Division 2.3Security directions

Start here

Get a plain-English read of Division 2.3

Turn the raw legal text into a practical explanation grounded in Maritime Transport and Offshore Facilities Security Regulations 2003.

View in full context

### Division 2.2—Maritime security levels #### 2.25 Notifying maritime security level 2 and 3 declarations and revocations (Act s 32) (1) This regulation applies to notifying declarations, or revocations of declarations, under Division 3 of Part 2 of the Act. (2) The Secretary or port operator must notify a declaration or revocation: (a) orally (for example, by telephone or radio communication); or (b) in writing; or (c) by electronic transmission (for example, by fax or e‑mail). ### Division 2.3—Security directions #### 2.30 Requirement for consultation If it is reasonable and practicable to do so, the Secretary must consult with the following about giving a security direction that relates to the movement of ships within, or in or out of, a security regulated port or in an offshore water‑side zone: (a) maritime industry or offshore industry participants who will be affected by the direction; (b) agencies of the Commonwealth, a State or Territory whose operations in the port will be affected by the direction; (c) persons, other than those mentioned in paragraph (a) or (b), who need to implement, or comply with, the direction. > Note: Examples: For paragraph (c), harbour masters and PSOs. #### 2.35 Giving and communicating security directions (Act s 33(5)) (1) Subject to subsections 35(2) and 38(3) of the Act, the Secretary must give a security direction, or notify a person of the revocation of a security direction under subsection 38(2) of the Act: (a) orally (for example, by telephone or radio communication); or (b) in writing; or (c) by electronic transmission (for example, by fax or e‑mail). > Note: Under subsection 33(4) of the Act, a security direction has no effect until the Secretary commits the direction to writing. (2) Each of the following: (a) a port operator required to communicate a security direction under subsection 35(3) of the Act; (b) an offshore facility operator required to communicate a security direction under subsection 35(8) of the Act; (c) a ship operator required to communicate a security direction under subsection 36(2) of the Act; must do so using any of the means set out in subregulation (1). ## Part 3—Maritime security plans ### Division 3.1—Preliminary #### 3.05 Common requirements for security assessments A security assessment for a maritime security plan must include the following matters: (a) the date when the assessment was completed or reviewed; (b) the scope of the assessment, including assets, infrastructure and operations assessed; (c) a summary of how the assessment was conducted, including details of the risk management process adopted; (d) the skills and experience of the key persons who completed or participated in the assessment. #### 3.10 Common requirements for security plan audits and reviews A maritime security plan for a port operator or port facility operator must set out: (a) a schedule of security plan audits; and (b) the circumstances, in addition to the occurrence of a maritime transport security incident, following which a security plan review must be conducted; and (c) the procedures for conducting a security plan audit, including a process for selecting auditors who are independent of the matters being audited; and (d) the procedures for conducting a security plan review, including a process for consultation during the review. #### 3.11 Common requirements for maps included with maritime security plans (1) A map mentioned in sections 49 or 52A of the Act must be A3 or A4 size, or in an electronic format, and include the following: (a) a title; (b) a linear scale; (c) a north point; (d) a legend; (e) if the map contains map projections—details of the projections; (f) if the maritime security plan to which the map relates details security regulated port boundaries—coordinates to clearly define those boundaries; (g) if the maritime security plan to which the map relates details port security zone boundaries—coordinates to clearly define those boundaries; (h) if inserts are used on the map—a numbered map for each insert corresponding to the number for the insert on the main map; (i) the date the map was produced; (j) the name of the person who created the map. (2) Each map for a maritime security plan must be a separate map. #### 3.12 Protection of maritime security plans A port operator and port facility operator must ensure that the maritime security plan for the operator is protected against unauthorised access, amendment and disclosure. #### 3.15 Port operator to give information A port operator required to have a maritime security plan must give to each port facility operator conducting operations within the security regulated port: (a) the information set out in regulation 3.35 (including contact details for the PSO); and (b) the measures to be used by the port operator to inform persons of the location of maritime security zones established within the boundaries of the security regulated port; and (c) the measures to confirm the identity of persons who are authorised to have access to maritime