A.1022(26) Guidelines on the Implementation of the International Safety Management (ISM) Code by Administrations

Resolution A.1022(26)

Adopted on 2 December 2009

(Agenda item 12)

GUIDELINES ON THE IMPLEMENTATION OF THE INTERNATIONAL SAFETY MANAGEMENT (ISM) CODE BY ADMINISTRATIONS

THE ASSEMBLY,

RECALLING Article 15(j) of the Convention on the International Maritime Organization concerning the functions of the Assembly in relation to regulations and guidelines concerning maritime safety and the prevention and control of marine pollution from ships,

RECALLING ALSO resolution A.741(18) by which it adopted the International Management Code for the Safe Operation of Ships and for Pollution Prevention (International Safety Management (ISM) Code),

RECALLING FURTHER resolution A.788(19) by which it adopted the Guidelines on implementation of the International Safety Management (ISM) Code by Administrations,

NOTING that the ISM Code became mandatory, under the provisions of chapter IX of the International Convention for the Safety of Life at Sea (SOLAS), 1974, as amended, for Companies operating certain types of ships, on 1 July 1998; and for Companies operating other cargo ships and mobile offshore drilling units propelled by mechanical means of 500 gross tonnage and upwards, on 1 July 2002,

NOTING ALSO that the Maritime Safety Committee, at its eighty-fifth session, adopted, by resolution MSC.273(85), amendments to the ISM Code,

NOTING FURTHER resolution A.913(22) by which it adopted Revised Guidelines on implementation of the International Safety Management (ISM) Code by Administrations,

RECOGNIZING that an Administration, in establishing that safety standards are being maintained, has a responsibility to ensure that Documents of Compliance and Safety Management Certificates have been issued in accordance with the ISM Code taking into account the aforementioned Guidelines,

RECOGNIZING ALSO that there may be a need for Administrations to enter into agreements in respect of the issue of certificates by other Administrations in compliance with chapter IX of the 1974 SOLAS Convention and in accordance with resolution A.741(18),

RECOGNIZING FURTHER the need for uniform implementation of the ISM Code,

HAVING CONSIDERED the recommendations made by the Maritime Safety Committee, at its eighty-fourth session, and the Marine Environment Protection Committee, at its fifty-ninth session,

1. ADOPTS the "Guidelines on implementation of the International Safety Management (ISM) Code by Administrations", set out in the annex to the present resolution;

2. URGES Governments, when implementing the ISM Code, to adhere to the Guidelines;

3. REQUESTS Governments to inform the Organization of any difficulties they may experience when using the Guidelines;

4. AUTHORIZES the Maritime Safety Committee and the Marine Environment Protection Committee to keep the annexed Guidelines under review and to amend them as necessary;

5. REVOKES resolution A.913(22) with effect from 1 July 2010.

ANNEX

GUIDELINES ON IMPLEMENTATION OF THE INTERNATIONAL SAFETY MANAGEMENT (ISM) CODE BY ADMINISTRATIONS

INTRODUCTION

The ISM Code

The International Management Code for the Safe Operation of Ships and for Pollution Prevention (International Safety Management (ISM) Code) was adopted by the Organization by resolution A.741(18) and became mandatory by virtue of the entry into force on 1 July 1998 of SOLAS chapter IX on Management for the Safe Operation of Ships. The ISM Code provides an international standard for the safe management and operation of ships and for pollution prevention.

The Maritime Safety Committee, at its eighty-fifth session, adopted amendments to sections 1, 5, 7, 8, 9, 10, 12, 13, 14 and the Appendix of the ISM Code by resolution MSC.273(85). As a result it is necessary to revise the Guidelines contained in Assembly resolution A.913(22), which is being superseded by the present Guidelines.

The ISM Code requires that Companies establish safety objectives as described in section 1.2 of the ISM Code, and in addition that the Companies develop, implement and maintain a safety management system which includes functional requirements as listed in section 1.4 of the ISM Code.

The application of the ISM Code should support and encourage the development of a safety culture in shipping. Success factors for the development of a safety culture are, inter alia, commitment, values and beliefs.

Mandatory application of the ISM Code

Appropriate organization of management, ashore and on board, is needed to ensure adequate standards of safety and pollution prevention. A systematic approach to management by those responsible for management of ships is therefore required. The objectives of the mandatory application of the ISM Code are to ensure:

.1 compliance with mandatory rules and regulations related to the safe operation of ships and protection of the environment; and

.2 the effective implementation and enforcement thereof by Administrations.

Effective enforcement by Administrations must include verification that the safety management system complies with the requirements as stipulated in the ISM Code, as well as verification of compliance with mandatory rules and regulations.

The mandatory application of the ISM Code should ensure, support and encourage the taking into account of applicable codes, guidelines and standards recommended by the Organization, Administrations, classification societies and maritime industry organizations.

