Maritime Cyber Baseline covers all vessel classifications and supports a path towards compliance within the IMO Maritime Cyber Risk Management guidelines.
The Maritime Cyber Baseline scheme is supported by the Royal Institution of Naval Architects.
“The Royal Institution of Naval Architects are delighted to be supporting IASME’s new maritime cyber security scheme… We encourage all those involved in the sector to look at IASME Maritime Cyber Baseline as a practical way to reduce the disruptive impact of cyber-attacks.”
Chris Boyd, Chief Executive of The Royal Institution of Naval Architects.
Maritime Cyber Baseline certification will
Reassure your supply chain partners, passengers, flag and port authorities that a vessel has the suitable cyber security controls and processes in place.
Demonstrate your commitment to best-practice security for sea faring vessels as you take steps to align with the IMO Maritime Cyber Risk Management guidelines.
Allow you to demonstrate your compliance through a Maritime Cyber Baseline digital certificate that can be displayed on your vessel and business communications.
How does the scheme work?
The scheme has been developed with maritime experts Infosec Partners and is designed with two stages of assurance:
- Level 1 – Verified assessment = basic level of assurance
- Level 2 – Higher level of assurance (Audited)
The controls that must be put in place onboard a vessel and the requirements to be met are the same for both levels of assurance. But the depth of testing, and therefore the level of assurance provided by certification, is higher for the audited level.
Level 1 – Verified Assessment
The verified assessment requires the applicant to answer a series of questions about the vessel using the IASME secure online portal.
A supervisor at Board Level is required to sign a declaration attesting that the answers to the questions are accurate. The verified assessment is then forwarded to an IASME Maritime Cyber Assessor to assess.
If the organisation reaches the required ‘pass mark’ they are issued with a Level 1 Maritime Cyber Baseline certificate, if an organisation fails this first assessment, they will receive guidance from the Assessor on how to improve the security of the vessel and help the organisation try to achieve certification by allowing a further re-test.
The cost for Level 1 Certification is £750 + VAT.
Level 2 – Audited
The audited stage involves an assessor operating on behalf of one of IASME’s Certification Bodies.
The first stage of the audit is the verified assessment, once this is completed and a pass mark achieved the assessor will use evidence from the verified assessment to assist in the audit of the vessel.
The audit follows a strict schedule to ensure that all vessels are certified to the same criteria and the assessor will make a recommendation to IASME on whether the vessel should pass or fail the certification. IASME’s moderators will review the audit and either agree with the recommendation or request more information to make their decision.
If the vessel passes, it is awarded Maritime Cyber Baseline Level 2 certification which lasts for three years. To maintain certification, the vessel owner/operator must complete and pass an annual verified assessment on the first and second anniversary of the audit to demonstrate their continued compliance.
The cost for level 2 audited certification is £1950 + VAT, which includes the level 1 verified assessment.
Get Support with your assessment
If you require any further assistance, you can get advice from a specialist maritime cyber security expert who is able to help you make the required changes to systems and processes to ensure they meet compliance. Please complete the form below and we will put you in touch with one of our experts.