security zones established within the boundaries of the security regulated port. #### 3.20 Port facility operator to give information (1) A port facility operator required to have a maritime security plan must give to the port operator of the security regulated port: (a) the information set out in regulation 3.100 (including contact details for the PFSO); and (b) the measures to be used by the port facility operator to inform persons of the location of any port security zones established within the boundaries of the port facility; and (c) the measures to confirm the identity of persons who are authorised to have access to the port facility, to ships moored at the facility and to any port security zones established within the boundaries of the port facility. (2) A port facility operator required to have a maritime security plan must also give to the port operator details of the boundaries of the facility. ### Division 3.2—Port operators #### 3.30 General A maritime security plan for a port operator must cover all matters of ship/port interface: (a) that are to be conducted within the security regulated port; and (b) that are not covered by a maritime security plan for any other maritime industry participant that conducts operations within, or in connection with, the security regulated port. #### 3.35 Port operator details (1) A maritime security plan for a port operator must be accompanied by a document setting out the following information: (a) name of the port operator; (b) contact details for the port operator; (c) name of the Chief Executive Officer of the port operator; (d) name of the port for which the port operator has been designated; (e) name of the port’s harbour master; (f) contact details for the harbour master; (g) name or position of the person who is to be the PSO for the port; (h) the contact details for the PSO. (2) A port operator must, within 2 working days after the port operator becomes aware of a change in any of the information given under this regulation, notify the Secretary, in writing, of the change. Penalty: 20 penalty units. (3) An offence against subregulation (2) is an offence of strict liability. #### 3.40 Security assessments In addition to the matters required under regulation 3.05, the security assessment that must be included in a maritime security plan for a port operator must include the following matters: (a) a statement outlining the risk context or threat situation for the port; (b) identification and evaluation of strategically important assets, infrastructure and operations that need to be protected; (c) identification of possible risks or threats to assets, infrastructure and operations, and the likelihood and consequences of their occurrence; (d) identification of existing security measures, procedures and operations; (e) identification of gaps in port‑wide security arrangements, including gaps arising from port infrastructure, human factors, policies and procedures; (f) identification, selection and prioritisation of possible risk treatments (for example, counter‑measures and procedural changes that need to be implemented) and their effectiveness in reducing risk levels and vulnerabilities. #### 3.45 Port security officer qualifications and responsibilities A maritime security plan for a port operator must set out: (a) the knowledge, skills and other requirements for the PSO; and (b) the training or qualifications that satisfy the requirements referred to in paragraph (a); and (c) the training that must be given to the PSO. #### 3.50 Other personnel with security role (1) A maritime security plan for a port operator must identify, by reference to their positions, port personnel with, or who have been assigned, security duties and responsibilities in addition to those of the PSO. (2) The security duties and responsibilities of personnel so identified must be set out in the plan, together with: (a) the knowledge, skills and other requirements for the security‑related aspects of their positions; and (b) the training or qualifications that satisfy the requirements referred to in paragraph (a); and (c) the training that must be given to such personnel. #### 3.55 Matters that must be in plan A maritime security plan for a port operator must address, in addition to the matters required under regulation 3.10, the following matters: (a) measures to prevent unauthorised access to any port security zones established, or ship security zones declared, in the security regulated port; (b) procedures for responding to security threats or breaches of security, including procedures for maintaining critical operations in the port; (c) procedures for responding to any security directions given by the Secretary; (d) procedures for evacuation of the port in case of security threats or breaches of security; (e) procedures for drills and exercises associated with the plan; (f) procedures for interfacing with ship security activities; (g) procedures for modifying the plan to correct deficiencies or to update the plan to take into account changes to the port; (h) procedures for reporting occurrences which threaten the security of the port; (i) measures to ensure the security of the information contained in the plan; (j) procedures in case the ship security alert system of