Scribd
Upload
371 views

Resolution MSC.428 (98) - Maritime Cyber Risk Management in Safety Management Systems

The Maritime Safety Committee adopted Resolution MSC.428(98) to address the urgent need to manage cyber risk threats and vulnerabilities in the maritime industry. The resolution affirms that approved safety management systems should incorporate cyber risk management according to the objectives of the International Safety Management Code. It encourages Administrations to ensure cyber risks are addressed in safety management systems by January 2021. The resolution also acknowledges the confidentiality of some cyber risk information and requests Member States to notify stakeholders.

Uploaded by

Miguel Osuna
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
371 views

Resolution MSC.428 (98) - Maritime Cyber Risk Management in Safety Management Systems

The Maritime Safety Committee adopted Resolution MSC.428(98) to address the urgent need to manage cyber risk threats and vulnerabilities in the maritime industry. The resolution affirms that approved safety management systems should incorporate cyber risk management according to the objectives of the International Safety Management Code. It encourages Administrations to ensure cyber risks are addressed in safety management systems by January 2021. The resolution also acknowledges the confidentiality of some cyber risk information and requests Member States to notify stakeholders.

Uploaded by

Miguel Osuna
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

MSC 98/23/Add.

1
Annex 10, page 1

ANNEX 10

RESOLUTION MSC.428(98)
(adopted on 16 June 2017)

MARITIME CYBER RISK MANAGEMENT IN SAFETY MANAGEMENT SYSTEMS

THE MARITIME SAFETY COMMITTEE,

RECOGNIZING the urgent need to raise awareness on cyber risk threats and vulnerabilities
to support safe and secure shipping, which is operationally resilient to cyber risks,

RECOGNIZING ALSO that Administrations, classification societies, shipowners and ship


operators, ship agents, equipment manufacturers, service providers, ports and port facilities,
and all other maritime industry stakeholders should expedite work towards safeguarding
shipping from current and emerging cyber threats and vulnerabilities,

BEARING IN MIND MSC-FAL.1/Circ.3 on Guidelines on maritime cyber risk management


approved by the Facilitation Committee, at its forty-first session (4 to 7 April 2017), and by the
Maritime Safety Committee, at its ninety-eighth session (7 to 16 June 2017), which provides
high-level recommendations for maritime cyber risk management that can be incorporated into
existing risk management processes and are complementary to the safety and security
management practices established by this Organization,

RECALLING resolution A.741(18) by which the Assembly adopted the International


Management Code for the Safe Operation of Ships and for Pollution Prevention (International
Safety Management (ISM) Code) and recognized, inter alia, the need for appropriate
organization of management to enable it to respond to the need of those on board ships to
achieve and maintain high standards of safety and environmental protection,

NOTING the objectives of the ISM Code which include, inter alia, the provision of safe practices
in ship operation and a safe working environment, the assessment of all identified risks to
ships, personnel and the environment, the establishment of appropriate safeguards, and the
continuous improvement of safety management skills of personnel ashore and aboard ships,

1 AFFIRMS that an approved safety management system should take into account
cyber risk management in accordance with the objectives and functional requirements of
the ISM Code;

2 ENCOURAGES Administrations to ensure that cyber risks are appropriately


addressed in safety management systems no later than the first annual verification of the
company's Document of Compliance after 1 January 2021;

3 ACKNOWLEDGES the necessary precautions that could be needed to preserve the


confidentiality of certain aspects of cyber risk management;

4 REQUESTS Member States to bring this resolution to the attention of all stakeholders.

***

I:\MSC\98\MSC 98-23-Add-1.docx

You might also like