1 INTRODUCTION
1.1 The ISM Code
1.1.1 The International Management Code for the Safe Operation of Ships and
for Pollution Prevention (International Safety Management (ISM) Code) was adopted by the
Organization by resolution A.741(18) and became mandatory by virtue of the entry
into force, on 1 July 1998, of SOLAS chapter
IX on Management for the safe operation of ships. The ISM Code
provides an international standard for the safe management and operation of ships and
for pollution prevention.
1.1.2 The ISM Code requires that companies establish safety objectives as
described in section
1.2 (Objectives) of the ISM Code
and, in addition, that companies develop, implement and maintain a safety management
system which includes functional requirements as listed in section 1.4
(Functional requirements for a safety management system (SMS)) of the Code.
1.1.3 The application of the ISM Code
should support and encourage the development of a safety culture in shipping. Success
factors for the development of a culture that promotes safety and environmental
protection are, inter alia, commitment, values, beliefs, and clarity of the safety
management system.
1.2 Mandatory application of the ISM Code
1.2.1 The appropriate organization of management, ashore and on board, is
needed to ensure adequate standards of safety and pollution prevention. A systematic
approach to management by those responsible for management of ships is therefore
required. The objectives of the mandatory application of the ISM Code are
to ensure:
-
.1 compliance with mandatory rules and regulations related to the safe
operation of ships and protection of the environment; and
-
.2 the effective implementation and enforcement thereof by
Administrations.
1.2.2. Effective enforcement by Administrations must include verification
that the safety management system complies with the requirements as stipulated in the
ISM
Code, as well as verification of compliance with mandatory rules and
regulations.
1.2.3 The mandatory application of the ISM Code
should ensure, support and encourage the taking into account of applicable codes,
guidelines and standards recommended by IMO, Administrations, classification societies
and maritime industry organizations.
1.3 Verification and certification responsibilities
1.3.1 The Administration is responsible for verifying compliance with the
requirements of the ISM Code and for issuing Documents of Compliance to companies and
Safety Management Certificates to ships.
1.3.2 The Guidelines for the authorization of organizations acting on
behalf of the Administration (resolution A.739(18)) and the Specifications on the survey and
certification functions of recognized organizations acting on behalf of the
Administration (resolution A.789(19)), which have been made mandatory by virtue
of SOLAS regulation
XI-1/1, and the IMO Instruments Implementation Code (III Code), as adopted by
the Organization by resolution A.1070(28), the use of which has been made mandatory by virtue of
SOLAS regulation
XIII/2, are applicable when Administrations authorize organizations to issue
Documents of Compliance and Safety Management Certificates on their behalf.
3 VERIFYING COMPLIANCE WITH THE
ISM
CODE
3.1 General
3.1.1 To comply with the requirements of the ISM Code,
companies should develop, implement and maintain a documented safety management system
to ensure that the safety and environmental protection policy of the company is
implemented. The company policy should include the objectives defined by the ISM Code.
3.1.2 Administrations should verify compliance with the requirements of the
ISM
Code by determining:
-
.1 the conformity of the company's safety management system with the
requirements of the ISM Code; and
-
.2 that the safety management system ensures that the objectives
defined in paragraph 1.2.3 of the ISM Code are met.
3.1.3 Determining the conformity or non-conformity of safety management
system elements with the requirements specified by the ISM Code may
demand that criteria for assessment be developed. Administrations are recommended to
limit the development of criteria in the form of prescriptive management system
solutions. Criteria for assessment in the form of prescriptive requirements may have the
effect that safety management in shipping results in companies implementing solutions
prepared by others and it may then be difficult for a company to develop the solutions
which best suit that particular company, operation or ship. Therefore, particular
operations should be ship-specific and fully reflected in manuals, procedures and
instructions.
3.1.4 Therefore, Administrations are recommended to ensure that these
assessments are based on determining the effectiveness of the safety management system
in meeting specified objectives, rather than conformity with detailed requirements in
addition to those contained in the ISM Code, so as to reduce the need for developing
criteria to facilitate assessment of companies' compliance with the Code.
3.2 Ability of the safety management system to meet general safety
management objectives
The ISM Code identifies general safety management objectives in paragraph 1.2.2.
The verification should support and encourage companies in achieving these objectives,
which provide clear guidance to companies for the development of safety management
system elements in compliance with the ISM Code.
However, the ability of the safety management system to achieve these objectives cannot
be determined beyond whether the safety management system complies with the requirements
of the ISM
Code. Therefore, the objectives should not form the basis for establishing
detailed interpretations to be used for determining conformity or non-conformity with
the requirements of the ISM Code.
