А.1071(28) Revised Guidelines on the Implementation of the International Safety Management (ISM) Code by Administrations

Resolution A.1071(28)/Corr.1

Adopted on 4 December 2013

(Agenda item 10)

REVISED GUIDELINES ON THE IMPLEMENTATION OF THE INTERNATIONAL SAFETY MANAGEMENT (ISM) CODE BY ADMINISTRATIONS

THE ASSEMBLY,

RECALLING Article 15(j) of the Convention on the International Maritime Organization concerning the functions of the Assembly in relation to regulations and guidelines concerning maritime safety and the prevention and control of marine pollution from ships,

RECALLING ALSO resolution A.741(18) by which it adopted the International Management Code for the Safe Operation of Ships and for Pollution Prevention (International Safety Management (ISM) Code),

RECALLING FURTHER resolution A.788(19) by which it adopted the Guidelines on implementation of the International Safety Management (ISM) Code by Administrations,

NOTING that the ISM Code became mandatory, under the provisions of chapter IX of the International Convention for the Safety of Life at Sea (SOLAS), 1974, as amended, for companies operating certain types of ships, on 1 July 1998; and for companies operating other cargo ships and mobile offshore drilling units propelled by mechanical means of 500 gross tonnage and upwards, on 1 July 2002,

NOTING ALSO resolution A.1022(26) by which it adopted the Guidelines on the implementation of the International Safety Management (ISM) Code by Administrations,

NOTING FURTHER that the Maritime Safety Committee, at its ninety-second session, adopted, by resolution MSC.353(92), amendments to the ISM Code,

RECOGNIZING that an Administration, in establishing that safety standards are being maintained, has a responsibility to ensure that Documents of Compliance and Safety Management Certificates have been issued in accordance with the ISM Code taking into account the aforementioned Guidelines,

RECOGNIZING ALSO that there may be a need for Administrations to enter into agreements in respect of the issue of certificates by other Administrations in compliance with chapter IX of the 1974 SOLAS Convention and in accordance with resolution A.741(18),

RECOGNIZING FURTHER the need for uniform implementation of the ISM Code,

HAVING CONSIDERED the recommendations made by the Marine Environment Protection Committee, at its sixty-fourth session, and the Maritime Safety Committee, at its ninety-first session,

1 ADOPTS the RevisedGuidelines on implementation of the International Safety Management (ISM) Code by Administrations, as set out in the annex to the present resolution;

2 URGES Governments, when implementing the ISM Code, to adhere to the Revised Guidelines;

3 REQUESTS Governments to inform the Organization of any difficulties they may experience when using the Revised Guidelines;

4 AUTHORIZES the Maritime Safety Committee and the Marine Environment Protection Committee to keep the Revised Guidelines under review and to amend them as necessary;

