Get documents about "GUIDE TO PREPARING AN OFFSHORE SECURITY PLAN FOR OFFSHORE
Document Sample
<Classification Level>
GUIDE TO PREPARING AN OFFSHORE SECURITY PLAN
FOR OFFSHORE FACILITY OPERATORS
(Draft: 1 July 2005)
i
<Classification Level>
Disclaimer
Guide to Preparing an Offshore Security Plan
This guide has been prepared in accordance with the Maritime Transport and Offshore
Facilities Security Act 2003 (the Act) and the Maritime Transport and Offshore Facilities
Security Regulations 2003 (the Regulations). All care has been taken to ensure this guide
accurately reflects the requirements of the Act and Regulations. Before submitting plans for
approval, offshore facility operators should refer to the Act and Regulations as made by the
Governor-General. This guide will be updated if the Regulations are amended.
ii
<Classification Level>
Requirements for Offshore Security Plans
Offshore Facility Operators as Gazetted by the Secretary under Section 17B of the Maritime
Transport and Offshore Facilities Security Act 2003 (the Act) are required to submit offshore
security plans for review and approval by the Secretary.
The requirements for offshore security plans are set out in sections 100G, 100H and 100I of the Act
and further requirements are reflected in Part 5A of the Maritime Transport and Offshore Facilities
Security Regulations 2003 (the regulations). This guide considers the offshore security plan
requirements for offshore facility operators as set out in the Act and in the Regulations.
The Act establishes an outcomes based preventive security framework that will enhance Australia's
maritime security arrangements. There are four key outcomes set out at section 3(4).
(a) Australia’s obligations under Chapter XI-2 of the SOLAS Convention and the
ISPS Code, including those with regard to the rights, freedoms and welfare of
seafarers, are met;
(b) the vulnerability to terrorist attack of Australian ships, ports and other ships within
Australia and offshore facilities is reduced without undue disruption to trade;
(c) the risk that maritime transport or offshore facilities are used to facilitate terrorist
or other unlawful activities is reduced;
(d) security information is communicated effectively among maritime industry
participants and government agencies with security responsibilities for maritime
transport and offshore facilities. It is not the purpose of this Act to prevent lawful
advocacy, protest, dissent or industrial action that does not compromise maritime
security.
Each offshore security plan submitted for approval must demonstrate an appropriate contribution
toward these outcomes.
Part 5A Division 5A.1 of the regulations contains requirements that must be addressed in all
offshore security plans. Division 5A.2 of the regulations contain requirements that are specific to
security plans for offshore facility operators. Plans that address these requirements will be
considered to adequately contribute to the maritime security outcomes.
The Department recognises there are many different approaches that offshore facility operators can take to
prepare an offshore security plan. This guide presents a template that could be used by offshore facility
operators to prepare a document that will meet the requirements of the Act and regulations.
It is considered that a fully completed offshore security plan using this template will provide the Secretary
with sufficient information to determine if the plan was made in accordance with the Act and regulations.
The template, which is outcomes based, can also be used to demonstrate that implementation of the plan
will make an appropriate contribution towards the achievement of the maritime security outcomes
described in the Act. The template is provided as guidance only and each offshore facility operator should
consider the suitability of it for their local circumstances prior to adopting it for their own use. Text in
italics used in each section of the template describes the type of information expected under the subject
headings.
iii
<Classification Level>
It is suggested that offshore facility operators consider:-
• the information they wish to present in the plan;
• if the information presented is likely to change frequently during the period of the plan, more
generic information that is not a regulatory requirement may be needed; and
• whether the plan meets the content and form requirements of the Act and Regulations.
If the Secretary is satisfied that a the plan submitted for his approval adequately addresses the
specific requirements of the Act and Regulations, the offshore facility operator will receive a
written notice of approval.
Regulation 5A.30 requires that a security plan for an offshore facility operator must include a
number of key contact details for use during day-to-day business hours or during an emergency. As
contact details tend or change frequently, it is recommended that they be submitted as an attachment
to the security plan.
