10 Steps to Bolster Maritime Cyber Security

QMII President and CEO, Dr. IJ Arora presented the topic “10 Steps to Bolster Maritime Cyber Security” at the Passenger Vessel Association at MariTrends. The presentation was well received and applauded by the packed room. The PVA Annual Convention was held at the Hyatt Regency Long Beach in Long Beach, California this year. The convention featured a variety of captivating sessions with various guest speakers that are leaders in the passenger vessel industry.

Click here for the full presentation.

ISM training

At ISM, we offer a variety of training courses to help you stay ahead of the curve in today’s competitive marketplace. Whether you’re looking for sales training, management training, or customer service training, we have a course for you. Our team of expert trainers has developed customized programs that are designed to meet the needs of your business. We offer both classroom-based and online training, so you can choose the format that best suits your learning style. If you’re ready to take your career to the next level, sign up for one of our training courses today!

What is ISM Training?

The International Space Mission (ISM) training program is designed to provide astronauts with the skills and knowledge necessary to live and work in space. The program includes both classroom instruction and on-the-job training. Classroom instruction covers topics such as space science, orbital mechanics, and spacewalk procedures. On-the-job training includes tasks such as learning how to operate the space station’s life support systems and participating in spacewalks.

What are the benefits of ISM Training?

There are many benefits of ISM training. Perhaps the most obvious benefit is that it can improve your job performance and help you to progress in your career. It can also help you to develop new skills and knowledge, and to broaden your horizons.

ISM training can also be beneficial for your health and wellbeing. It can help you to manage stress, improve your sleep quality, and boost your immune system. Additionally, it can help you to lose weight, get fit, and reduce your risk of developing chronic health conditions such as heart disease and diabetes.

Finally, ISM training can have a positive impact on your personal life. It can help you to build stronger relationships, increase your confidence, and feel more fulfilled in life.

What are the different types of ISM Training?

There are many different types of ISM training available to help you become certified. The most popular type is the online course, which can be found through many different providers. Other types of training include classroom-based instruction, webinars, and self-study courses.

What is the cost of ISM Training?

The cost of ISM training varies depending on the provider, but is typically between $1,000 and $3,000. Some providers offer discounts for groups or corporate training.

How to find an ISM Training provider

There are a few things to consider when searching for an ISM Training provider. One is whether the provider is certified by the International Society of Marketing Professionals (ISM). The other is the provider’s experience in delivering marketing training.

The ISM website has a list of certified providers, which can be searched by country. Each provider’s listing includes information on their certification status and contact details.

It is also worth checking with your local chamber of commerce or business association, as they may be able to recommend a suitable ISM Training provider in your area.

Conclusion

I hope this article on ism training has been helpful in understanding what it is and why you should consider trying it. I have found that the benefits of this type of training are numerous, from improved weight management to increased energy levels. If you are looking for a way to improve your health and well-being, ism training might be an option worth considering.

Implementing Safety Management Systems for Passenger Vessels

PV SMS White Paper – FinalExcerpt below is from White Paper by ‘Implementing Safety Management Systems for Passenger Vessels’ by Dr. Inderjit (IJ) Arora (QMII), Julius Desilva (QMII) and Captain Lee Boone (USCG, Retired). To continue reading the paper click on link in text.

INTRODUCTION

All too often, major accidents are the catalyst for change in the maritime industry. Evidence of this is seen in the development and implementation of maritime conventions and codes in existence today. The International Safety Management (ISM) Code, the result of such a catalyst, was meant to change this reactive nature. The ISM Code intended to promote a safety culture wherein risks are properly considered, work is effectively planned, personal accountability is enhanced, and operations are continually improved.

Unfortunately, this target was missed in many cases and a pervasive by-product called compliance culture set in, wherein the system achieves the minimum and only to satisfy regulators. The maritime industry and regulators learned much from this experience. We know now that if the true value of safety management systems (SMS) is not realized, further implementation efforts become self-defeating. This leads to even more than normal resistance from many who have seen colleagues, shipmates and competitors negatively impacted. A carefully planned implementation strategy expanding the use of safety management systems (SMS) to domestic passenger vessels should therefore be executed to avoid these pitfalls. As Safety Management Systems for domestic passenger vessels are intended in the same way as those for SOLAS1 vessels, we must apply lessons that have been learned from similar regulatory efforts.

In this paper, recommendations are made for implementing SMSs for domestic passenger vessels (PV) based on the concepts of incentives, scalability, and collective use of resources. When implemented in the right way and for the right reasons, the value that SMSs offer passenger vessel owner/operators is maximized, while the cost of implementation is minimized.