5 REVOKES resolution A.1022(26) with effect from 1July 2014.

Annex

REVISED GUIDELINES ON THE IMPLEMENTATION OF THE ISM CODE BY ADMINISTRATIONS

Table of contents

1 INTRODUCTION

1.1 The ISM Code

1.2 Mandatory application of the ISM Code

1.3 Verification and certification responsibilities

2 SCOPE AND APPLICATION

2.1 Definitions

2.2 Scope and application

3 VERIFYING COMPLIANCE WITH THE ISM CODE

3.1 General

3.2 Ability of the safety management system to meet general safety management objectives

3.3 Ability of the safety management system to meet specific requirements of safety and pollution prevention

4 CERTIFICATION AND VERIFICATION PROCESS

4.1 Certification and verification activities

4.2 Interim verification

4.3 Initial verification

4.4 Annual verification of Document of Compliance

4.5 Intermediate verification of Safety Management Certificates

4.6 Renewal verification

4.7 Additional verification

4.8 Safety management audits

4.9 Application for audit

4.10 Preliminary review (Document review)

4.11 Preparing the audit

4.12 Executing the audit

4.13 Audit report

4.14 Corrective action follow-up

4.15 Company responsibilities pertaining to safety management audits

4.16 Responsibilities of the organization performing the ISM Code certification

4.17 Responsibilities of the verification team

Appendix – STANDARDS ON ISM CODE CERTIFICATION ARRANGEMENTS

1 INTRODUCTION

2 STANDARD OF MANAGEMENT

3 STANDARDS OF COMPETENCE

3.1 ISM Code certification scheme management

3.2 Basic competence for performing verification

3.3 Competence for initial verification and renewal verification

3.4 Competence for annual, intermediate and interim verification

4 QUALIFICATION ARRANGEMENTS

5 CERTIFICATION PROCEDURES AND INSTRUCTIONS

1 INTRODUCTION

1.1 The ISM Code

1.1.1 The International Management Code for the Safe Operation of Ships and for Pollution Prevention (International Safety Management (ISM) Code) was adopted by the Organization by resolution A.741(18) and became mandatory by virtue of the entry into force, on 1 July 1998, of SOLAS chapter IX on Management for the Safe Operation of Ships. The ISM Code provides an international standard for the safe management and operation of ships and for pollution prevention.

1.1.2 The Maritime Safety Committee, at its ninety-second session held in June 2013, adopted amendments to sections 3, 6, 12 and 14 and footnotes of the ISM Code by resolution MSC.353(92). As a result it was necessary to revise the Guidelines on the implementation of the ISM Code by Administrations (resolution A.1022(26)), which are superseded by these Revised Guidelines.

1.1.3 The ISM Code requires that companies establish safety objectives as described in section 1.2 (Objectives) of the ISM Code and, in addition, that companies develop, implement and maintain a safety management system which includes functional requirements as listed in the Code's section 1.4 (Functional requirements for a safety management system).

1.1.4 The application of the ISM Code should support and encourage the development of a safety culture in shipping. Success factors for the development of a culture that promotes safety and environmental protection are, inter alia, commitment, values, beliefs and clarity of the safety management system.

1.2 Mandatory application of the ISM Code

1.2.1 The appropriate organization of management, ashore and on board, is needed to ensure adequate standards of safety and pollution prevention. A systematic approach to management by those responsible for management of ships is therefore required. The objectives of the mandatory application of the ISM Code are to ensure:

.1 compliance with mandatory rules and regulations related to the safe operation of ships and protection of the environment; and

.2 the effective implementation and enforcement thereof by Administrations.

1.2.2. Effective enforcement by Administrations must include verification that the safety management system complies with the requirements as stipulated in the ISM Code, as well as verification of compliance with mandatory rules and regulations.

1.2.3 The mandatory application of the ISM Code should ensure, support and encourage that applicable codes, guidelines and standards recommended by the Organization, Administrations, classification societies and maritime industry organizations are taken into account.

1.3 Verification and certification responsibilities

1.3.1 The Administration is responsible for verifying compliance with the requirements of the ISM Code and for issuing Documents of Compliance to companies and Safety Management Certificates to ships.

1.3.2 The Guidelines for the authorization of organizations acting on behalf of the Administration (resolution A.739(18)) and the Specifications on the survey and certification functions of recognized organizations acting on behalf of the Administration (resolution A.789(19)), which have been made mandatory by virtue of SOLAS regulation XI/1, and the Guidelines to assist flag States in the implementation of IMO instruments (resolution A.847(20)) are applicable when Administrations authorize organizations to issue Documents of Compliance and Safety Management Certificates on their behalf.

2 SCOPE AND APPLICATION

2.1 Definitions

The terms used in these Revised Guidelines have the same meaning as those given in the ISM Code.

2.2 Scope and application

These Revised Guidelines establish basic principles for:

.1 verifying that the safety management system of a Company responsible for the operation of ships, or the safety management system for the ship or ships controlled by the Company, complies with the ISM Code;

.2 carrying out the interim, initial, annual and renewal verification of the Document of Compliance and the interim, initial, intermediate and renewal verification(s) of the Safety Management Certificate and the issuing/endorsement of corresponding documents; and

.3 the scope of the additional verification.

3 VERIFYING COMPLIANCE WITH THE ISM CODE

3.1 General

3.1.1 To comply with the requirements of the ISM Code, companies should develop, implement and maintain a documented safety management system to ensure that the safety and environmental protection policy of the Company is implemented. The Company policy should include the objectives defined by the ISM Code.

3.1.2 Administrations should verify compliance with the requirements of the ISM Code by determining:

.1 the conformity of the Company's safety management system with the requirements of the ISM Code; and

.2 that the safety management system ensures that the objectives defined in paragraph 1.2.3 of the ISM Code are met.