Better Practice Guide No.1: Preparing Offshore Security Plans which provides guidance on the
security plan approval process, may be down-loaded from the Department’s website at:
http://www.dotars.gov.au/transsec/oilandgas/index.aspx.
iv
<Classification Level>
Contact Details for the offshore facility operator <Facility Name>
Name of Facility:
Legal Name of Operator:
Location of Facility:
Physical Address (Head Office):
Mailing Address (if different):
Name of Chief Executive Officer:
Business Phone Number:
Fax Number:
Name of Head Security Officer:
Business Phone Number:
Mobile Number:
Fax Number:
Email Address:
Business Address:
Mailing Address (if different):
Name of Offshore Facility Security Officer:
Business Phone Number:
Mobile Number:
Fax Number:
Email Address:
Business Address:
Mailing Address (if different):
24 Hour Offshore Facility Security Duty Officer Contact Number:
v
<Classification Level>
OFFSHORE SECURITY PLAN
for
<FACILITY NAME>
Prepared by
<OFFSHORE FACILITY OPERATOR NAME>
Date: DD/MM/YYYY
Submitted by <Name of authorised person>
Position <……>
Signature …………………………………..
Date ………………………………
Security Classification ……………………
Revision Number …………………………
Copy Number …………………………….
vi
<Classification Level>
TABLE OF CONTENTS
SECTION 1 - ADMINISTRATIVE DETAILS ........................................................ 1
1.1 AUTHORITY ..................................................................................................................................................... 1
1.2 DOCUMENT PROTECTION ................................................................................................................................. 1
1.3 DOCUMENT CONTROL ...................................................................................................................................... 1
1.4 CONTACT DETAILS ........................................................................................................................................... 2
SECTION 2 - SCOPE ................................................................................................. 3
2.1 OFFSHORE FACILITY OPERATOR ....................................................................................................................... 3
2.2 OFFSHORE SERVICE PROVIDERS ...................................................................................................................... 3
2.3 OFFSHORE INDUSTRY PARTICIPANTS (OIPS) ................................................................................................... 3
SECTION 3 – CONSULTATION ............................................................................. 4
3.1 OFFSHORE SERVICE PROVIDERS ....................................................................................................................... 4
3.2 OFFSHORE FACILITY EMPLOYEES AND CONTRACTORS .................................................................................... 4
3.3 NOTIFICATION OF A CHANGE IN MARITIME SECURITY LEVEL AND SECURITY DIRECTIONS ............................. 4
3.4 DECLARATION OF SECURITY ............................................................................................................................ 5
SECTION 4 – OPERATION OF THE OFFSHORE SECURITY PLAN............. 6
4.1 REVIEW AND AUDIT ......................................................................................................................................... 6
4.2 MODIFICATION AND UPDATING OF PLAN ......................................................................................................... 6
4.3 RESPONSIBILITIES ............................................................................................................................................ 6
4.4 KNOWLEDGE AND TRAINING ........................................................................................................................... 7
4.5 DRILLS AND EXERCISES ................................................................................................................................... 8
4.6 OCCUPATIONAL HEALTH AND SAFETY ............................................................................................................ 8
SECTION 5 – SECURITY MEASURES AND PROCEDURES............................ 9
5.1 OFFSHORE FACILITY SECURITY ASSESSMENT .................................................................................................. 9
5.2 SECURITY MEASURES AND PROCEDURES ......................................................................................................... 9
5.3 OFFSHORE SECURITY ZONES.......................................................................................................................... 14
ATTACHMENT 1 - DIAGRAM OF REGULATED OFFSHORE FACILITY
AND SECURITY ZONES ........................................................................................ 15
ATTACHMENT 2 – CONTACT DETAILS FOR OFFSHORE INDUSTRY
PARTICIPANTS COVERED BY THE SECURITY PLAN ................................ 16
ATTACHMENT 3 – DECLARATION OF SECURITY (SAMPLE ONLY) ..... 17
ATTACHMENT 4 – OFFSHORE FACILITY SECURITY ASSESSMENT..... 19
ATTACHMENT 5 - SECURITY MEASURES AND PROCEDURES ............... 20
ATTACHMENT 6 - SECURITY MEASURES FOR OFFSHORE SERVICE
PROVIDERS.............................................................................................................. 21
ATTACHMENT 7 – CONTACT DETAILS FOR OFFSHORE FACILITY
OPERATOR .............................................................................................................. 22
ANNEX 1 OFFSHORE SECURITY INCIDENT REPORT FORM ............. 23
vii
<Classification Level>
Section 1 - Administrative Details
1.1 Authority
Section 100B of the Maritime Transport and Offshore Facilities Security Act 2003 (the Act)
requires certain offshore industry participants, including offshore facility operators, to have an
offshore security plan. The Maritime Transport and Offshore Facilities Security Regulations 2003
(the regulations) also set out certain requirements which must be met or address in offshore security
plans.
The plan must be submitted for approval to the Secretary of the Department of Transport and
Regional Services (DOTARS) with the authority of the offshore facility operator. This section must
outline who has authorised the offshore security plan on behalf of the offshore facility operator and
may also include the organisation’s security policy. The intention is to demonstrate that the
organisation supports the implementation of the plan.
