What is ISPS Shipping? Surcharges & Compliance Explained

Introduction to Maritime Security and the ISPS Code

In the wake of the 9/11 attacks, maritime security emerged as a global priority. To safeguard international trade and prevent security threats at sea, the International Maritime Organization (IMO) introduced the International Ship and Port Facility Security (ISPS) Code. This framework has since become a cornerstone of modern shipping operations, helping protect vessels, cargo, and port facilities from terrorism, piracy, and other risks.

What is ISPS?

ISPS stands for the International Ship and Port Facility Security Code, an international security framework developed by the International Maritime Organization (IMO). Its main purpose is to enhance the safety and protection of ships and port facilities that are involved in international trade. The code outlines mandatory security measures and procedures to prevent threats such as terrorism, smuggling, and unauthorized access—ensuring safer global maritime operations.

Understanding the ISPS Code

The ISPS Code, which stands for the International Ship and Port Facility Security Code, is a comprehensive set of measures designed to enhance the security of ships and port facilities. Adopted by the IMO in December 2002, the ISPS Code came into force on July 1, 2004, as an amendment to the Safety of Life at Sea (SOLAS) Convention.

The primary objectives of the ISPS Code are:

• To establish an international framework for detecting security threats and taking preventive measures against security incidents affecting ships or port facilities used in international trade.
• To define roles and responsibilities for governments, local administrations, ship and port industries at the national and international level.
• To ensure the early and efficient collection and exchange of security-related information.
• To provide a methodology for security assessments to have in place plans and procedures to react to changing security levels.

Key Components of the ISPS Code

The ISPS Code consists of two main parts:

Part A: Mandatory Requirements

The ISPS Code Part A sets out the core security responsibilities that must be followed by all SOLAS-signatory countries, shipping companies, and port authorities. These requirements are legally binding and form the foundation of ship and port facility security worldwide.

ISPS Security Levels and Their Application

The ISPS Code defines the three security levels (1–normal, 2–heightened, 3–exceptional) and the corresponding measures that ships and ports must implement at each level. Each level dictates specific security protocols that ships and ports must adopt to respond proportionally to the perceived threat.

Ship and Port Facility Security Requirements

This component outlines the physical and procedural safeguards that ships and port facilities must implement to prevent unauthorized access and mitigate risks. These include:

• Installation of surveillance equipment (e.g., CCTV)
• Controlled access gates and ID checks
• Clearly marked restricted zones
• Intrusion detection systems
• Secure stowage for dangerous goods
• Lighting, fencing, and monitoring of ship/port perimeters

These requirements ensure that both ships and shore facilities maintain an effective security posture at all times.

Company and Ship Security Officer Responsibilities

The ISPS Code assigns key responsibilities to designated security officers:

• Company Security Officer (CSO): Based ashore, responsible for developing security policies, supporting multiple ships, and coordinating responses to security threats.
• Ship Security Officer (SSO): Operates on the vessel, ensures the Ship Security Plan is implemented, conducts inspections, and manages crew security training.
• Port Facility Security Officer (PFSO): Stationed at the port, maintains the Port Facility Security Plan, oversees physical security, and liaises with incoming ships.

Together, these officers form the operational link between ships, ports, and governments.

ISPS Security Assessments and Plans

Before any ship or port can be certified as ISPS-compliant, a formal security assessment must be conducted. This identifies potential vulnerabilities, evaluates risk scenarios, and forms the basis for customized security planning.

• Ship Security Plan (SSP): A vessel-specific document that outlines procedures, roles, and countermeasures for responding to security threats. Approved by the flag state.
• Port Facility Security Plan (PFSP): Tailored to each port terminal, detailing how it will manage access, monitor threats, and communicate with vessels and authorities.

These plans must be regularly reviewed and updated as threat levels evolve.