BACKGROUND – RESISTANCE TO CHANGE

Looking at the data from the 1980’s to date, one would expect to see a decline in marine casualties starting in 1998 when the ISM code’s first compliance deadline came into effect. Initially the data shows a downward trend for a few years and then a spike starting in 2001. Those resisting change brought about by the ISM code would argue that the code had not delivered any improvements. However, the upward trend peaked in 2008 and has since seen a decline.

When a new management system is put in place, irrespective of industry, the first sign of success albeit non-intuitive, is a spike in accidents, incidents and hazardous occurrences. This leading indicator should be accepted as a positive as it demonstrates that the personnel within the system have started reporting non-conformities that went unreported before. This reporting enables corrective action to be taken in a systematic manner to prevent a similar non-conformity from occurring again.

To continue reading click here.

TSMS Template: Are they worth it

Subchapter M ushered in a new era for the inland water companied within the US in the towing industry. The need for the regulation was driven by the many accidents that occurred on the inland waters of the US owing substandard vessels and incompetent personnel in use. As companies struggle to meet the requirements of the new regulation, those opting for the TSMS option seek documentation templates that will ease the implementation efforts. At first glance these seem the ideal solution and a quick band aid to heal a new wound. However, in the long run companies will find that these templates slowly start failing and the damage they cause can be quite long lasting.

Subchapter M through the regulation seeks to usher in greater safety standards for vessels to enable safer operations as also protection of the marine environment. As with any change there was tremendous push back against the regulation to the extent that it took 10 years to come into force. Companies however are working to a tighter deadline to implement these regulations. As such it is in their best interests to minimize the change needed to enable greater buy-in. Templates will not enable this and will be analogous to fitting a square peg in a round hole.

For a TSMS complaint with subchapter M to work, the company should begin by identifying what is already documented. This documentation should be reviewed to ensure that it accurately captures the As-is of the operations as they are done on board or in the office. Once the system as it exists today is identified it is not time to compare it against the subchapter M regulations and note the gaps. These gaps that can then be filled in with new processes. Whenever new processes are being developed the organization should determine the feasibility of implementing them including the provision of resources.
Subchapter M requires a lot of training to be done but training alone will not enable buy-in from the personnel.

In order for the system to succeed and for all personnel to embrace it, there is a need to keep them involved in the development of the system from the outset. As processes are captured gain their inputs on the challenges they currently face or may potentially face. Based on available recourses identify automation options or engineering controls to reduce the chance of human error.

A TSMS thus developed based on what is done makes it easier for personnel to implement. It results in smaller changes, a well-accepted and thus well implemented system. Subchapter M regulations do not guarantee safe operations. They do however increase the likelihood of safe operations and a willing workforce increases that likelihood.

How to get ISM certified

The ISM Code is the International Code for the safe Operation of Ships and Prevention of Pollution, more popularly knows as the International Safety Management Code. The most recent revision of the code was released in 2018 that provides updates to the Resolutions included as amendments to the code. The ISM Code specifies the methods to attain ISM certification.
The regulations were drafted by IMO in an effort to improve maritime safety and while it has been hailed as a major contributor, it has also led to increased bureaucracy as also increased burden of documentation. As part of the ISM certification scheme there are two certificates needed. One for the company called the Document of Compliance or DoC. This allows the companies to operate vessels under the ISM Code. The DoC is issued by the Flag State, that is the country where the company and its ships are registered. The DoC is issued for each type of vessel that the company operates. This means that it cannot operate a bulk carrier if it only possesses a DoC for a container.
The next certificate under the auspices of the code that is issued is a safety management certificate. This is issued to each ship of the company and in order to get the certificate an audit of the vessel is conducted, and certain criteria needs to be met prior issue of the certificate. The SMC ISM Certification is issued for a period not exceeding five years and where only one intermediate verification is done it should be done within the 2nd and 3rd anniversary of the certification.
The ISM Certification provides validation that both company and ship are operating using a process-based system approach to manage risks and achieve continual improvement. The ISM code is meant to be a preventive tool and asks companies to assess all risks and then take measured to safeguard against them. Responsibilities and authorities are set out for the various entities includes in the ISM process.
Gaining ISM Certification does not guarantee that the ship will be safe or environmental pollution will not occur. It does however provide stakeholder the confidence that non-conformities will be addresses systemically and where an emergency does occur, the company and ship will be prepared to deal with them in the best way possible to mitigate consequences. To be successful it needs active involvement by the leadership and needs them to walk the talk. The system must be built around the users and for the users to enable them to succeed.
To learn more about the ISM Code and ISM certification enroll for QMII’s ISM auditor training.