a ship is activated while in the security regulated port. > Note: A maritime security plan for a port operator must be accompanied by a map covering the whole security regulated port and showing the port security zones established within the port (see subsections 49(2) and (3) of the Act and regulation 3.90). #### 3.60 Consultation and communication (1) A maritime security plan for a port operator must set out a mechanism for consultation: (a) between the port operator and each of the maritime industry participants conducting operations within the security regulated port, for the purpose of coordinating their security‑related activities; and (b) between the port operator and its employees (or their representatives) regarding security measures and procedures to be implemented. (2) A maritime security plan for a port operator must set out how the port operator will give notice under subsections 27(2) and 35(4) of the Act. #### 3.65 Maritime security level 1 A maritime security plan for a port operator must set out, in relation to maritime security level 1: (a) the security measures, identified in the security assessment for the operation, for implementation at that level; and (b) the measures that have been implemented; and (c) a schedule for implementing the measures that have not been implemented; and (d) any interim measures that will be implemented until the measures referred to in paragraph (c) are fully implemented. #### 3.70 Maritime security levels 2 and 3 A maritime security plan for a port operator must set out, in relation to maritime security levels 2 and 3, the additional security measures that the operator will implement if the Secretary declares that maritime security level 2 or 3 is in force for the port. #### 3.75 Declarations of security A maritime security plan for a port operator must provide for: (a) the circumstances in which the operator will request a declaration of security with a ship; and (b) the procedures for negotiating the security measures and responsibilities of the operator and of the ship in those circumstances; and (c) how security measures identified in a declaration will be implemented to ensure compliance by the operator and the ship with their security plans and with the declaration. #### 3.77 Land‑side restricted zones (1) If a port operator wishes the Secretary to establish a land‑side restricted zone, the maritime security plan for the port operator must set out: (a) the purpose for the proposed establishment of the zone; and (b) the boundaries of the zone; and (c) if applicable, the period when, or the circumstances in which, the zone is in force; and (d) the security measures and procedures to be taken to control access into the zone by people, vehicles or things; and (e) steps to be taken to inform people that a land‑side restricted zone is in force and that entry into the zone without authority is an offence; and (f) the name or position of the person or persons responsible for the security measures, procedures or steps referred to in paragraphs (d) and (e). (2) A maritime security plan for a port operator must set out security measures and procedures to monitor and control access to land‑side restricted zones, including measures to detect and deter unauthorised access to those zones. #### 3.80 Water‑side restricted zones (1) If a port operator wishes the Secretary to establish a water‑side restricted zone, the maritime security plan for the port operator must set out: (a) the purpose for the proposed establishment of the zone; and (b) the boundaries of the zone; and (c) if applicable, the period when, or the circumstances in which, the zone is in force; and (d) the security measures and procedures to be taken to control access into the zone by people, vessels or things; and (e) steps to be taken to inform people that a water‑side restricted zone is in force and that entry into the zone without authority is an offence; and (f) the name or position of the person or persons responsible for the security measures, procedures or steps referred to in paragraphs (d) and (e). (2) A maritime security plan for a port operator must set out security measures and procedures to monitor and control access to water‑side restricted zones, including measures to detect and deter unauthorised access to those zones. #### 3.85 Ship security zones A maritime security plan for a port operator must set out security measures and procedures to monitor and control access to ship security zones, including measures to detect and deter unauthorised access to those zones. ### Division 3.3—Port facility operators #### 3.100 Port facility operator details A maritime security plan for a port facility operator must be accompanied by a document setting out the following information: (a) name of the port facility operator; (b) contact details for the port facility operator; (c) name of the Chief Executive Officer of the port facility operator; (d) name and location of the port facility; (e) name of the port in which the facility is located; (f) name or position of the person who is to be the PFSO for the facility; (g) the contact details for the PFSO. #### 3.105 Details of PSO of security regulated ports A maritime security plan for a port facility operator must be accompanied by a