3.1.3 Determining the conformity or non-conformity of safety management system elements with the requirements specified by the ISM Code may demand that criteria for assessment be developed. Administrations are recommended to limit the development of criteria in the form of prescriptive management system solutions. Criteria for assessment in the form of prescriptive requirements may have the effect that safety management in shipping results in companies implementing solutions prepared by others, and it may then be difficult for a Company to develop the solutions which best suit that particular Company, operation or ship. Therefore, particular operations should be ship specific and fully reflected in manuals, procedures and instructions.

3.1.4 Therefore, Administrations are recommended to ensure that these assessments are based on determining the effectiveness of the safety management system in meeting specified objectives, rather than conformity with detailed requirements in addition to those contained in the ISM Code, so as to reduce the need for developing criteria to facilitate assessment of the companies' compliance with the Code.

3.2 Ability of the safety management system to meet general safety management objectives

The ISM Code identifies general safety management objectives in section 1.2.2. The verification should support and encourage companies in achieving these objectives, which provide clear guidance to companies for the development of safety management system elements in compliance with the ISM Code. However, the ability of the safety management system to achieve these objectives cannot be determined beyond whether the safety management system complies with the requirements of the ISM Code. Therefore, the objectives should not form the basis for establishing detailed interpretations to be used for determining conformity or non-conformity with the requirements of the ISM Code.

3.3 Ability of the safety management system to meet specific requirements of safety and pollution prevention

3.3.1 The main criterion which should govern the development of interpretations needed for assessing compliance with the requirements of the ISM Code should be the ability of the safety management system to meet the specific requirements defined by the ISM Code in terms of specific standards of safety and pollution prevention. The specific standards of safety and protection of the environment are specified in section 1.2.3 of the ISM Code.

3.3.2 All records having the potential to facilitate verification of compliance with the ISM Code should be open to scrutiny during an examination. These may include records from delegated SMS tasks. For this purpose, the Administration should ensure that the Company provides auditors with statutory and classification records relevant to the actions taken by the Company to ensure that compliance with mandatory rules and regulations is maintained. In this regard the records may be examined to substantiate their authenticity and veracity.

3.3.3 Some mandatory requirements may not be subject to statutory or classification surveys, such as:

.1 maintaining the condition of ship and equipment between surveys; and

.2 certain operational requirements.

3.3.4 Specific arrangements may be required to ensure compliance with the ISM Code and to provide the objective evidence needed for verification in these cases, such as:

.1 documented procedures and instructions;

.2 documentation of the verification carried out by senior officers of day-to-day operations when relevant to ensure compliance; and

.3 relevant records of the ships being operated by the Company, e.g. flag State records, port State controls, class and accident reports.

3.3.5 The verification of compliance with mandatory rules and regulations, which is part of the ISM Code certification, neither duplicates nor substitutes surveys for other maritime certificates. The verification of compliance with the ISM Code does not relieve the Company, the master or any other entity or person involved in the management or operation of the ship of their responsibilities.

3.3.6 Administrations should ensure that the Company has:

.1 taken into account the recommendations, as referred to in paragraph 1.2.3.2 of the ISM Code, when establishing and maintaining the safety management system; and

.2 developed procedures to ensure that these recommendations are implemented ashore and on board.

4 CERTIFICATION AND VERIFICATION PROCESS

4.1 Certification and verification activities

4.1.1 The certification process relevant to a Document of Compliance for a Company and to a Safety Management Certificate for a ship will normally involve the following steps:

.1 interim verification;

.2 initial verification;

.3 annual or intermediate verification;

.4 renewal verification; and

.5 additional verification.

4.1.2 These verifications are carried out at the request of the Company to the Administration, or to the organization recognized by the Administration to perform certification functions under the ISM Code, or the verifications are carried out at the request of the Administration by another Contracting Government to the SOLAS Convention. The verifications will include an audit of the safety management system.

4.2 Interim verification

4.2.1 Interim certification may be issued under certain conditions as specified by the ISM Code and should facilitate the implementation of a safety management system.

4.2.2 The Company should apply for interim certification to the Administration.

4.2.3 The process of interim Document of Compliance verification of the management system undertaken by the Administration would require an assessment at the Company's offices in accordance with paragraph 14.1 of the ISM Code.