Training and Drills

Security is only effective if personnel are properly trained. The ISPS Code requires:

• Regular training for crew and port personnel in security awareness, emergency response, and access control
• Scheduled drills to practice actions under each security level
• Recordkeeping of all training activities for audit and compliance verification

These drills help ensure rapid, coordinated responses to real-world incidents.

Part B: Guidance and Recommendations

While not legally binding, Part B of the ISPS Code provides detailed guidance on how to effectively implement the mandatory requirements outlined in Part A. These recommendations—though technically optional—are widely adopted as industry best practices and often treated as essential by maritime authorities and shipping companies worldwide.

Part B covers critical areas such as:

• Conducting Security Assessments: Offers a structured methodology for identifying vulnerabilities, assessing threat likelihood, and prioritizing risk mitigation measures for ships and port facilities.
• Developing Security Plans: Recommends best practices for formulating comprehensive and operationally effective Ship Security Plans (SSP) and Port Facility Security Plans (PFSP), tailored to each vessel or terminal.
• Declarations of Security (DoS): Provides guidance on when and how to establish a formal Declaration of Security—an agreement between a ship and port facility (or another ship) that outlines respective security responsibilities during a specific port call or operation.
• Recognition and Handling of Security Threats: Advises on recognizing suspicious behavior, unauthorized access attempts, and other potential threats, as well as appropriate escalation and response protocols.

Through these recommendations, Part B enhances the clarity and consistency of global maritime security practices—making it a critical companion to the regulatory framework in Part A.

Implementation of the ISPS Code in Shipping

The implementation of the ISPS Code has had a significant impact on the shipping industry. “ISPS shipping” has become a standard term, reflecting the integration of these security measures into everyday maritime operations. Here’s how the ISPS Code is implemented in shipping:

1. Ship Security Assessment (SSA)

Every ship must undergo a comprehensive security assessment to identify potential vulnerabilities and threats. This assessment forms the basis for developing the Ship Security Plan.

2. Ship Security Plan (SSP)

Based on the SSA, each ship must develop and maintain a Ship Security Plan. This plan outlines the measures to be taken at each security level to protect the ship from security threats.

3. Ship Security Officer (SSO)

Each ship must designate a Ship Security Officer responsible for implementing and maintaining the SSP, conducting regular security inspections, and coordinating with the Company Security Officer and Port Facility Security Officer.

4. Company Security Officer (CSO)

Shipping companies must appoint a Company Security Officer to oversee the security of all vessels in their fleet, ensure compliance with the ISPS Code, and liaise with relevant authorities.

5. Security Levels

The ISPS Code defines three security levels:

Security Level 1 (Normal)

• This is the default level maintained during standard operating conditions. Routine protective measures are in place to deter unauthorized access and monitor activity.
• Examples: General access control, ID checks, routine surveillance, and standard crew vigilance.

Security Level 2 (Heightened)

• Activated when there is a recognized increase in risk. Additional measures are implemented to reinforce security and readiness without disrupting operations.
• Examples: Enhanced screening of personnel and cargo, increased frequency of patrols, tighter access controls, more detailed inspections.

Security Level 3 (Exceptional)

• Implemented when a security threat is likely or imminent. This level calls for exceptional, short-term actions to prevent or respond to specific threats.
• Examples: Temporary suspension of port operations, lockdown of restricted zones, total restriction of access, coordination with national security authorities.

What is an ISPS Charge? Who Needs to Pay for It?

The ISPS Code requires shipping lines and terminal operators to implement strict security procedures—such as onboard access control, surveillance systems, staff training, and compliance planning. These efforts come with ongoing operational costs.

To recover these expenses, companies apply an ISPS surcharge to international ocean shipments. This fee helps cover the cost of complying with the ISPS Code and is often listed separately in freight quotes.

There are two common types of ISPS-related fees:

• Carrier Security Fee (CSF): Charged by the shipping line for onboard and in-transit security measures.
• Terminal Security Charge (TSC): Collected by the port or terminal to support onsite security infrastructure and access control.