1.2 Document Protection1
Regulation 5A.105 requires that the offshore facility operator ensure the offshore security plan is
protected against unauthorised access, amendment and disclosure.
This section must be used to explain how the offshore facility operator will protect the offshore
security plan from unauthorised disclosure. It should refer to the security classification of the
document for internal purposes and to specific procedures to prevent unauthorised access,
amendment and disclosure of the document.
1.3 Document Control
The offshore facility operator may wish to include a document control statement including specific
procedures for the revision and update of the offshore security plan should modification be
required. The table below can be used to identify particular amendments to the document.
DOCUMENT REVISION RECORD
Version Section Page Numbers Date of Latest Approved By
Number(s) Revision
For un-issued versions and updates, letters A, B, C etc. to be used;
For original issued versions and updates, numbers 0, 1, 2 etc. to be used;
To determine if an individual page has been revised or updated, identify the page number in the Revision Record above and
confirm if the latest revision number listed, is the same as the revision number listed on the page footer.
1
The requirements in this section are consistent with the requirements of Section 16.3 (11) of Part A of the ISPS code,
measures to ensure the security of the information contained in the plan.
1
<Classification Level>
1.4 Contact details
Contact details for the offshore facility operator must be set out in Attachment 7 – Contact Details
for Offshore Facility Operator.
Regulation 5A.30 requires offshore facility operators to provide the following information:
(a) name of the operator;
(b) contact details for the operator;
(c) name of the Chief Executive Officer and the HSO of the operator;
(d) the name and location of the facility;
(e) name or position of the person who is to be the OFSO for each facility covered by the
plan;
(f) a single 24 hour fixed line telephone number, a mobile telephone number and a fax
number for the OFSO of the participant; and
The contact details for offshore industry participants including offshore service providers must be
set out in Attachment 2 – Contact Details for Offshore Industry Participants covered by the security
plan.
Regulation 5A.35 requires an offshore security plan to be accompanied by a document setting out
the name and contact details of security officers for each offshore service provider conducting
operations at the facility.
The offshore facility operator must, within 2 working days after becoming aware of a change in any
of the information listed above, notify the Secretary of the change/
2
<Classification Level>
Section 2 - Scope
2.1 Offshore facility operator
This section should:
(a) accurately identify the offshore facility operator by citing the correct legal business name of
the operator;
(b) accurately describe what operations are covered in the plan including reference to
geographical coordinates which identify the location of the offshore facility or facilities;
and
(c) describe any proposed security zones including reference to a diagram of a size and scale
of the facility and surrounding water that clearly shows the layout of the facility and of any
security zones.
All diagrams referred to above must be attached to the plan (Refer Attachment 1).
It may be appropriate for operators of integrated production facilities to develop network plans. In
considering network plans, offshore facility operators should take into account whether facilities
are physically and operationally similar, are reasonably proximate and have an identical risk
assessment.
The specific security measures and procedures that the offshore facility operator will implement
must be included in an attachment to the offshore security plan (Refer Attachment 5).
2.2 Offshore Service Providers
This section should provide a general overview of the offshore service providers that are located or
operate within the security regulated offshore facility. It should clearly indicate whether these
offshore service providers are covered under this offshore security plan or if they will have
individual offshore security plans. If the offshore service provider is to be covered by the offshore
facility operator plan, this section should be used to explain the scope of the offshore service
provider’s operations.
Contact details for all offshore service providers conducting operations at the offshore facility must
be included at Attachment 2.
Specific security measures and procedures that the offshore service provider will implement must
be included in an attachment (Attachment 6) to this plan together with written evidence of
agreement between the offshore facility operator and the offshore service provider to confirm
responsibilities for implementation of security arrangements.
2.3 Offshore Industry Participants (OIPs)
Section 100E of the Act enables an offshore security plan to cover the activities of OIPs who have
regular interaction with the offshore facility. In this case, the OIP must be provided with the
relevant parts of the offshore security plan and must agree in writing to those activities.
Where any other OIP is to be covered by an offshore facility operator’s security plan, sections 2.2
and 2.3 of the plan must identify the parts of the plan that will be provided to the OIP covered by
the plan, including identification of the particular security measures and procedures that they will
be required to implement.