3.3 Ability of the safety management system to meet specific
requirements of safety and pollution prevention
3.3.1 The main criterion that should govern the development of
interpretations needed for assessing compliance with the requirements of the ISM Code
should be the ability of the safety management system to meet the specific requirements
defined by the ISM Code in terms of specific standards of safety and pollution prevention.
The specific standards of safety and protection of the environment are specified in
paragraph
1.2.3 of the ISM Code.
3.3.2 All records having the potential to facilitate verification of
compliance with the ISM Code should be open to scrutiny during an examination. These
may include records from delegated SMS tasks. For this purpose, the Administration
should ensure that the company provides auditors with statutory and classification
records relevant to the actions taken by the company to ensure that compliance with
mandatory rules and regulations is maintained. In this regard, the records may be
examined to substantiate their authenticity and veracity.
3.3.3 Some mandatory requirements may not be subject to statutory or
classification surveys, such as:
3.3.4 Specific arrangements, such as the following, may be required to
ensure compliance with the ISM Code and to provide the objective evidence needed for
verification in the above-mentioned cases:
-
.1 documented procedures and instructions;
-
.2 documentation of the verification carried out by senior officers of
day-to-day operations when relevant to ensure compliance; and
-
.3 relevant records of the ships being operated by the company, e.g.
flag State records, port State control reports, class and accident reports.
3.3.5 The verification of compliance with mandatory rules and regulations,
which is part of the ISM Code certification, neither duplicates nor substitutes
surveys for other maritime certificates. The verification of compliance with the ISM Code
does not relieve the company, the master or any other entity or person involved in the
management or operation of the ship of their responsibilities.
3.3.6 Administrations should ensure that the company has:
-
.1 taken into account the recommendations, as referred to in paragraph
1.2.3.2 of the ISM Code, when establishing and maintaining the safety
management system; and
-
.2 developed procedures to ensure that those recommendations are
implemented ashore and on board.
4 CERTIFICATION AND VERIFICATION
PROCESS
4.1 Certification and verification activities
4.1.1 The certification process relevant to a Document of Compliance for a
company and to a Safety Management Certificate for a ship will normally involve the
following steps:
-
.1 interim verification;
-
.2 initial verification;
-
.3 annual or intermediate verification;
-
.4 renewal verification; and
-
.5 additional verification.
4.1.2 These verifications are carried out, at the request of the company,
by the Administration or the organization recognized by the Administration to perform
certification functions under the ISM Code,
or, at the request of the Administration, by another Contracting Government to the SOLAS
Convention. The verifications will include an audit of the safety management
system.
4.2 Interim verification
4.2.1 Interim certification may be issued under certain conditions, as
specified by the ISM Code, and should facilitate the implementation of a safety management
system.
4.2.2 The company should apply for interim certification to the
Administration.
4.2.3 The process of interim verification for the issuance of an Interim
Document of Compliance undertaken by the Administration would require an assessment at
the company's offices in accordance with paragraph 14.1 of
the ISM Code.
4.2.4 On satisfactory completion of the assessment of the shoreside safety
management system, arrangements/planning may commence for the assessment of applicable
ships in the company's fleet.
4.2.5 The process of interim verification of the ship should be undertaken
by the Administration to ensure that the ship is provided with a safety management
system, in accordance with paragraph 14.4 of the ISM Code.
4.2.6 On satisfactory completion of the interim verification, an Interim
Document of Compliance will be issued to the company; copies should be made available by
the company to each shoreside premises and each applicable ship in the company's fleet.
As each ship is assessed and issued with an Interim Safety Management Certificate, a
copy of the certificate should also be forwarded to the company's head office.
4.3 Initial verification
4.3.1 The company should apply to the Administration for ISM Code
certification.
4.3.2 An assessment of the shoreside management system undertaken by the
Administration would necessitate assessment of the offices where such management is
carried out and possibly of other locations that may perform delegated safety management
system tasks, depending on the company's organization and the functions at the various
locations.
4.3.3 On satisfactory completion of the assessment of the shoreside safety
management system, arrangements/planning may commence for the assessment of the
company's ships.
4.3.4 On satisfactory completion of the assessment, a Document of
Compliance will be issued to the company, copies of which should be made available to
each shoreside premises and each ship in the company's fleet. As each ship is assessed
and issued with a Safety Management Certificate, a copy of that certificate should also
be forwarded to the company's head office.
4.3.5 In cases where certificates are issued by a recognized organization,
copies of all certificates should also be sent to the Administration.
