Offshore Oil & Gas
We assist security regulated offshore oil & gas operators with all their requirements under the Maritime Transport and Offshore Facilities Security Act 2003 and the International Ship and Port Facility Security (ISPS) Code.
Our offshore oil and gas security compliance services include:
- All-Hazards security assessments as required under the recent amendments to the Maritime Transport and Offshore Facilities Security Act 2003.
- Drafting and revising offshore provider security plans (“OSPs”).
- Drafting and revising Ship Security Plans (SSPs) and International Ship Security Certificates (ISSCs).
- Security compliance audits for offshore oil and gas facilities, supply bases, and ships.
- Preparation, review, revision and auditing of Maritime Security Identification Card (MSIC) issuing programs.
- Design and facilitation of training, drills, and exercises.
- Advisory services for new facilities, expansion and site developments.
- Annual compliance reviews to support Statement of Compliance submission to CISC.
Are you ready for the changes to the Maritime Transport and Offshore Facilities Security Act 2003?
Australia’s maritime and offshore facility security laws have been significantly updated, bringing new obligations for offshore facilities, ports, port facilities, ships and other operations which are ancillary to port operations. The reforms to the Maritime Transport and Offshore Facilities Security Act 2003 align offshore operations with the security of critical infrastructure requirements and place stronger emphasis on cyber resilience, operational integrity, and governance.
Updates include:
- Cyber Incident Reporting – Strict obligations to report significant cyber incidents within 12 hours and relevant incidents within 72 hours.
- Expanded Security Scope – Security responsibilities now cover both unlawful and operational interference, requiring industry to safeguard against a broader range of risks.
- Relevant Interference – New definitions ensure scalable obligations for protecting the availability, reliability, integrity, and confidentiality of maritime assets and information.
- Mandatory Security Assessments – All Offshore Oil & Gas Security Plans must now include comprehensive, risk-based assessments using an “all hazards” approach, aligned with recognised cyber security frameworks.
- Annual Compliance Statements – Board-approved declarations confirming security programs remain up to date and effective.
- Expanded Inspector Powers – Inspectors can now actively test both physical and cyber systems to expose vulnerabilities.
- Flexible Security Directions – The Secretary can mandate additional security measures in response to evolving threat environments.
- Revised Definitions – Updated definitions of “ports” and “port facilities” expand the boundaries of regulated areas to include critical ancillary infrastructure such as cyber control centres and anchorages.
Overdue for an audit under your Offshore Facility Security Plan?
Are you up to date with your audit requirements?
One of the most common non-compliances issued by CISC is the failure of offshore facility operators to undertake audits in accordance with their Offshore Facility Security Plan.
Avoid a non-compliance and contact us today for an obligation free quote.