document setting out the name of, and contact details for, the PSO of the security regulated port in which the facility is located. #### 3.106 Obligation to keep information current (1) A port facility operator must, within 2 working days after the port facility operator becomes aware of a change in any of the information given under regulation 3.100 or 3.105, notify the Secretary, in writing, of the change. Penalty: 20 penalty units. (2) An offence against subregulation (1) is an offence of strict liability. #### 3.110 Security assessments (1) In addition to the matters required under regulation 3.05, a security assessment for a port facility operator’s operation must include the following matters: (a) a statement outlining the risk context or threat situation for the port facility; (b) identification and evaluation of important assets, infrastructure and operations that need to be protected; (c) identification of possible risks or threats to assets, infrastructure and operations, and the likelihood and consequences of their occurrence; (d) identification of existing security measures, procedures and operations; (e) identification of weaknesses (including human factors) in the infrastructure, policies and procedures; (f) identification, selection and prioritisation of possible risk treatments (for example, counter‑measures and procedural changes that need to be implemented) and their effectiveness in reducing risk levels and vulnerabilities. (2) A security assessment for a port facility operator’s operation must consider: (a) the types of ships, and the types of cargoes transported by ships, served by the port facility; and (b) any special risks or threats associated with such ships and cargoes. #### 3.115 PFSO qualifications and responsibilities A maritime security plan for a port facility operator must set out: (a) the knowledge, skills and other requirements for the PFSO; and (b) the training or qualifications that satisfy the requirements referred to in paragraph (a); and (c) the training that must be given to the PFSO. #### 3.120 Other personnel with security role (1) A maritime security plan for a port facility operator must identify, by reference to their positions, port facility personnel with, or who have been assigned, security duties and responsibilities in addition to those of the PFSO. (2) The security duties and responsibilities of personnel so identified must be set out in the plan, together with: (a) the knowledge, skills and other requirements for the security‑related aspects of their positions; and (b) the training or qualifications that satisfy the requirements referred to in paragraph (a); and (c) the training that must be given to such personnel. #### 3.125 Matters that must be in plan (1) A maritime security plan for a port facility operator must address, in addition to the matters required under regulation 3.10, the following matters: (a) measures to prevent unauthorised carriage or possession of weapons or prohibited items in the facility or on board ships being loaded or unloaded at the facility; (b) measures to prevent unauthorised access to the port facility, to ships moored at the facility and to any port security zones established within the boundaries of the port facility; (c) procedures for responding to security threats or breaches of security, including procedures for maintaining critical operations in the port facility or ship/port interface; (d) procedures for responding to any security directions given by the Secretary; (e) procedures for evacuation of the port facility in case of security threats or breaches of security; (f) procedures for drills and exercises associated with the plan; (g) procedures for interfacing with ship security activities; (h) procedures for modifying the plan to correct deficiencies or to update the plan to take into account changes to the port facility; (i) procedures for reporting occurrences which threaten the security of the port facility; (j) measures to ensure the security of the information contained in the plan; (k) measures to ensure security of cargo and of cargo handling equipment at the facility; (l) procedures in case the ship security alert system of a ship is activated while in the security regulated port; (m) procedures for facilitating: (i) shore leave or relief of crew; and (ii) access by visitors (including representatives of seafarers’ welfare and of labour organisations). (2) In determining appropriate measures for paragraphs (1)(a) and (b), the port facility operator must have regard to the special risks or threats associated with the types of ships, and the types of cargoes transported by ships, regularly served by the port facility. > Note: A maritime security plan for a port facility operator must be accompanied by a map showing any port security zones established within the facility (see paragraph 49(2)(a) of the Act and regulation 3.165). #### 3.130 Consultation A maritime security plan for a port facility operator must set out, for the purpose of coordinating security‑related activities, a mechanism for consultation: (a) between the port facility operator and the port operator; and (b) between the port facility operator and any stakeholder who may be affected by the implementation of the plan; and (c) between