4.3.6 The safety management audit for the company and for a ship will
involve the same basic steps. The purpose is to verify that a company or a ship complies
with the requirements of the ISM Code. The audits include:
-
.1 verification of the conformity of the company's safety management
system with the requirements of the ISM
Code, including objective evidence demonstrating that the company's
safety management system has been in operation for at least three months and that
the safety management system has been in operation on board at least one ship of
each type operated by the company for at least three months; and
-
.2 verification that the safety management system ensures that the
objectives defined in paragraph 1.2.3 of the ISM Code are met. This includes
verification that the Document of Compliance for the company responsible for the
operation of the ship is applicable to that particular type of ship, and also
includes assessment of the shipboard safety management system to verify that it
complies with the requirements of theISM
Code and that it is implemented. Objective evidence demonstrating that
the company's safety management system has been functioning effectively for at
least three months on board the ship and ashore should be available, including
records from the internal audit performed by the company.
4.4 Annual verification of Document of Compliance
4.4.1 Annual safety management audits are to be carried out to maintain the
validity of the Document of Compliance and should include examining and verifying the
correctness of the statutory and classification records presented for at least one ship
of each type to which the Document of Compliance applies. The annual verification will
address all the elements of the safety management system and the activities to which the
requirements of the ISM Code apply. The purpose of these audits is to verify that the
safety management system is functioning effectively and that any modifications made to
the safety management system comply with the requirements of the ISM
Code.
4.4.2 Annual verification is to be carried out within three months before
or after each anniversary date of the Document of Compliance.
4.4.3 Where the company has more than one shoreside premises and/or the
company delegates safety management system tasks, the annual assessments should
endeavour to ensure that all sites are assessed during the period of validity of the
Document of Compliance.
4.4.4 During the annual verification, Administrations should verify whether
the company is operating all the ship types stated on the Document of Compliance.
Appropriate action should be taken if the company has stopped operating a particular
ship type.
4.5 Intermediate verification of Safety Management Certificates
4.5.1 Intermediate safety management audits should be carried out to
maintain the validity of the Safety Management Certificate. The intermediate
verification will address all the elements of the safety management system and the
activities to which the requirements of the ISM Code
apply. The purpose of these audits is to verify that the safety management system is
functioning effectively and that any modifications made to the safety management system
comply with the requirements of the ISM Code. In
certain cases, particularly during the initial period of operation under the safety
management system, the Administration may find it necessary to increase the frequency of
the intermediate verification. Additionally, the nature of non-conformities may also
provide a basis for increasing the frequency of intermediate verifications.
4.5.2 If only one intermediate verification is to be carried out, it should
take place between the second and third anniversary date of the issue of the Safety
Management Certificate.
4.6 Renewal verification
Renewal verifications are to be performed before the validity of the
Document of Compliance or the Safety Management Certificate expires. The renewal
verification will address all the elements of the safety management system and the
activities to which the requirements of the ISM Code
apply. Renewal verification may be carried out within three months before the date of
expiry of the Document of Compliance or the Safety Management Certificate, and should be
completed before the date of expiry.
4.7 Additional verification
4.7.1 The Administration may, where there are clear grounds, require an
additional verification to check if the safety management system still functions
effectively. Additional verifications may be carried out following situations beyond
normal procedures such as port State control detentions, or in the case of reactivation
after the interruption of operations due to a period out of service, or in order to
verify that effective corrective actions have been taken and/or are being properly
implemented. Additional verifications may affect the shore-based organization and/or the
shipboard management system. The Administration should determine the scope and depth of
the verification, which may vary from case to case. The additional verifications should
be completed within the time period agreed, taking into account the guidelines developed
by IMO. The Administration should follow up on the results of the verification and take
appropriate measures, as necessary.
4.7.2 On satisfactory completion of the shipboard assessment, the Safety
Management Certificate should be endorsed for additional verification.
4.8 Safety management audits
The procedure for safety management audits outlined in the following
paragraphs includes all steps relevant for all verifications, even if the scope of the
audits for interim and additional verification may be different from that of the audits
for initial, annual, intermediate and renewal verification.
4.9 Application for audit
4.9.1 The company should submit a request for audit to the Administration
or to the organization recognized by the Administration for issuing a Document of
Compliance or a Safety Management Certificate on behalf of the Administration.
4.9.2 The Administration or the recognized organization should then nominate
the lead auditor and, if relevant, the audit team.
4.10 Preliminary review (Document review)
As a basis for planning the audit, the auditor should review the safety
management manual to determine the adequacy of the safety management system in meeting
the requirements of the ISM Code. If this review reveals that the system is not adequate,
the audit will have to be delayed until the company undertakes corrective action.
