Technical Information - Text Version -

Displays the text (first approx. 2,000 characters) of ClassNK Technical Information.
For details, please click Tec No. and refer to the PDF file.

This Technical Information became null and void on 26 Oct 2023.

Application of Cyber Risk Management to U.S. vessels and vessels calling at U.S. ports

Tec No.: TEC- 1217 (2000kb)

Contact:

Issued:16 Nov 2020

Please be informed that the Vessel Cyber Risk Management Work Instruction (CVC-WI-027(1)) was issued by the U.S. Coast Guard on October 27, 2020.

According to this WI, the USCG expects that all companies with U.S. flagged vessels and foreign flagged vessels that call on ports in the U.S. should ensure cyber risk management is appropriately addressed in their SMS.

If objective evidence is identified indicating that the foreign flagged vessel that calls on ports in the U.S. failed to implement its SMS with respect to cyber risk management, the following actions should be directed by the PSCO:
1) If cyber risk management has not been incorporated into the vessel's SMS by the company's first annual verification of the DOC after January 1, 2021, a deficiency should be issued with action code 30 - Ship Detained.
2) When objective evidence indicates that the vessel failed to implement its SMS with respect to cyber risk management, a deficiency for both the operational deficiency and an ISM deficiency should be issued with an action code 17 - Rectify Prior to Departure or an action code 30 - Ship Detained depending on its seriousness.

On the other hand, the IMO Resolution MSC.428(98) Maritime Cyber Risk Management in Safety Management Systems, adopted on June 16, 2017, contains requirements for cyber risk. Since this resolution is non-mandatory, the necessity of its application is at the request of each flag state, however, this WI applies to all vessels that call on ports in the U.S. regardless of the ship's flag.

For details, please refer to the attached Vessel Cyber Risk Management Work Instruction (CVC-WI-027 (1)).

(To be continued)