Front Page: Traficom
Front Page: Traficom

Maritime security

Security measures on board ships

The ISPS Code

The purpose of the International Ship and Port Facility Security Code is to enhance the security of ships and port facilities. The Code was prepared by the International Maritime Organization in 2001 and was included in the SOLAS Convention as chapter XI-2 "Special measures to enhance maritime security". Within the EU it has been implemented by Regulation (EC) No 725/2004.


The ISPS Code applies to the following types of ships engaged on international voyages:

  • passenger ships, including high-speed passenger craft;
  • cargo ships, including high-speed craft, of 500 gross tonnage and upwards; and
  • mobile offshore drilling units; and
  • port facilities serving such ships engaged on international voyages.

The Code does not apply to warships, naval auxiliaries or other ships owned or operated by a Contracting Government and used only on Government non-commercial service. 

When a ship complies with the relevant maritime security requirements its security plan is approved by the Competent Authority and an International Ship Security Certificate is issued to the ship. 

Security levels

The objective of the Code is to prevent security incidents affecting ships or port facilities used in international trade.

Security levels are used for risk assessment. 

  • Security level 1 means the level for which minimum appropriate protective security measures shall be maintained at all times. 
  • Security level 2 means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of heightened risk of a security incident. 
  • Security level 3 means the level for which further specific protective security measures shall be maintained for a limited period of time when a security incident is probable or imminent, although it may not be possible to identify the specific target. 

Ship security plan

The Company must carry out a ship security assessment, which it shall document, review, accept and retain. A ship security plan must then be prepared on the basis of the assessment.

Each ship must have a ship security plan. Both the ship security assessment and the ship security plan must be submitted to Traficom, the Competent Authority in charge of approving ship security plans in Finland. 

The plan must be written in the working language or languages of the ship. If the language or languages used is not English, French or Spanish, a translation into one of these languages must be included. 


Traficom inspectors or classication society's (RSO) inspectors carry out an interim verification when the ship security plan is to be introduced. An interim International Ship Security Certificate is issued to the ship after the verification. The certificate is valid for a period of six months.

When the ship has undergone an initial verification, an International Ship Security Certificate is issued. As a rule, the certificate is issued for a period of five years. An intermediate verification takes place between the second and third anniversary date of the certificate and a renewal verification at intervals of five years. 

Traficom's or authorized classification society's (RSO) responsibilities

  • to carry out a security assessment of each ship/a verification of its security plan and to approve it
  • to carry out intermediate verifications
  • to issue an Interim ISSC for a period of six months
  • to carry out an initial verification during the interim period
  • to issue an ISSC for a period of five years.

Ship security verifications are often combined with ISM audits.

Identification of ship security inspectors

For verification of the identity of Traficom inspectors and their authorization to carry out ship security verifications please call +358 50 343 1800.