3
<Classification Level>
Section 3 – Consultation
To facilitate coordination of security regulated activities, Regulation 5A.65 requires that offshore
security plans set out a mechanism for consultation between the offshore facility operator and:
a) each offshore industry participant conducting operations at (or interfacing with) a facility
and any other stakeholder who may be affected by the implementation of the plan; and
b) operator’s employees (or their representatives) regarding security measures and procedures
to be implemented.
Refer to Better Practice Guide No. 1 - Preparing Offshore Security Plans for more information
on communication and consultation on security matters.
3.1 Offshore service providers
Offshore service providers will need to be made aware of security measures and procedures
included in the security plan. Therefore, this section must detail the consultation mechanisms used
to ensure that security measures and procedures are adequately communicated to offshore service
providers in order to enable them to comply with those measures.
Regulation 5A.15 requires offshore facility operators to provide certain information to each
offshore service provider conducting operations at the facility. The information required to be
provided includes contact details as required by Reg 5A.30 and:
(a) the information set out in Reg 5A.30; and
(b) The measures to be used by the operator to inform persons of the location of offshore
security zones established by the operator for the facility; and
(c) The measures to confirm the identify of persons who are authorised to have access to the
zones.
3.2 Offshore Facility Employees and Contractors
Offshore facility employees and contractors will need to assist with the implementation of security
measures and procedures. Therefore, this section of the offshore security plan must detail the
consultation mechanisms used to ensure that security measures and procedures are adequately
communicated to enable employees and contractors implement and comply with the measures.
3.3 Notification of a Change in Maritime Security Level and Security Directions
From time to time, the Secretary may advise that for all, or particular, OIPs the maritime security
level has changed under section 28A(2) of the Act. In this section, the offshore facility operator
must describe how this information will be communicated to the OIPs covered by the document.
Similarly, the Secretary may issue security directions under section 35(9) of the Act to offshore
facility operators. This section of the offshore security plan must describe how the security
directions will be communicated to OIPs who may be affected.
4
<Classification Level>
3.4 Declaration of Security2
The Declaration of Security (DOS) is an agreement between an offshore facility and a ship
operator, on the types of security measures and procedures that will be put in place upon arrival of
that ship at the offshore facility. It outlines who has responsibility for providing security measures
required under the agreement. The requirements for a DOS can be found in Regulations 1.45(1A)
and 5A.80.
The offshore security plan must identify circumstances when a DOS may be requested, eg when a
ship at a higher security level wishes to interface with the offshore facility. The offshore security
plan must also detail the procedures for negotiating the security measures and responsibilities in
the DOS and explain how the measures in the DOS will be implemented to ensure compliance. A
template for a DOS is at Attachment 3. The template has been adopted from Part B Appendix 1, of
the ISPS code, pages 99 to 101.
2
This section is consistent with the requirements of section 16.3 (7) of Part A of the ISPS code, procedures for
interfacing with ship security activities.
5
<Classification Level>
Section 4 – Operation of the Offshore security plan
4.1 Review and Audit3
Regulation 1.50 and 5A.10 set out the requirements for audits and reviews of offshore security
plans.
This section should be used to explain how the offshore facility operator will ensure that the
offshore security plan is effective and adequate and has been implemented correctly.
Offshore security plans for offshore facility operators must include:
(a) a schedule of internal and external security plan audits;
(b) the circumstances in which a security plan review will be conducted, including procedures for
undertaking a review following a security incident;
(c) the procedures for conducting a security plan audit including a process for consultation during
review;
(d) the procedures for conducting a security plan review including advice on the consultation
process during the review to ensure security measures and procedures are adequate and the
plan appropriately implemented; and
(e) acknowledgment that records relating to the plan will be kept for 7 years from the date of last
action.
Note: Offshore facility plans should also include a process for selecting independent auditors.
4.2 Modification and Updating of plan
Regulation 5A.60(1)(h) requires offshore facility operators to include in their plan procedures for
modifying the plan to correct deficiencies or to update the plan to take into account changes to a
facility.
This section of the plan should outline the mechanisms in place to ensure appropriate and timely
modification and updating of a security plan, should deficiencies in the plan be identified or any
material changes be made to a facility’s physical environment or procedures that impact on
provisions in the plan.
Methods for communicating such modifications and updates to all affected parties should also be
disclosed.
4.3 Responsibilities4
Regulations 5A.50 and 5A.55 set out the requirements for responsibilities and training of offshore
facility security officers and offshore facility personnel with a responsibility for security.
Regulations 1.32 and 1.33 provide more information on the mandatory duties of head security
officers and offshore facility security officers.
3
This section is consistent with the requirements of section 16.3 (8) and (13) of Part A of the ISPS code, procedures for
the periodic review of the plan and updating and Procedures for auditing the security plan.