the port facility operator and its employees (or their representatives) regarding security measures and procedures to be implemented. #### 3.135 Maritime security level 1 A maritime security plan for a port facility operator must set out, in relation to maritime security level 1: (a) the security measures, identified in the security assessment for the operation, for implementation at that level; and (b) the measures that have been implemented; and (c) a schedule for implementing the measures that have not been implemented; and (d) any interim measures that will be implemented until the measures referred to in paragraph (c) are fully implemented. #### 3.140 Maritime security levels 2 and 3 A maritime security plan for a port facility operator must set out, in relation to maritime security levels 2 and 3, the additional security measures that the operator will implement if the Secretary declares that maritime security level 2 or 3 is in force for the port. #### 3.145 Declarations of security A maritime security plan for a port facility operator must provide for: (a) the circumstances in which the operator will request a declaration of security with a ship; and (b) the procedures for negotiating the security measures and responsibilities of the operator and of the ship in those circumstances; and (c) how security measures identified in a declaration will be implemented to ensure compliance by the operator and the ship with their security plans and with the declaration. #### 3.150 Land‑side restricted zones (1) If a port facility operator wishes the Secretary to establish a land‑side restricted zone, the maritime security plan for the port facility operator must set out: (a) the purpose for the proposed establishment of the zone; and (b) the boundaries of the zone; and (c) if applicable, the period when, or the circumstances in which, the zone is in force; and (d) the security measures and procedures to be taken to control access into the zone by people, vehicles or things, (including measures relating to the entry, parking, loading and unloading of vehicles, and the movement and storage of cargo, stores and baggage); and (e) steps to be taken to inform people that a land‑side restricted zone is in force and that entry into the zone without authority is an offence; and (f) the name or position of the person or persons responsible for the security measures, procedures or steps referred to in paragraphs (d) and (e). (2) A maritime security plan for a port facility operator must set out security measures and procedures to monitor and control access to land‑side restricted zones, including measures to detect and deter unauthorised access to those zones. #### 3.155 Cleared zones (1) If a port facility operator wishes the Secretary to establish a cleared zone, the maritime security plan for the port facility operator must set out: (a) the purpose for the proposed establishment of the zone; and (b) the boundaries of the zone; and (c) if applicable, the period when, or the circumstances in which, the zone is in force; and (d) the security measures and procedures to be taken to control access into the zone by people, vehicles or things, (including measures relating to the entry, parking, loading and unloading of vehicles, and the movement and storage of cargo, stores and baggage); and (e) steps to be taken to inform people that a cleared zone is in force and that is an offence to enter the zone without the required screening and clearance; and (f) the name or position of each person responsible for the security measures, procedures or steps referred to in paragraphs (d) and (e). (2) A maritime security plan for a port facility operator must set out measures and procedures to ensure that persons and goods are screened and cleared in accordance with these Regulations before they are allowed to enter and remain in any cleared zone established in the port facility. #### 3.160 Passenger ships (1) If a port facility operator wishes to operate a port facility for use in connection with the loading or unloading of security regulated ships that are passenger ships, the maritime security plan for the port facility operator must set out: (a) procedures for screening and clearing persons and their baggage; and (b) procedures for detecting weapons and prohibited items; and (c) procedures for surrender and dealing with weapons and prohibited items that are detected; and (d) the name or position of the person or persons responsible for the procedures referred to in paragraphs (a), (b) and (c). (1A) Paragraph (1)(a) applies in relation to the loading or unloading of the following: (a) a regulated Australian ship of a kind mentioned in paragraph 16(1)(a) of the Act; (b) a regulated foreign ship of a kind mentioned in subparagraph 17(1)(b)(i) of the Act. (2) If in a port facility there is no screening point through which persons who are required to be screened and cleared to board a security regulated ship must pass, the procedures for screening and clearing persons referred to in paragraph (1)(a) must include procedures for making arrangements, between the port facility operator and the master of a ship that is moored at the facility, for persons to be screened and cleared on board the ship immediately after they board.