What are the functional requirements of the ISM code

The ISM Code was ratified and brought into effect to improve the safety of shipping. With this was ushered in new era for the maritime industry. The ISM code was launched with the intent of getting companies to self-regulate and proactively mange risks. Companies that have embraced the ISM Code and not solely viewed it as a paperwork burden have reaped the benefits of the ISM code. Companies with ISM certification that have a well implemented system are able to proactively manage risks and thus able to save costs from saving the costs on dealing with non-conformities.
To gain ISM certification an organization must demonstrate that they have met the intent of the code and inherent in this is meeting the following functional requirements of the ISM code:

• A Safety and Environmental Protection Policy – To attain ISM Certification in the form of a Document of Compliance or Safety Management Certificate for the vessel the company must demonstrate that a policy is in place that shows how the company will meet the safety objectives of the code. It must be implemented at both shore and vessel.
• Instructions and procedures to ensure safe operation of ships and protection of the environment in compliance with relevant international and flag State legislation – These are essentially addressed by implemented SMS documentation meeting the requirements of clause 7 of the ISM code.
• Defined levels of authority and lines of communication between, and amongst, shore and shipboard personnel – The key words of between and amongst in this clause should not be missed. For the system to go beyond ISM certification the processes must work interactively to achieve the goals of the company and personnel must be clear on the expectations of them.
• Procedures for reporting accidents and non-conformities with the provisions of this Code – Identifying and addressing non-conformities plays a crucial role in the success of the system. With effective corrective action companies are able to ensure that the non-conformity does not occur again. This requirement is further amplified in clause 9 of the code.
• Procedures to prepare for and respond to emergency situations – ISM certification includes being able to demonstrate that a company can respond to emergencies at any time. To ensure this a designated person ashore is appointed who is available 24 x 7.
• Procedures for internal audits and management reviews – Internal audits and reviews to assess the effectiveness of the system must be conducted. Apart from the internal audits done by the company the Flag Administration conduct ISM certification audits prior issue of the interim SMC/ DOC as also prior the first full term certificate. Thereafter verifications are conducted at periodic intervals.
To learn more about how to implement and assess the effectiveness of implementation through audit enroll for QMII’s ISM Auditor class.

Can training solve the issue of human error at sea?

Those who have been employed in the maritime industry for even few months will have heard the term that 80% of the accidents incidents at sea can be attribute to human error. The solution for this is often quality maritime training for the personnel involved. However, training is perhaps the most easily reversible corrective action. System experts will even go so far as to say that when something goes wrong do not blame the individual but blame the system. Can it always only be the system fault. Surely human error does play some part.

With the onset of STCW, new rules were ushered in to ensure quality maritime training for all personnel at sea. Similar rules have been extended to those in the inland water towboat industry with the onset of Subchapter M. STCW required maritime training centers to have quality standards systems in place and for flags to provide oversight of the training institutions to ensure quality maritime training was indeed being delivered. So, with such well trained personnel why then do errors still take place?

Safety management system are truly only successful when a just culture for safety exists aboard the vessels. This means there is no fear of repercussion or reprimand for stopping someone performing an unsafe act or to report an unsafe condition. When human error does creep in, it can often be attributed to the dirty dozen of unsafe acts and conditions. When a non-conformity occurs, or a potential non-conformity is identified the corrective action identified must address the root cause(s) of the problem. Poor root causes analysis will lead to quick fixes but no long-term improvement. Identifying the root cause leads to systemic corrective action with solutions perhaps being newly identified competence, mistake proofing of the system, revised procedures and in some case training. However, this time the training is made systemic and so repeated at periodic intervals.

Quality maritime training is only the first step towards ensuring qualified mariners as required by the ISM code but they competent, qualified mariners need to have the support of the system. When human error, operator error, user error and the such are identified over time as root causes it may be possible that it is indeed such, but it may also signify a deeper root cause. Perhaps a poorly managed hiring process, or induction process, or onboard training program. Training may have some role to play in the success of a safety management system and the reduction of human error as a cause of incidents/ accidents. Quality maritime training may be a leading preventive tool, however, only when the issues are treated systemically will long term improvements be gained and safer operations as a result.