4
This section is consistent with the requirements of section 16.3 (6) of Part A of the ISPS code, duties of port personnel
assigned security responsibilities and other personnel on security aspects.
6
<Classification Level>
An offshore security plan must detail the specific duties and responsibilities of the security officers
and any other security personnel. For example, the duties and responsibilities of any offshore
facility security guards, employees or contractors, must be described.
A table to record information on the responsibilities of security related positions may be formatted
as follows:-
Position Responsibilities
<insert the <insert the responsibilities >
position title>
Head Security Refer to Regulation 1.32 for mandatory duties
Officer
Offshore Facility
Security Officer
Offshore Facility
Security Guards
Facility Manager
Security Duty
Officer
4.4 Knowledge and Training
The offshore facility operator must ensure that personnel with responsibility for security have
adequate knowledge, or have received appropriate training, to be able to carry out their duties.
Each offshore security plan must provide the following information for offshore facility security
personnel as per Regulations 5A.50 and 5A.55
• knowledge, skills and other requirements for the security related aspects of their position;
• training or qualifications that satisfy those requirements; and
• training that must be given to such personnel.
The table below can be used to record the training requirements for each position:
Position Required Knowledge or Training
<Insert the <insert the knowledge and training requirements for the position
Position title> here
Offshore Knowledge / Skills
Facility Ability to conduct security patrols
Security Ability to monitor and control people’s behaviour.
Guards Self defence and restraint skills
Qualifications
Certificate II in Security Operations or appropriate industry
equivalent such as State and Territory licensing.
Each offshore security plan should also include, or make reference to, a training register to record
which staff have received appropriate training or have sufficient knowledge to perform their duties.
Details of the training should be documented as well as how the offshore facility operator has
determined they have the required knowledge to undertake their security duties.
7
<Classification Level>
4.5 Drills and Exercises
Regulation 5A.60(1)(g) requires that the offshore security plan include procedures for conducting
drills and exercises associated with the plan. This should include a timetable of when the drills are
to be conducted and how records of the results of drills and exercises will be kept and secured.
4.6 Occupational Health and Safety
Section 100(g)(1)(f) of the Act requires that the provisions of an offshore security plan complement,
to the fullest extent possible, the occupational health and safety requirements under the laws of the
Commonwealth, a State or Territory applying at a facility.
This section should contain a statement to this effect, describing the alignment of security measures
outlined in the plan and applicable health and safety requirements.
8
<Classification Level>
Section 5 – Security Measures and Procedures
5.1 Offshore Facility Security Assessment
Each offshore security plan must include a security assessment prepared in accordance with
Regulations 5A.05 and 5A.45. In accordance with section 100G(2) of the Act, a security assessment
must take into account any documents required by the Secretary and any other documents listed on
the DOTARS website. Further information on conducting an offshore facility security assessment
may be found in the Offshore Security Assessments Guidance Paper located at the DOTARS
website: http://www.dotars.gov.au/transsec/oilandgas/index.aspx
The risk treatments identified in the security assessment should be referred to in Security Measures
and Procedures at 5.2 below.
The completed security assessment must be attached to the plan at Attachment 4.
5.2 Security Measures and Procedures
This section must be used to identify each security measure and / or procedure to be implemented
under the offshore security plan. However, the specific details of each security measure and / or
procedure could be included in Attachment 5: Details of Security Measures and Procedures. It is
expected that the offshore security plan will include security arrangements to treat a range of
different security risks and that individual measures and procedures may address a number of the
risks that have been identified.
This section should identify who is responsible for each of the measures and procedures. If
responsibility for implementation of a measure or procedure is not identified, then the Secretary
will request further information from the offshore facility operator which may cause delays in the
approval process.
Note
Regulation 5A.60(1) sets out a range of items that must be addressed in each offshore security plan.
While some of these items have been addressed in other sections of the offshore security plan, the
items below should be addressed in the Security Measures and Procedures part of the document. In
general, it would be expected that measures and procedures addressing these items would be listed
for maritime security levels 1, 2 and 3.
a) Regulation 5A.60(1)(a) – measures to prevent unauthorised carriage or possession of
weapons or prohibited items on the facility or on board vessels or aircraft interfacing with a
facility
If appropriate, these measures could include but are not limited to:
• checks on cargo or equipment to be loaded on a ship, or aircraft, or used by the offshore
facility.
b) Regulation 5A.60(1)(b) - measures to prevent unauthorised access to any offshore security
zone
These measures should be in accordance with Division 6.5 – Offshore Security Zones and
Regulations 5A.85 and 5A.90 relating to the identification of security zones and the responsibilities
of the offshore facility operator.
