systems and networks;

.6. relevant transportation

infrastructure;

.7. utilities; and

.8. other areas that may, if

damaged or used for illicit observation, pose a risk to persons,

property, or operations within the port facility.

15.4. Those involved in a PFSA

should be able to draw upon expert assistance in relation to:

.1. knowledge of current security

threats and patterns;

.2. recognition and detection of

weapons, dangerous substances and devices;

.3. recognition, on a

non-discriminatory basis, of characteristics and behavioural

patterns of persons who are likely to threaten security;

.4. techniques used to circumvent

security measures;

.5. methods used to cause a

security incident;

.6. effects of explosives on

structures and port facility services;

.7. port facility security;

.8. port business practices;

.9. contingency planning,

emergency preparedness and response;

.10. physical security measures

e.g. fences;

.11. radio and telecommunications

systems, including computer systems and networks;

.12. transport and civil

engineering; and

.13. ship and port operations.

Identification

and evaluation of important assets and infrastructure it is

important to protect

15.5. The identification and

evaluation of important assets and infrastructure is a process

through which the relative importance of structures and

installations to the functioning of the port facility can be

established. This identification and evaluation process is

important because it provides a basis for focusing mitigation

strategies on those assets and structures which it is more

important to protect from a security incident. This process

should take into account potential loss of life, the economic

significance of the port, symbolic value, and the presence of

Government installations.

15.6. Identification and

evaluation of assets and infrastructure should be used to

prioritise their relative importance for protection. The primary

concern should be avoidance of death or injury. It is also

important to consider whether the port facility, structure or

installation can continue to function without the asset, and the

extent to which rapid re-establishment of normal functioning is

possible.

15.7. Assets and infrastructure

that should be considered important to protect may include:

.1. accesses, entrances,

approaches, and anchorages, manoeuvring and berthing areas;

.2. cargo facilities, terminals,

storage areas, and cargo handling equipment;

.3. systems such as electrical

distribution systems, radio and telecommunication systems and

computer systems and networks;

.4. port vessel traffic management

systems and aids to navigation;

.5. power plants, cargo transfer

piping, and water supplies;

.6. bridges, railways, roads;

.7. port service vessels,

including pilot boats, tugs, lighters etc;

.8. security and surveillance

equipment and systems; and

.9. the waters adjacent to the

port facility.

15.8. The clear identification of

assets and infrastructure is essential to evaluation of the port

facility's security requirements, the prioritisation of

protective measures, and decisions concerning the allocation of

resources to better protect the port facility. The process may

involve consultation with the relevant authorities relating to

structures adjacent to the port facility which could cause damage

within the facility or be used for the purpose of causing damage

to the facility or for illicit observation of the facility or for

diverting attention.

Identification

of the possible threats to the assets and infrastructure and the

likelihood of their occurrence, in order to establish and

prioritise security measures

15.9. Possible acts that could

threaten the security of assets and infrastructure, and the

methods of carrying out those acts, should be identified to

evaluate the vulnerability of a given asset or location to a

security incident, and to establish and prioritise security

requirements to enable planning and resource allocations.

Identification and evaluation of each potential act and its

method should be based on various factors, including threat

assessments by Government agencies. By identifying and assessing

threats, those conducting the assessment do not have to rely on

worst-case scenarios to guide planning and resource

allocations.

15.10. The PFSA should include an

assessment undertaken in consultation with the relevant national

security organizations to determine:

.1. any particular aspects of the

port facility, including the vessel traffic using the facility,

which make it likely to be the target of an attack;

.2. the likely consequences in

terms of loss of life, damage to property, economic disruption,

including disruption to transport systems, of an attack on, or

at, the port facility;

.3. the capability and intent of

those likely to mount such an attack; and

.4. the possible type, or types,

of attack,

producing an overall assessment of

the level of risk against which security measures have to be

developed.

15.11. The PFSA should consider

all possible threats, which may include the following types of

security incidents:

.1. damage to, or destruction of,

the port facility or of the ship, e.g. by explosive devices,

arson, sabotage or vandalism;

.2. hijacking or seizure of the

ship or of persons on board;

.3. tampering with cargo,

essential ship equipment or systems or ship's stores;

.4. unauthorized access or use

including presence of stowaways;

.5. smuggling weapons or

equipment, including weapons of mass destruction;

.6. use of the ship to carry those

intending to cause a security incident and their equipment;

.7. use of the ship itself as a

weapon or as a means to cause damage or destruction;

.8. blockage; of port entrances,

locks, approaches etc; and

.9. nuclear, biological and

chemical attack.

15.12. The process should involve

consultation with the relevant authorities relating to structures

adjacent to the port facility which could cause damage within the

facility or be used for the purpose of causing damage to the

facility or for illicit observation of the facility or for

diverting attention.

Identification,

selection, and prioritisation of countermeasures and procedural

changes and their level of effectiveness in reducing

vulnerability

15.13. The identification and

prioritisation of countermeasures is designed to ensure that the

most effective security measures are employed to reduce the

vulnerability of a port facility or ship/port interface to the

possible threats.

15.14. Security measures should be

selected on the basis of factors such as whether they reduce the

probability of an attack and should be evaluated using

information that includes:

.1. security surveys, inspections

and audits;.

.2. consultation with port

facility owners and operators, and owners/operators of adjacent

structures if appropriate;

.3. historical information on

security incidents; and

.4. operations within the port

facility.

Identification

of vulnerabilities

15.15. Identification of

vulnerabilities in physical structures, personnel protection

systems, processes, or other areas that may lead to a security

incident can be used to establish options to eliminate or

mitigate those vulnerabilities. For example, an analysis might

reveal vulnerabilities in a port facility's security systems or

unprotected infrastructure such as water supplies, bridges etc

that could be resolved through physical measures, e.g. permanent

barriers, alarms, surveillance equipment etc.

15.16. Identification of

vulnerabilities should include consideration of:

.1. waterside and shore-side

access to the port facility and ships berthing at the

facility;

.2. structural integrity of the

piers, facilities, and associated structures;

.3. existing security measures and

procedures, including identification systems;

.4. existing security measures and

procedures relating to port services and utilities;

.5. measures to protect radio and

telecommunication equipment, port services and utilities,

including computer systems and networks;

.6. adjacent areas that may be

exploited during, or for, an attack;

.7. existing agreements with

private security companies providing waterside/shore-side

security services;

.8. any conflicting policies

between safety and security measures and procedures;

.9. any conflicting port facility

and security duty assignments;

.10. any enforcement and personnel

constraints;

.11. any deficiencies identified

during training and drills; and

.12. any deficiencies identified

during daily operation, following incidents or alerts, the report

of security concerns, the exercise of control measures, audits

etc.