4.2.4 On satisfactory completion of the assessment of the shoreside safety management system, arrangements/planning may commence for the assessment of applicable ships in the Company's fleet.

4.2.5 The process of interim verification of the ship should be undertaken by the Administration to ensure that the ship is provided with a safety management system, in accordance with paragraph 14.4 of the ISM Code.

4.2.6 On satisfactory completion of the interim verification, an Interim Document of Compliance will be issued to the Company; copies should be made available by the Company to every shoreside premises and each applicable ship in the Company's fleet. As each ship is assessed and issued with an Interim Safety Management Certificate, a copy of the certificate should also be forwarded to the Company's head office.

4.3 Initial verification

4.3.1 The Company should apply for ISM Code certification to the Administration.

4.3.2 An assessment of the shoreside management system undertaken by the Administration would necessitate assessment of the offices where such management is carried out and possibly of other locations which may include delegated safety management system tasks, depending on the Company's organization and the functions at the various locations.

4.3.3 On satisfactory completion of the assessment of the shoreside safety management system, arrangements/planning may commence for the assessment of the Company's ships.

4.3.4 On satisfactory completion of the assessment, a Document of Compliance will be issued to the Company, copies of which should be made available to each shoreside premises and each ship in the Company's fleet. As each ship is assessed and issued with a Safety Management Certificate, a copy of it should also be forwarded to the Company's head office.

4.3.5 In cases where certificates are issued by a recognized organization, copies of all certificates should also be sent to the Administration.

4.3.6 The safety management audit for the Company and for a ship will involve the same basic steps. The purpose is to verify that a Company or a ship complies with the requirements of the ISM Code. The audits include:

.1 verification of the conformity of the Company's safety management system with the requirements of the ISM Code, including objective evidence demonstrating that the Company's safety management system has been in operation for at least three months and that a safety management system has been in operation on board at least one ship of each type operated by the Company for at least three months; and

.2 verification that the safety management system ensures that the objectives defined in paragraph 1.2.3 of the ISM Code are met. This includes verification that the Document of Compliance for the Company responsible for the operation of the ship is applicable to that particular type of ship, and it includes assessment of the shipboard safety management system to verify that it complies with the requirements of the ISM Code and that it is implemented. Objective evidence demonstrating that the Company's safetymanagement system has been functioning effectively for at least three months on board the ship and ashore should be available, including, inter alia, records from the internal audit performed by the Company.

4.4 Annual verification of Document of Compliance

4.4.1 Annual safety management audits are to be carried out to maintain the validity of the Document of Compliance, and should include examining and verifying the correctness of the statutory and classification records presented for at least one ship of each type to which the Document of Compliance applies. The purpose of these audits is to verify the effective functioning of the safety management system, and that any modifications made to the safety management system comply with the requirements of the ISM Code.

4.4.2 Annual verification is to be carried out within three months before and after each anniversary date of the Document of Compliance.

4.4.3 Where the Company has more than one shoreside premises and/or delegates safety management system tasks, the annual assessments should endeavour to ensure that all sites are assessed during the period of validity of the Document of Compliance.

4.4.4 During the annual verification, administrations should verify if the Company is operating all ship types on the Document of Compliance. Appropriate action should be taken if the Company has stopped operating a particular ship type.

4.5 Intermediate verification of Safety Management Certificates

4.5.1 Intermediate safety management audits should be carried out to maintain the validity of the Safety Management Certificate. The purpose of these audits is to verify the effective functioning of the safety management system and that any modifications made to the safety management system comply with the requirements of the ISM Code. In certain cases, particularly during the initial period of operation under the safety management system, the Administration may find it necessary to increase the frequency of the intermediate verification. Additionally, the nature of non-conformities may also provide a basis for increasing the frequency of intermediate verifications.

4.5.2 If only one intermediate verification is to be carried out, it should take place between the second and third anniversary date of the issue of the Safety Management Certificate.

4.6 Renewal verification

Renewal verifications are to be performed before the validity of the Document of Compliance or the Safety Management Certificate expires. The renewal verification will address all the elements of the safety management system and the activities to which the requirements of the ISM Code apply. Renewal verification may be carried out from three months before the date of expiry of the Document of Compliance or the Safety Management Certificate, and should be completed before the date of expiry.