If appropriate, these measures could include, but are not limited to:
• identification and marking of the location of zones;
9
<Classification Level>
• observation of waterside security zone.
• access prevention arrangements, eg agreement with the State police on response arrangements;
• protocols for reporting unauthorised access into offshore security zones.
c) Regulation 5A.60(1)(c) - procedures for responding to security threats or breaches of
security, including procedures for maintaining critical operations at a facility
If appropriate, these procedures could include, but are not limited to, procedures for the handling
of bomb and other threats.
d) Regulation 5A.60(1)(d) – procedures for responding to security threats or breaches of security
occurring during any interface between a vessel or aircraft and a facility
Detail measures to respond to security threats or breaches of security occurring during any
interface with service providers, making reference for example to reciprocal measures to be
implemented by service providers..
e) Regulation 5A.60(1)(e) - procedures for responding to any security directions given by the
Secretary
Part 2 Division 4 of the Act sets out the requirements for the Secretary to give security directions.
In the case of an offshore facility, the security direction will be given directly from the Secretary to
the offshore facility operator. The offshore facility operator may be required to pass on the security
direction to other MIPs and OIPs who interact with the offshore facility.
If appropriate, these procedures could include but are not limited to:
• management procedures that will be taken to ensure that a security direction is implemented as
soon as possible after the direction is given; and
• procedures for communicating the security direction within the offshore facility and externally
where necessary.
f) Regulation 5A.60(1)(f) - procedures for evacuation of the facility in case of security threats or
breaches of security
This should include reference to a current evacuation plan. The evacuation plan does not need to be
included with the security plan.
g) Regulation5A.60(1)(h) – procedures for interfacing with the security activities of other
maritime industry participants and operators of any aircraft that may land on or near a
facility.
Detail agreed measures for interfacing with the security activities of maritime industry participants
such as security regulated ships and aircraft operators which the offshore facility may interface
with.
h) Regulation 5A.60(1)(i) - procedures for reporting occurrences which threaten the security of
a facility
Part 9 of the Act sets out the requirements for Offshore Facility Security Incidents. Offshore facility
operators are required under Section 177(1) to report incidents. Section 177(2) of the Act requires
that incidents be reported to:
• the Secretary; and
• the Australian Federal Police or the Police Force of a State or Territory; and
• where applicable, a person in control of part of the offshore facility, or a person who conducts
operations in the offshore facility or the ship operator or master of a security regulated ship.
10
<Classification Level>
Section 179A of the Act also sets out specific requirements for the reporting of security incidents by
offshore facility operators.
Section 182 of the Act states that the Secretary may publish a notice in the Gazette setting out the
information required in the incident report, and the method of submitting an incident report.
Advice on submitting incident reports will be provided on the DOTARS website.
If appropriate, these measures could include but are not limited to:
• procedures for reporting of security incidents in accordance with the Act;
• internal procedures for employees to report security incidents to management or the offshore
facility security officer; and
• procedures for raising the awareness of staff of their responsibilities for reporting incidents.
i) Regulation 5A.60(1)(l)- measures to ensure the security of cargo and of cargo handling
equipment at a facility
Where the offshore facility is involved in moving cargo to and from ships, the security plan should
include measures to protect the cargo and the cargo handling equipment.
If appropriate, these procedures could include but are not limited to:
• security around cargo storage areas;
• security guard patrols to protect the equipment and cargo while it is under the control of the
offshore facility operator;
• closed circuit TV systems to monitor areas where cargo is stored.
j) Regulation 5A.60(1)(m) - procedures in case the security alert system of a ship is activated
while it is near a facility
The ship security alert system of a ship may be activated in the event of a security incident
occurring on board the ship. This alert will be received by the ship operator and the alert will be
passed on to the appropriate authorities in the country where the ship is located.
An offshore facility operator may be asked to assist the authorities in dealing with a ship that has
activated its security alert system. The offshore security plan should include measures indicating
that the offshore facility operator will cooperate with authorities in dealing with this situation.
k) Regulation 5A.60(1)(n) – procedures to be followed when an offshore facility is directly
connected to, or engaging in any activity with a vessel such as a floating hotel, mobile drilling
unit or construction barge.
Detail procedures to be adopted during periods when an offshore facility is directly connected to,
or engaging in any activity with, other vessels as indicated.
11
<Classification Level>
5.2.1 Maritime Security Level 1
Regulation 5A.70 sets out the requirements for maritime security level 1 measures. This must
include security measures identified in the security assessment for implementation at this level.