Verification and certification responsibilities

The Administration is responsible for verifying compliance with the requirements of the ISM Code and for issuing Documents of Compliance to Companies and Safety Management Certificates to ships.

Resolutions A.739(18) - Guidelines for the authorization of organizations acting on behalf of the Administration and A.789(19) – Specifications on the survey and certification functions of recognized organizations acting on behalf of the Administration, which have been made mandatory by virtue of SOLAS regulation XI/1, and resolution A.847(20) – Guidelines to assist flag States in the implementation of IMO instruments, are applicable when Administrations authorize organizations to issue Documents of Compliance and Safety Management Certificates on their behalf.

1 SCOPE AND APPLICATION

1.1 Definitions

The terms used in these Guidelines have the same meaning as those given in the ISM Code.

1.2 Scope and application

1.2.1 These Guidelines establish basic principles:

.1 for verifying that the safety management system of a Company responsible for the operation of ships, or the safety management system for the ship or ships controlled by the Company, complies with the ISM Code; and

.2 for the issue and annual verification of the Document of Compliance and for the issue and intermediate verification of the Safety Management Certificate.

2 VERIFYING COMPLIANCE WITH THE ISM CODE

2.1 General

2.1.1 To comply with the requirements of the ISM Code, Companies should develop, implement and maintain a safety management system to ensure that the safety and environmental protection policy of the Company is implemented. The Company policy should include the objectives defined by the ISM Code.^*

^{________________________________}

^* The ICS/ISF Guidelines on the application of the International Safety Management Code provide useful guidance on important individual elements of a safety management system and its development by Companies.

2.1.2 Administrations should verify compliance with the requirements of the ISM Code by determining:

.1 the conformity of the Company’s safety management system with the requirements of the ISM Code; and

.2 that the safety management system ensures that the objectives defined in paragraph 1.2.3 of the ISM Code are met.

2.1.3 Determining the conformity or non-conformity of safety management system elements with the requirements specified by the ISM Code may demand that criteria for assessment be developed. Administrations are recommended to limit the development of criteria in the form of prescriptive management system solutions. Criteria for assessment in the form of prescriptive requirements may have the effect that safety management in shipping results in Companies implementing solutions prepared by others, and it may then be difficult for a Company to develop the solutions which best suit that particular Company, operation or ship.

2.1.4 Therefore, Administrations are recommended to ensure that these assessments are based on determining the effectiveness of the safety management system in meeting specified objectives, rather than conformity with detailed requirements in addition to those contained in the ISM Code, so as to reduce the need for developing criteria to facilitate assessment of the Companies’ compliance with the Code.

2.2 The ability of the safety management system to meet general safety management objectives

2.2.1 The ISM Code identifies general safety management objectives. These objectives are:

.1 to provide for safe practices in ship operation and a safe working environment;

.2 to assess all identified risks to its ships, personnel and the environment and establish appropriate safeguards; and

.3 to improve continuously the safety-management skills of personnel ashore and aboard, including preparing for emergencies related both to safety and to environmental protection.

The verification should support and encourage Companies in achieving these objectives.

2.2.2 These objectives provide clear guidance to Companies for the development of safety management system elements in compliance with the ISM Code. Since, however, the ability of the safety management system to achieve these objectives cannot be determined beyond whether the safety management system complies with the requirements of the ISM Code, they should not form the basis for establishing detailed interpretations to be used for determining conformity or non-conformity with the requirements of the ISM Code.

2.3 The ability of the safety management system to meet specific requirements of safety and pollution prevention

2.3.1 The main criterion which should govern the development of interpretations needed for assessing compliance with the requirements of the ISM Code should be the ability of the safety management system to meet the specific requirements defined by the ISM Code in terms of specific standards of safety and pollution prevention.

The specific standards of safety and protection of the environment specified by the ISM Code are:

.1 compliance with mandatory rules and regulations; and

.2 that applicable codes, guidelines and standards recommended by the Organization, Administrations, classification societies and other maritime industry organizations are taken into account.

2.3.2 All records having the potential to facilitate verification of compliance with the ISM Code should be open to scrutiny during an examination. For this purpose the Administration should ensure that the Company provides auditors with statutory and classification records relevant to the actions taken by the Company to ensure that compliance with mandatory rules and regulations is maintained. In this regard the records may be examined to substantiate their authenticity and veracity.

2.3.3 Some mandatory requirements may not be subject to statutory or classification surveys, such as:

.1 maintaining the condition of ship and equipment between surveys; and

.2 certain operational requirements.

Specific arrangements may be required to ensure compliance and to provide for the objective evidence needed for verification in these cases, such as:

.1 documented procedures and instructions; and

.2 documentation of the verification carried out by senior officers of day-to-day operation when relevant to ensure compliance.