4.11 Preparing the audit
4.11.1 The auditor should review the relevant safety performance records of
the company, for example flag State records, port State control reports and class and
accident reports, and take them into consideration when preparing the audit plan.
4.11.2 The nominated lead auditor should liaise with the company and produce
an audit plan.
4.11.3 The auditor should provide the working documents that are to govern
the audit with a view to facilitating the assessments, investigations and examinations
in accordance with the standard procedures, instructions and forms that have been
established to ensure consistent auditing practices.
4.11.4 The audit team should be able to communicate effectively with
auditees.
4.12 Executing the audit
4.12.1 The audit should start with an opening meeting to introduce the audit
team to the company's senior management, summarize the methods for conducting the audit,
confirm that all agreed facilities are available, confirm the time and date for a
closing meeting and clarify any unclear details concerning the audit.
4.12.2 The audit team should assess the safety management system on the
basis both of the documentation presented by the company and of objective evidence of
the effectiveness of its implementation.
4.12.3 The objective evidence should be collected through interviews and
through the examination of documents. Observation of activities and conditions may also
be included, where necessary, to determine the effectiveness of the safety management
system in meeting the specific standards of safety and protection of the environment
required by the ISM Code.
4.12.4 Audit findings should be documented. After activities have been
audited, the audit team should review the objective evidence collected. This should then
be used to determine what is to be reported as major non-conformities, non-conformities
or observations, which should be done in terms of the general and specific provisions of
the ISM
Code.
4.12.5 At the end of the audit, prior to preparing the audit report, the
audit team should hold a meeting with the senior management of the company and those
responsible for the functions concerned. The purpose is to present the observations in
such a way as to ensure that the results of the audit are clearly understood.
4.13 Audit report
4.13.1 The audit report should be prepared under the direction of the lead
auditor, who is responsible for its accuracy and completeness.
4.13.2 The audit report should include the audit plan, identification of
audit team members, dates and identification of the company, and observations on any
non-conformities and on the effectiveness of the safety management system in meeting the
specified objectives.
4.13.3 The company should receive a copy of the audit report. The company
should be advised to provide the ship with a copy of the shipboard audit reports.
4.14 Corrective action follow-up
4.14.1 The company is responsible for determining and initiating the
corrective action needed to correct a non-conformity or to correct the cause of a
non-conformity. Failure to correct non-conformities with specific requirements of the
ISM
Code may affect the validity of the Document of Compliance and related Safety
Management Certificates.
4.14.2 Corrective actions and any subsequent audits should be completed
within the time period agreed. For corrective actions this should not normally exceed
three months. The company should apply for the follow-up audits as agreed.
4.14.3 Failure to take adequate corrective actions in compliance with the
ISM
Code, including measures to prevent recurrence, may be considered as a major
non-conformity.
4.15 Company responsibilities pertaining to safety management audits
4.15.1 The verification of compliance with the ISM Code
does not relieve the company, management, those undertaking delegated safety management
system tasks, officers or seafarers of their obligations to comply with national and
international legislation related to safety and protection of the environment.
4.15.2 The company is responsible for:
-
.1 informing relevant employees and those undertaking delegated
safety management system tasks about the objectives and scope of the ISM
Code certification;
-
.2 appointing responsible members of staff to accompany members of the
team performing the certification;
-
.3 providing the resources needed by those performing the
certification to ensure an effective and efficient verification process;
-
.4 providing access and evidential material as requested by those
performing the certification; and
-
.5 cooperating with the verification team to enable the certification
objectives to be achieved.
4.15.3 Where major non-conformities are identified, Administrations and
recognized organizations should comply with the procedures stated in the Procedures
concerning observed ISM Code major non-conformities (MSC/Circ.1059-MEPC/Circ.401).
4.16 Responsibilities of the organization performing the ISM Code
certification
The organization performing the ISM Code
certification is responsible for ensuring that the verification and certification
process is performed according to the ISM Code and
these revised guidelines. This includes management control of all aspects of the
certification in accordance with the appendix to these revised guidelines.
4.17 Responsibilities of the verification team
4.17.1 Whether or not the verifications involved with certification are
performed by a team, one person should be in charge of the verification. The leader
should be given the authority to make final decisions regarding the conduct of the
verification and any observations. His or her responsibilities should include:
4.17.2 Personnel participating in the verification are responsible for
complying with the requirements governing the verification, ensuring confidentiality of
documents pertaining to the certification and treating privileged information with
discretion.