In this section, the offshore facility operator must identify the specific security measures and
procedures to be undertaken or implemented by the offshore facility operator for maritime security
level 1. Maritime security level 1 is the level at which the offshore facility normally operates.
This table can be used to record the security measures.
SECURITY MEASURES AND PROCEDURES AT SECURITY LEVEL 1
Description of security measure or procedure. Person or Organisation with
Responsibility for implementing the
measure or procedure
Employee security clearances, security guard patrols Head security officer, State Police
etc (through an MOU), etc
Note: Where implementation of a security measure or procedure includes a shared responsibility,
then the responsibility of each party should be clearly identified. Written evidence of shared
responsibilities, such as memorandums of understandings or contracts should be attached to
confirm security arrangements.
This section should also include an implementation timetable to meet the requirements of
regulation 5A.70. This table must show which measures and procedures are already in place and,
if not in place, indicate when they will be implemented, and what interim measures will be put in
place until they are ready. A sample table for this purpose is provided on page 14.
5.2.2 Maritime Security Levels 2 and 3
Regulation 5A.75 requires that each offshore security plan include a list of the additional security
measures that will be implemented if the Secretary declares that maritime security level 2 or 3 is in
force for the offshore facility. The following tables can be used to record the security measures and
procedures.
SECURITY MEASURES AND PROCEDURES AT SECURITY LEVEL 2
Description of security measure or procedure. Person or Organisation with
responsibility for implementing the
measure or procedure
Increased number of security guard patrols, limit Head security officer
access to offshore facility for non essential personnel
Note. Security Level 2 measures or procedures are in addition to all of the measures and
procedures in force at security level 1.
SECURITY MEASURES AND PROCEDURES AT SECURITY LEVEL 3
Description of security measure or procedure. Person or Organisation with
Responsibility for implementing the
measure or procedure
Advise ships to delay entry to offshore facility during Head security officer
level 3 period if possible, evacuation of offshore
facility where threat has been identified.
Note. Security Level 3 measures or procedures are in addition to all of the measures and
procedures in force at security levels 1 and 2.
12
<Classification Level>
IMPLEMENTATION TIMETABLE
Security Measure or Status (Operational / To be established) Date of expected implementation Interim measures / procedures5
Procedure (if status is to be established)
Additional lighting around To be established Lighting to be in place by Additional guard patrols to
perimeter of facility December 2005 monitor and deter unauthorised
access.
5
Interim measures must be indicated for all measures and procedures that are to be established. These interim measures and procedures must be in place by 30 September
2005.
13
<Classification Level>
5.3 Offshore Security Zones
Offshore facility operators may outline in their security plans, by way of a diagram, proposals
for offshore security zones.
Section 113A of the Act enables the Secretary to, by written notice, establish offshore security
zones. Part 5A Division 6.5 of the Maritime Transport and Offshore Facilities Security
Regulations 2003 sets out the different types of offshore security zones and the requirements
on OIPs for identifying, monitoring and controlling access to offshore security zones.
Regulation 6.125 prescribes two types of offshore security zones which may be established:
(a) an offshore facility zone defined in Regulation 1.03 means a type of offshore security
zone that comprises the space occupied by an offshore facility; and
(b) an offshore water-side zone defined in Regulation 1.03 means a type of offshore
security zone that comprises an area of water surrounding an offshore facility at the
distance from the facility specified by the Secretary.
Offshore facility operators are encouraged to discuss proposed arrangements for offshore
security zones with any other OIPs likely to be affected by the introduction of these zones.
See Better Practice Guide No.2 “Locations and Diagrams”.
5.3.1 Offshore Water-Side Zones and Offshore Facility Zones
Division 6.5 of the Regulations sets out the requirements for establishing offshore security
zones, and the responsibilities of offshore facility operators in maintaining security within
these zones. In accordance with Regs 5A.85 and 5A.90, offshore security plans should
include procedures for requesting offshore security zones to be established by the Secretary.
Regulations5A.85(2) and 5A.90(2) require that an offshore security plan includes the security
measures and procedures that the operator will put in place to monitor and control access to
offshore security zones, including measures to detect and deter unauthorised access to the
zones.
14
<Classification Level>
Attachment 1 - Diagram of regulated offshore facility and security zones
See Better Practice Guide No.2 “Locations and Diagrams”
15
<Classification Level>
Attachment 2 – Contact details for Offshore Industry Participants covered
by the security plan
This attachment should provide the names and contact details of other offshore industry
participants, including offshore service providers, conducting operations at the offshore
facility (see section 1.4 of the plan template).