2.3.4 The verification of compliance with mandatory rules and regulations, which is part of the ISM Code certification, neither duplicates nor substitutes surveys for other maritime certificates. The verification of compliance with the ISM Code does not relieve the Company, the master or any other entity or person involved in the management or operation of the ship of their responsibilities.

2.3.5 Administrations should ensure that the Company has:

.1 taken into account the recommendations, as referred to in 1.2.3.2 of the ISM Code, when establishing the safety management system; and

.2 developed procedures to ensure that these recommendations are implemented on shore and on board.

2.3.6 Within a safety management system, implementation of codes, guidelines and standards recommended by the Organization, Administrations, classification societies and other maritime industry organizations does not make these recommendations mandatory under the ISM Code. Nevertheless auditors should encourage Companies to adopt these recommendations whenever applicable to the Company.

3 THE CERTIFICATION PROCESS

3.1 Certification activities

3.1.1 The certification process relevant to a Document of Compliance for a Company and a Safety Management Certificate to a ship will normally involve the following steps:

.1 initial verification;

.2 annual or intermediate verification;

.3 renewal verification; and

.4 additional verification.

These verifications are carried out at the request of the Company to the Administration, or to the organization recognized by the Administration to perform certification functions under the ISM Code, or at the request of the Administration by another Contracting Government to the Convention.

The verifications will include an audit of the safety management system.

3.2 Initial verification

3.2.1 The Company should apply for ISM Code certification to the Administration.

3.2.2 An assessment of the shoreside management system undertaken by the Administration would necessitate assessment of the offices where such management is carried out and possibly of other locations, depending on the Company’s organization and the functions of the various locations.

3.2.3 On satisfactory completion of the assessment of the shoreside safety management system, arrangements/planning may commence for the assessment of the Company’s ships.

3.2.4 On satisfactory completion of the assessment, a Document of Compliance will be issued to the Company, copies of which should be forwarded to each shoreside premises and each ship in the Company’s fleet. As each ship is assessed and issued with a Safety Management Certificate, a copy of it should also be forwarded to the Company’s head office.

3.2.5 In cases where certificates are issued by a recognized organization, copies of all certificates should also be sent to the Administration.

3.2.6 The safety management audit for the Company and for a ship will involve the same basic steps. The purpose is to verify that a Company or a ship complies with the requirements of the ISM Code. The audits include:

.1 the conformity of the Company’s safety management system with the requirements of the ISM Code, including objective evidence demonstrating that the Company’s safety management system has been in operation for at least three months and that a safety management system has been in operation on board at least one ship of each type operated by the Company for at least three months; and

.2 that the safety management system ensures that the objectives defined in paragraph 1.2.3 of the ISM Code are met. This includes verification that the Document of Compliance for the Company responsible for the operation of the ship is applicable to that particular type of ship, and assessment of the shipboard safety management system to verify that it complies with the requirements of the ISM Code, and that it is implemented. Objective evidence demonstrating that the Company’s safety management system has been functioning effectively for at least three months on board the ship and ashore should be available, including, inter alia, records from the internal audit performed by the Company.

3.3 Annual verification of Document of Compliance

3.3.1 Annual safety management audits are to be carried out to maintain the validity of the Document of Compliance, and should include examining and verifying the correctness of the statutory and classification records presented for at least one ship of each type to which the Document of Compliance applies. The purpose of these audits is to verify the effective functioning of the safety management system, and that any modifications made to the Safety Management System comply with the requirements of the ISM Code.

3.3.2 Annual verification is to be carried out within three months before and after each anniversary date of the Document of Compliance. A schedule not exceeding three months is to be agreed for completion of the necessary corrective actions.

3.3.3 Where the Company has more than one shoreside premises, each of which may not have been visited at the initial assessment, the annual assessments should endeavour to ensure that all sites are visited during the period of validity of the Document of Compliance.

3.4 Intermediate verification of Safety Management Certificates

3.4.1 Intermediate safety management audits should be carried out to maintain the validity of the Safety Management Certificate. The purpose of these audits is to verify the effective functioning of the safety management system and that any modifications made to the safety management system comply with the requirements of the ISM Code. In certain cases, particularly during the initial period of operation under the safety management system, the Administration may find it necessary to increase the frequency of the intermediate verification. Additionally, the nature of non-conformities may also provide a basis for increasing the frequency of intermediate verifications.

3.4.2 If only one intermediate verification is to be carried out, it should take place between the second and third anniversary date of the issue of the Safety Management Certificate.

3.5 Renewal verification

Renewal verifications are to be performed before the validity of the Document of Compliance or the Safety Management Certificate expires. The renewal verification will address all the elements of the safety management system and the activities to which the requirements of the ISM Code apply. Renewal verification may be carried out from three months before the date of expiry of the Document of Compliance or the Safety Management Certificate, and should be completed before their date of expiry.