These charges are typically included in the total freight cost and must be paid by the party responsible for transportation expenses—whether it’s the shipper or the consignee.

For business or individuals involved in both ocean and air cargo, understanding these security surcharges is essential to managing your logistics budget and staying compliant. If you’re unsure how ISPS charges may impact your shipment, consulting an experienced digital freight management platform like FreightAmigo. Through the Instant Quote platform, users can obtain transparent, all-inclusive freight pricing that clearly outlines ISPS surcharges.

Securing Global Trade with ISPS

The ISPS Code has fundamentally transformed maritime security, establishing a global standard that safeguards vessels, cargo, and port infrastructure. By introducing a structured approach to identifying and mitigating threats, the Code has significantly improved the resilience of international shipping operations. Today, ISPS compliance is not just a regulatory requirement—it’s a cornerstone of responsible and secure global trade.

As the maritime industry continues to adapt to evolving risks and regulatory expectations, the ISPS Code remains essential for maintaining operational integrity and international trust. At FreightAmigo, we are committed to supporting businesses in meeting these security standards. From transparent pricing to expert logistics support, FreightAmigo empowers clients to navigate ISPS requirements with clarity and confidence—ensuring every shipment moves securely and efficiently across borders.

Challenges in Implementing the ISPS Code

While the ISPS Code has significantly improved maritime security, its implementation is not without challenges:

1. Cost of Compliance

Implementing and maintaining ISPS Code compliance can be costly, especially for smaller shipping companies and port facilities. This includes expenses related to security equipment, personnel training, and ongoing assessments.

2. Balancing Security and Efficiency

Stringent security measures can sometimes lead to delays in port operations and shipping schedules. Finding the right balance between thorough security procedures and operational efficiency remains an ongoing challenge.

3. Global Consistency

While the ISPS Code provides a global framework, its interpretation and enforcement can vary between different countries and regions. This inconsistency can create confusion and challenges for international shipping operations.

4. Evolving Threats

Maritime security threats are constantly evolving, including cyber threats and new forms of terrorism. The ISPS Code and related security measures must continually adapt to address these emerging risks.

Frequently Asked Questions about ISPS

What does ISPS stand for?

ISPS stands for the International Ship and Port Facility Security Code. It is a set of security measures developed by the International Maritime Organization (IMO) to enhance the safety of ships and port facilities involved in international trade.

What is the main purpose of the ISPS Code?

The ISPS Code aims to detect and prevent security threats—such as terrorism, piracy, and unauthorized access—by establishing a standardized framework for risk assessment, access control, and emergency response across the maritime sector.

Who is responsible for ISPS compliance?

ISPS compliance is a shared responsibility. Governments, port authorities, shipping companies, and designated security officers (CSO, SSO, PFSO) all play critical roles in implementing and maintaining the required security measures.

How do the ISPS security levels affect operations?

The ISPS Code defines three security levels—normal, heightened, and exceptional. Each level dictates the intensity of security protocols to be applied. As the level increases, so do the measures, ranging from routine checks to full operational lockdowns, depending on the assessed threat.

Conclusion

The ISPS Code has fundamentally transformed the landscape of maritime security, making “ISPS shipping” a standard practice in the industry. By establishing a comprehensive framework for detecting and preventing security threats, the Code has significantly enhanced the safety and security of international maritime trade.

While challenges remain in its implementation, the ISPS Code continues to evolve, adapting to new threats and technological advancements. As the maritime industry moves forward, the principles of the ISPS Code will undoubtedly remain at the core of global efforts to ensure the security of ships, port facilities, and the vital flow of international commerce.

At FreightAmigo, we are committed to supporting our clients in navigating the complexities of international shipping regulations, including ISPS compliance. Our digital logistics platform combines cutting-edge technology with expert support to ensure a secure, efficient, and compliant shipping experience. As the maritime industry continues to evolve, FreightAmigo will remain at the forefront, providing innovative solutions to meet the changing needs of global trade and security.