A maritime transit risk assessment is a thorough analysis and subsequent mitigation of physical security threats that may be faced by the vessel and crew. This should include:
  • Regular review of the threat and risk assessments 
  • Review of the Ship Security Assessment (SSA), Ship Security Plan (SSP) and Vessel
  • Hardening Plan (VHP).
  • Guidance to the Master about the recommended route, updated plans and requirements for group transits and national convoys.
  • Company mandated Ship Protection Measures (SPM).
  • Due diligence of Private Maritime Security Companies (PMSCs) for the possible use of PCASP. 
  • Companies should consider the placement of hidden position transmitting devices as one of the first actions of hijackers is to disable all visible communication and tracking devices and aerials
  • Review of company manning requirements. Consider disembarking of non-essential crew.
  • Crew training plans
  • Information security
Transit Risk - Learn More
Cotonou Incident

What does BMP not cover?



The guidance given in BMP provide an essential tool-set that form a foundation of security for ships and operators.  Like all tools, the skills required to get the most out of them are learnt over time and enhanced with knowledge and experience.

  • The essence of the planning process is having the most relevant and up to date security information from which to launch the voyage plan in a high risk areas. 
  • The formal bounds of internationally recognised risk areas may not be up to date.
  • Perception is often different from truth .
  • Risks appetites vary from one organisation or owner to another- what is yours?

Cyber Risk is Physical Risk

Physical security threats ere easier  to conceive than those we can not see or feel. 

One of the key areas that is often overlooked is cyber security to avoid critical voyage information falling into the wrong hands ad compromising the ships physical security. BMP5 makes the following recommendations:

  • Communications with external parties should be kept to a minimum, with close attention paid to organising rendezvous points and waiting positions.  
  • Email correspondence to agents, charterers and chandlers should be controlled and information within the email kept concise, containing the minimum that is contractually required. 

Financial Risks

BMP does not cover the very serious implications of breaches to supply chain communications that can result in very significant financial losses.  Infiltration attempts are targeted within the supply chain to facilitate invoice frauds that are costing the industry $Ms a year.  

Unfortunately the nature of these crimes is that business do not readily reveal if they have been a victim. Colosal losses at the tip of the iceberg become known eventually but not the thousands of smaller ones that affect hundreds of businesses a month. Are you one of them?

Rapidly Evolving - do you have the expertise?

Cyber threats have a huge advantage over conventional physical threat because they can evolve extremely fast. 

Unless you benefit from a dedicated (and well resourced) security team within your organisation it is likely that you do not have the ability to respond to the threat placing your business at physical and financial risk.

With our dedicated cyber partners we monitor the deep and dark web for malicious emails targeting shipping and make this available to our subscribers.


Sign up for Cyber Threat Notifications

Ship Master’s Planning Process

Additional Considerations:

  • Communication devices and the Ship Security Alert System (SSAS) should be tested.
  • The IMO requires AIS use by all vessels >500GT, for any vessel >300GT that is on an “international voyage” and for all passenger vessels: IMO Revised Guidelines for the Onboard Operation Use of Shipborne AIS – A.1106(29) 22 AIS should always be in operation when ships are underway or at anchor. If the master believes that the continual operation of AIS might compromise the safety or security of his/her ship or where security incidents are imminent, the AIS may be switched off. Unless it would further compromise the safety or security, if the ship is operating in a mandatory ship reporting system, the master should report this action and the reason for doing so to the competent authority.
  • Reschedule planned maintenance on voyage critical equipment for transit of an HRA. 
  • Monitor latest threat information. 
  • Ensure all access points are limited and controlled.
  • Avoid drifting, waiting, anchoring and slow steaming, particularly in the MSTC.
  • Minimise use of VHF and use email or a secure satellite telephone instead. Where possible only answer known or legitimate callers on the VHF, bearing in mind that importers are possible.

Anti Piracy Measures


Pirate AK47 with ship in background twitter

Maritime Security Threats

As well as piracy, regional instability has introduced new security threats including the use of; anti-ship missiles, sea mines and Water-Borne Improvised Explosive Devices (WBIED).

Dryad Global World Map

Maritime Security Geographical Regions 

Where are the current hotspots that warrant the application of BMP5?

BMP5 front cover twitter

Threat and Risk Assessment

What is a security risk assessment? The threat assessment must include all regional security threats.

Screen Shot 2020-06-24 at 16.40.28

Ship Protection Measures

BMP5 provides Ship Protection Measures (SPM) based on real-life experience of piracy attack and incidents of maritime crime.

Ipad 4_3 world

Reporting Guidelines

All ships are strongly encouraged to inform military organisations of their movement

Anticipated WBIED attack

Ships under Attack 

A ship may come under attack with little or no warning.