Maritime Leadership – Beyond Designated Person Ashore (DPA)

It appears the maritime leadership is limited to the DPA/DP (Designated Person Ashore). The worst is when senior leadership of a company, washes its hands off, of the leadership role, by assuming a DP will do all that needs to be done! The ISM (International Safety Management) Code, in clause 4 defines the role of the DP (designated person).  It is to be remembered that the DP is indeed the link between the company and those on board, to the extent decided by the leadership/ ownership of the maritime company. The DP with clause 4 of the ISM Code has his/ her role defined as the link. However, there is much more to it. There is a kind of upstream and downstream relationship between the safe operations of a vessel, and the leadership exercised by the shipping company. The DP can represent and do his best in meeting objectives if he/she is resourced and supported by the leaders. Maritime leadership is strengthened by the contribution of the DP. This is particularly true when a tragedy occurs, and the crisis management team is called to minimize the aftermath of the tragedy and hands-on dealing with the tragedy. The DP as part of the crisis management team and must play a lead role in providing his/ her experience, expertise to ensure the situation does not worsen. DP should be competent, involved and participate in designing the safe operations of the vessel as also to predict the risks and trends from the available company and industry data and make timely recommendations, to ensure tragedies do not occur. But once they occur the same detailed knowledge has to be used to meticulously plan the response actions.

The leadership of the company, particularly when not from the marine background, should orient itself to matters maritime during good times. It is in normal good times that the relationship of confidence has to build with the DP. Regular access to the TM (top management) of the company by the Designated Person Ashore, makes teamwork smooth in a crisis situation. The leadership working together with DP and the team is able to ensure the company’s safety objectives, environmental policy implementation and functional requirements are met. Regular drills and exercises and analysis of situations ensure that the lessons learnt thereof, are used as input for further planning and resourcing.  Clause 4 of ISM Code is not just a job description basis for the DP, but also an input to the leadership to see where they fit in so that the support when required can be provided in a crisis without delays in a crisis. Building trust is a responsibility both the DP and the organization must build. There is much more to this dynamic leadership role. Meeting the safety, prevention of human injury or loss of life, and avoidance of damage to the environmental objectives of the company given in clause 1.2 of the ISM Code are the DP’s responsibilities. He/ she is the implementer of safety and environmental policy as given in clause 2 of the ISM Code. This however cannot be achieved without resources and support from the company top leadership.

Emergency preparedness is a requirement of the ISM Code. Clause 8 of the ISM Code requires implementation on board, with office support lead by the Designated Person Ashore and resourcing provided by the top management of the company. The DP with his/her team brings the considered opinion as input to the organizational decision-making body. Making preparations for being able to respond to emergency situations at sea needs forethought in appreciating the risks, and preparations in advance. It starts with recognizing the hazardous situations, creating the procedures, conducting drills and exercises, and learning lessons from exercises conducted, other industry inputs, similar occurrences anywhere. Data drives risk appreciation and trend recognition. Managements have to look ahead at possible crisis and be prepared with timely quick response.

Crisis if handling well, requires and brings out clearly that not just competence, but motivation and leadership are all of the utmost importance. As primary consultants in the field of maritime work,  QMII (www.qmii.com ) has worked on crisis management, handling media, and building teams for over 30 plus years now. Our experience shows clearly that a leadership team working with not just the Designated Person Ashore, but all departments in a participatory manner determines the success of addressing a crisis.

Safe operation of ships and prevention of pollution requires dynamic leadership at the company level with the involvement of the DP using the expertise in the ISM Code and SOLAS as also other relevant IMO conventions, as also Flag State advises to formulate robust, well thought out plans for crisis management.  A process-based management system approach is most important. “If an organization can do not describe what they do as a process, then they do not know what they are doing,” it is to be remembered that behind every casualty at sea are many detentions, and behind them indicators like Major NCs (non-conformities) and near misses. The maritime leadership with Designated Person Ashore included must lead to prevent a crisis.

Effectiveness of the ISM Code

The ISM (International Safety Management) Code, in itself, is not a magic wand, that will bring safety or prevent pollution. It depends on the organization on how it implements the Code. Safe operation of ships and the prevention of pollution should have been any organization’s objective. Yet all over the world owners to save money compromise these objectives. Did not the Titanic on April 15, 1912, sink, trying to create a record of crossing the Atlantic, by going North to cut distance, run into the iceberg?

The sinking of the Titanic, with a loss of nearly 1500 passengers and the crew was an eye-opener. It led to the SOLAS (Safety of Life at Sea) convention. Did the negligence and continued operation of ships compromising safety stop with SOLAS? Sadly not. The investigation by Justice Sheen into the sinking of the Herald of Free Enterprise, on March 6, 1987, looked at why SOLAS had not helped prevent the tragedy. It brought out the necessity for a process-based management system, and the SOLAS Chapter IX was updated to authorize the ISM Code. It provides the guidelines for the implementation of a system to ensure the safety of vessels at sea.