4.7 Additional verification

4.7.1 The Administration may, where there are clear grounds, require an additional verification to check if the safety management system still functions effectively. Additional verifications may be carried out following situations beyond normal procedures such as port State control detentions, or in the case of reactivation after the interruption of the operations due to a period out of service, or in order to verify that effective corrective actions have been taken and/or are being properly implemented. Additional verifications may affect the shore-based organization and/or the shipboard management system. The Administration should determine the scope and depth of the verification, which may vary from case to case. The additional verifications should be completed within the time period agreed, taking into account guidelines developed by the Organization. The Administration should follow up on the results of the verification and take appropriate measures, as necessary.

4.7.2 On satisfactory completion of the shipboard assessment, the Safety Management Certificate should be endorsed for additional verification.

4.8 Safety management audits

The procedure for safety management audits outlined in the following paragraphs includes all steps relevant for initial verification. Safety management audits for the interim, annual, intermediate, additional and renewal verification should be based on the same principles, even if their scope may be different.

4.9 Application for audit

4.9.1 The Company should submit a request for audit to the Administration or to the organization recognized by the Administration for issuing a Document of Compliance or a Safety Management Certificate on behalf of the Administration.

4.9.2 The Administration or the recognized organization should then nominate the lead auditor and, if relevant, the audit team.

4.10 Preliminary review (Document review)

As a basis for planning the audit, the auditor should review the safety management manual to determine the adequacy of the safety management system in meeting the requirements of the ISM Code. If this review reveals that the system is not adequate, the audit will have to be delayed until the Company undertakes corrective action.

4.11 Preparing the audit

4.11.1 The auditor should review the relevant safety performance records of the Company and take them into consideration when preparing the audit plan, for example, flag State records, port State controls, and class and accident reports.

4.11.2 The nominated lead auditor should liaise with the Company and produce an audit plan.

4.11.3 The auditor should provide the working documents which are to govern the execution of the audit in order to facilitate the assessments, investigations and examinations in accordance with the standard procedures, instructions and forms which have been established to ensure consistent auditing practices.

4.11.4 The audit team should be able to communicate effectively with auditees.

4.12 Executing the audit

4.12.1 The audit should start with an opening meeting in order to introduce the audit team to the Company's senior management, summarize the methods for conducting the audit, confirm that all agreed facilities are available, confirm time and date for a closing meeting and clarify possible unclear details relevant to the audit.

4.12.2 The audit team should assess the safety management system on the basis of the documentation presented by the Company, and objective evidence as to its effective implementation.

4.12.3 The objective evidence should be collected through interviews and examination of documents. Observation of activities and conditions may also be included when necessary to determine the effectiveness of the safety management system in meeting the specific standards of safety and protection of the environment required by the ISM Code.

4.12.4 Audit findings should be documented. After activities have been audited, the audit team should review the objective evidence collected. This should then be used to determine what is to be reported as major non-conformities, non-conformities or observations, and should be reported in terms of the general and specific provisions of the ISM Code.

4.12.5 At the end of the audit, prior to preparing the audit report, the audit team should hold a meeting with the senior management of the Company and those responsible for the functions concerned. The purpose is to present the observations in such a way as to ensure that the results of the audit are clearly understood.

4.13 Audit report

4.13.1 The audit report should be prepared under the direction of the lead auditor, who is responsible for its accuracy and completeness.

4.13.2 The audit report should include the audit plan, identification of audit team members, dates and identification of the Company, and observations on any non-conformities and on the effectiveness of the safety management system in meeting the specified objectives.

4.13.3 The Company should receive a copy of the audit report. The Company should be advised to provide a copy of the shipboard audit reports to the ship.

4.14 Corrective action follow-up

4.14.1 The Company is responsible for determining and initiating the corrective action needed to correct a non-conformity or to correct the cause of the non-conformity. Failure to correct non-conformities with specific requirements of the ISM Code may affect the validity of the Document of Compliance and related Safety Management Certificates.

4.14.2 Corrective actions and possible subsequent audits should be completed within the time period agreed. For corrective actions this should not normally exceed three months. The Company should apply for the follow-up audits as agreed.