16
<Classification Level>
Attachment 3 – Declaration of Security (Sample only)6
(for use between an offshore facility and ship)
Name of Ship:
Port of Registry:
IMO Number:
Name of Offshore Facility:
This Declaration of Security is valid from …………… until ……………, for the following activities
……………………………………………………
(list the activities with relevant details)
under the following security levels
Security level(s) for the ship:
Security level(s) for the offshore facility:
The offshore facility and ship agree to the following security measures and responsibilities to ensure compliance
with the requirements of Australian maritime security legislation.
The affixing of the initials of the SSO or OFSO under these columns
indicates that the activity will be done, in accordance with relevant
approved plan, by
Activity The offshore facility: The ship:
Ensuring the performance of all
security duties
Monitoring restricted areas to
ensure that only authorised
personnel have access
Controlling access to offshore
facility
Controlling access to the ship
Monitoring of offshore facility,
including areas surrounding the
ship
Monitoring of the ship, including
berthing areas and areas
surrounding the ship
Handling of cargo
Delivery of ship’s stores
Handling unaccompanied baggage
Controlling the embarkation of
persons and their effects
Ensuring that security
communication is readily
available between the ship and
offshore facility
6
This sample DOS has been adapted from part B, Appendix 1, Pg 99-101 of the ISPS code.
17
<Classification Level>
The signatories to this agreement certify that security measures and arrangements for both the offshore facility
and the ship during the specified activities meet the provisions of Australian maritime security legislation will be
implemented in accordance with the provisions already stipulated in their approved plan(s) or the specific
arrangements agreed to and set out in the attached annex.
Dated at …………………………………… on the ……………………………………
Signed for and on behalf of
the offshore facility: the ship:
(Signature of Offshore Facility Security Officer) (Signature of Master or Ship Security Officer)
Name and title of person who signed
Name: Name:
Title: Title
Contact Details
(to be completed as appropriate)
(indicate the telephone numbers or the radio channels or frequencies to be used)
for the offshore facility: for the ship:
Offshore Facility Master
............................................................................. ..............................................................................
Offshore Facility Security Officer Ship Security Officer
............................................................................. ..............................................................................
Company
..............................................................................
Company Security Officer
..............................................................................
18
<Classification Level>
Attachment 4 – Offshore Facility Security Assessment
The Offshore facility operator must complete a Security Assessment in accordance with the
Regulations and must take into account any documents required by the Secretary.
For further guidance on the requirements of Security Assessments, refer to the Offshore
Facility Security Assessment Guidance Paper available at the DOTARS website:
http://www.dotars.gov.au/transsec/oilandgas/index.aspx.
19
<Classification Level>
Attachment 5 - Security Measures and Procedures
For each of the security measures to be implemented, specific details of the security measure
or procedure should be provided. These details may include the physical and or operational
requirements of each particular security measure and procedure.
For example, if the security measure to be implemented is for additional lighting, then the
offshore security plan would describe where the lighting has been or is to be installed and
what design is to be used.
This section should be used to describe how the particular security measure or procedure will
be carried out. It is entirely appropriate to reference national or international standards
where they exist. Where there is no recognised standard, or the organisation wishes to
implement a different approach, then this section should include an operational description
such that it is clear how the measure or procedure is to be implemented.
Further, where the procedure or measure involves particular qualifications, training or prior
knowledge, this section should be used to describe that knowledge, training or qualifications.
For example, a security measure could be the patrol of an offshore security zone by maritime
security guards. The details should include the particular State or Territory qualifications for
security guards that will be required by the offshore facility operator when hiring them.
20
<Classification Level>
Attachment 6 - Security measures for Offshore Service Providers
Where the offshore service provider agrees to be covered by the offshore facility operator’s
security plan, an Attachment should be provided to identify the specific security measures and
procedures to be implemented.
It is also expected that acceptance of these arrangements is confirmed by way of a written
agreement. A copy of this written agreement should also be provided at this attachment.
21
<Classification Level>
Attachment 7 – Contact details for offshore facility operator
An attachment should be provided outlining contact details for the offshore facility operator
in accordance with the requirements set out in Section 1.4 of the plan.
22
<Classification Level>
ANNEX 1 Offshore Security Incident Report Form
This form is not yet available. Further advice on the reporting of Offshore Facility Security
Incidents will be made available on the DOTARS website at:
http://www.dotars.gov.au/transsec/oilandgas/index.aspx
23
Related docs