The Flag State Administrations whose flag the ships sail under, legitimize the use of the code making it mandatory for internationally trading vessels. If any company is bent upon not implementing it in the spirit of it, then of course the objectives of the code as also the functional requirements will not be met. Owners and Operators of the vessels often look to short term gains wherein they compromise the standards and bypass the rules. They have to understand that behind every casualty at sea are many detentions and behind them indicators like Major NCs (non-conformities) and near misses.

The Flag States who do not strictly inspect and audit vessels to the ISM Code and issue SMC (safety management certificates), are actually, to retain the business of ship owners, jeopardizing the same ships! Even some responsible Flag States, due to shortage of manpower outsource their duties to ROs (recognized organizations), often represented by class societies. This results in diluted control, as an outsourced process needs strict monitoring of the process to ensure the performance is not affected. Not managing an outsourced process is as good as not taking responsibility. Authority can be delegated, bot the responsibility.

NCs (non-conformities) drive correction and CA (corrective action), and as such should be welcome as inputs to ensure continual improvement of the system based on the ISM Code. Yet, there are every day common examples of Masters of ships negotiating to somehow get the auditors to not give NCs. This is because the management ashore is not mature to realize, that keeping the master’s pressurized and performance being judged by NCs reported is creating an environment of fear and hiding of NCs. A good SMS (safety management system) based on the ISM Code, if correctly implemented should welcome NCs. The DP (designated person) should know that the “only bad NC, is the one which the organization does not know about.”

For domestic vessels, and for that matter towing and small vessels, and perhaps in due course of time for domestic passenger vessels, one would think a new standard would be required? Sub Chapter M for the towing industry in the USA, is nothing else but the ISM Code domesticated. The ISM Code is a useful well thought of document which provides strong fundamentals based on hundreds of years of sea experience, loss of life, cargoes, ships, and fortunes. The process-based management system it propagates would systematize operations. However, for an effective management system, the implementers have to be motivated and committed. The Flag States have to be strict and vigilant in their issue of certificates. When they outsource the certification to Ros, they must not wash their hands of their responsibility. The strict monitoring of the ROs by ensuring good clear concise MOUs (memorandums of understanding) with clear provisions to audit the ROs must be put in place. The owners and operators through their organization should put in place a robust internal auditing program that gives the objective inputs on the implementation of the ISM Code.

– by Dr. IJ Arora

ISO 14001-Benefits for Maritime Companies

Environmental accidents in the maritime industry get quick media attention. ISO 14001 does not guarantee that maritime accidents will not happen. It does, however, get organizations to consider their operations from a life cycle perspective of minimizing the impact of their operations on the environment.

The maritime industry has for a while now been governed by the requirements of MARPOL. MARPOL has 6 annexes and as of date all six annexes are in force. The six annexes cover the requirements for prevention of pollution of the marine environment by oil, noxious liquid substances, harmful substances in packaged form, sewage, garbage and air. However, MARPOL does not address the lifecycle operations of the shipping business. From an ISO 14001 perspective this would need to encompass the need for recycling of ships once they are done with their life.

The French Aircraft carrier Clemenceau is a good example of a vessel that faced major issues with being scrapped. Having sailed all the way to Alang, India it was denied entry and had to transit back to French Waters. It was denied access to Alang owing the Asbestos used on the vessel and the potential harm it would have on the scrap workers at Alang. MARPOL also does not address the operations as managed from operations ashore and the environmental impact of the operations of supporting the ships.

ISO 14001 encompasses the entire operations of the company if within scope and encourages organizations to look at all their operations from a lifecycle perspective. This essentially means that when designing office spaces and building ships companies need to start thinking about how they will dispose of waste from the processes in a responsible manner to the environment. Environmental sustainability is a new buzzword and demonstrating commitment to the environment, to stakeholders, through implementation of an internationally recognized standard ISO 14001.

ISO 14001 need not run independent of the existing management system that most maritime companies have conforming to the ISM Code. The requirements of ISO 14001 as with the MARPOL requirements get incorporated into the one management system on which the company operates. ISO 14001 as with other ISO standards is a voluntary standard. As such companies must choose to implement an environmental management system conforming to ISO 14001. Many leading maritime companies have already done so. QMII’s ISO 14001 training is delivered in multiple formats such as executive overviews, internal auditor and lead auditor. The training is also provided in an instructor-led online format and QMII’s instructors, having a maritime background, bring a unique skill set to the class in connecting the requirements of the standard through real life experiences.