3.6 Safety management audits

The procedure for safety management audits outlined in the following paragraphs includes all steps relevant for initial verification. Safety management audits for annual verification and renewal verification should be based on the same principles even if their scope may be different.

3.7 Application for audit

3.7.1 The Company should submit a request for audit to the Administration or to the organization recognized by the Administration for issuing a Document of Compliance or a Safety Management Certificate on behalf of the Administration.

3.7.2 The Administration or the recognized organization should then nominate the lead auditor and, if relevant, the audit team.

3.8 Preliminary review (Document review)

As a basis for planning the audit, the auditor should review the safety management manual to determine the adequacy of the safety management system in meeting the requirements of the ISM Code. If this review reveals that the system is not adequate, the audit will have to be delayed until the Company undertakes corrective action.

3.9 Preparing the audit

3.9.1 The nominated lead auditor should liaise with the Company and produce an audit plan.

3.9.2 The auditor should provide the working documents which are to govern the execution of the audit to facilitate the assessments, investigations and examinations in accordance with the standard procedures, instructions and forms which have been established to ensure consistent auditing practices.

3.9.3 The audit team should be able to communicate effectively with auditees.

3.10 Executing the audit

3.10.1 The audit should start with an opening meeting in order to introduce the audit team to the Company’s senior management, summarize the methods for conducting the audit, confirm that all agreed facilities are available, confirm time and date for a closing meeting and clarify possible unclear details relevant to the audit.

3.10.2 The audit team should assess the safety management system on the basis of the documentation presented by the Company and objective evidence as to its effective implementation.

3.10.3 Evidence should be collected through interviews and examination of documents. Observation of activities and conditions may also be included when necessary to determine the effectiveness of the safety management system in meeting the specific standards of safety and protection of the environment required by the ISM Code.

3.10.4 Audit observations should be documented. After activities have been audited, the audit team should review their observations to determine which are to be reported as non-conformities. Non-conformities should be reported in terms of the general and specific provisions of the ISM Code.

3.10.5 At the end of the audit, prior to preparing the audit report, the audit team should hold a meeting with the senior management of the Company and those responsible for the functions concerned. The purpose is to present the observations in such a way as to ensure that the results of the audit are clearly understood.

3.11 Audit report

3.11.1 The audit report should be prepared under the direction of the lead auditor, who is responsible for its accuracy and completeness.

3.11.2 The audit report should include the audit plan, identification of audit team members, dates and identification of the Company, observations on any non-conformities and observations on the effectiveness of the safety management system in meeting the specified objectives.

3.11.3 The Company should receive a copy of the audit report. The Company should be advised to provide a copy of the shipboard audit reports to the ship.

3.12 Corrective action follow-up

3.12.1 The Company is responsible for determining and initiating the corrective action needed to correct a non-conformity or to correct the cause of the non-conformity. Failure to correct non-conformities with specific requirements of the ISM Code may affect the validity of the Document of Compliance and related Safety Management Certificates.

3.12.2 Corrective actions and possible subsequent follow-up audits should be completed within the time period agreed. The Company should apply for the follow-up audits.

3.13 Company responsibilities pertaining to safety management audits

3.13.1 The verification of compliance with the requirements of the ISM Code does not relieve the Company, management, officers or seafarers of their obligations as to compliance with national and international legislation related to safety and protection of the environment.

3.13.2 The Company is responsible for:

.1 informing relevant employees about the objectives and scope of the ISM Code certification;

.2 appointing responsible members of staff to accompany members of the team performing the certification;

.3 providing the resources needed by those performing the certification to ensure an effective and efficient verification process;

.4 providing access and evidential material as requested by those performing the certification; and

.5 cooperating with the verification team to permit the certification objectives to be achieved.

3.13.3 Where major non-conformities are identified, Administrations and recognized organizations (ROs) should comply with the procedures stated in MSC/Circ.1059-MEPC/Circ.401.

3.14 Responsibilities of the organization performing the ISM Code certification

The organization performing the ISM Code certification is responsible for ensuring that the certification process is performed according to the ISM Code and these Guidelines. This includes management control of all aspects of the certification according to the appendix to these Guidelines.

3.15 Responsibilities of the verification team

3.15.1 Whether the verifications involved with certification are performed by a team or not, one person should be in charge of the verification. The leader should be given the authority to make final decisions regarding the conduct of the verification and any observations. His responsibilities should include:

.1 preparation of a plan for the verification; and

.2 submission of the report of the verification.

3.15.2 Personnel participating in the verification are responsible for complying with the requirements governing the verification, ensuring confidentiality of documents pertaining to the certification and treating privileged information with discretion.

APPENDIX

STANDARDS ON ISM CODE CERTIFICATION ARRANGEMENTS

1 INTRODUCTION

The audit team involved with ISM Code certification, and the organization under which it may be managed, should comply with the specific requirements stated in this annex.