TMSA 3 Archives - SHIP IP LTD


A new cyber security component has been incorporated into the third edition of Tanker Management and Self Assessment: A Best Practice Guide (TMSA3), released by the Oil Companies International Maritime Forum in 2017. The cyber security component is directly addressed in two of the performance elements: management of change (element 7) and marine security (element 13).For each element in TMSA3, tanker operators should carry out a self-assessment and rate themselves (their safety management systems, operations and practices) against the key performance indicators (KPIs) defined in TMSA3. We want to support you in implementing the new cyber security component and help you to provide documentation of compliance, whether that be achieving the minimum expected level or going above and beyond and achieving level 4.

Our approach

To support the implementation of the new cyber security component found in TMSA3 (requirements 7 and 13), we have identified potential phases that can be followed and tailored to your specific needs. These start from the achievement of the minimum expected level (level 1) and can ultimately bring the company to the full achievement of the management of changes and marine security objectives, which are identified as level 4 by TMSA3.

What we offer

Cyber security procedures definition

We will you with a number of supporting documents. These are generic documents based on good industry practice. As part of a one-day workshop, we will show you how to tailor these to suit the operational model of your business. Should additional support be required after the workshop, this can be discussed and a pricing agreement reached.

Risk assessment

An example risk assessment will be provided, showing how to assess the threats and apply mitigating controls. This would be a standard template showing the approach to and methodology for conducting a risk assessment. Standard assets will be pre-populated, which would have to be tailored to suit your business model. After instruction provided by the consultants, you would need to populate the compensating controls within the template to mitigate the identified risks.

Cyber security procedures audit

We can undertake an audit of cyber security procedures based at your HQ. The audit would be undertaken by an ISO 27001-qualified auditor, and the scope of the audit will be agreed with you and will be based on a selection of agreed controls, as opposed to every control. This will ensure that the audit be completed in one day.

Onboard audit

The main aim of our onboard audit is to determine the effectiveness of the ship’s security measures, policies, procedures and preparedness for cyber-related incidents. The audit will determine whether controls, processes and procedures conform to the requirements of the TMSA3 standard, whether the policies and procedures are effectively implemented and maintained, and if they perform as expected.

Vulnerability assessment

Vulnerability assessment will be delivered on computer based systems (navigation, cargo control, power management, communication, etc.), ship networks and any automation on board the selected vessel(s).  If a specific goal is identified you, penetration testing can also be performed. Penetration testing is the attempt to actively exploit weaknesses in the environment from the perspective of an attacker with direct access to the network being tested.

Why choose LR?

We provide independent assurance and expert advice to companies operating high-risk, capital intensive assets in the marine, energy and transportation sectors, and we have a unique insight into ship and cyber security. We know both the operational technology systems that drive performance and the information technology platforms. We understand the changing regulations being faced by the industry and we know how to deliver a cost-effective solution while reducing our clients’ vulnerability to cyber threats. Our work helps to ensure that your  assets and processes are secure, safe, sustainable and compliant with the regulations.Source: Ir

ExxonMobil’s International Marine Transportation aims to produce another significant step change in preventing oil spills at sea through adding a new element that addresses the human element to the Tanker Management and Self Assessment (TMSA) programme.

In a keynote address to the International Chemical and Oil Pollution Conference and Exhibition (ICOPCE) in Singapore, Jonathan Evans, managing director, International Marine Transportation Singapore, Fuels and Lubricants, ExxonMobil, said: “We can see a significant improvement over the last 40 years but we are still having spills to water and any spill is one too many.”

Over the last 30 years pollution incidents had been reduced by the introduction of the double hull, the SIRE programme, the ISM Code and the introduction of TMSA. Evans noted that since the introduction of the TMSA programme there had been “a very productive period in reducing number of incidents over last 15 years, yet we still have the Sanchi incident”. The Sanchi collision with the CF Crystal last year left 32 dead and the loss of the vessel and its cargo.

“We all know human error is the area we need to address, we have good sound vessels and good  management systems and yet these incidents still continue to happen and when we look at them its human error in way over 75% of the cases,” he told the conference organized by the Maritime & Port Authority of Singapore (MPA).

To address the human element the company has been working over the last 12 – 18 months on a new element to be added to TMSA. A multi-disciplinary team of industrial psychologists, TMSA experts, and marine quality assurance experts was assembled and combined with industry consultation across both large and small fleets, as well as barges. “So we have a good perspective on what will work in the industry and finally we’ve added a peer review,” Evans said.

He said the key objectives of the element were to, “equip the leaders and staff on ship and ashore with the leadership and equipment knowledge, skills and commitment to perform at the highest level essential for safe, and efficient operations”. There are five pillars of successful operations covering

  • Leading and shaping the safety culture you want
  • Well executed tasks and procedures
  • Well designed equipment and controls
  • Skills to respond to emerging situations
  • Learning before and after things go wrong.

“This will be the responsibility of senior management to develop policies and plans to allocate resources in support of each one of these pillars,” Evans said.

Work on the new element was handed over to OCIMF last week with a plan to finalise it over the next 12 months for roll out to the industry.

Source: seatrade


October 20, 2020 TMSA 3

In spite of the fact that the techniques for safe navigation are well known, the safe navigation of a vessel still remains a challenge. It has been reported that more than 80% of shipping accidents have a non-technical cause; they are related rather to human error. The last Concentrated Inspection Campaign (CIC) on “Safety of Navigation” conducted by the Paris MoU in 2009 recorded that during 6331 inspections 1872 (30%) deficiencies were identified. In order to reduce navigational risks charterers recommend undertaking navigational audits.

Any accident or serious incident can have disastrous repercussions on a company’s reputation. According to the Swedish P&I club, over the past six years four major cases have produced abnormally high claims. These cases represented nearly 2 billion USD in P&I costs. Clearly, it is time for shipping to become much more risk-adverse. Research has shown that the top 25% of ships, ranked according to safety, are involved in only 7% of all accidents. This clearly demonstrates the significant potential for reducing the number of shipping accidents.

Navigation is an area under close review by risk assessment teams. Navigational audits are already a requirement of the Tanker Management and Self Assessment (TMSA) 3- Stage 4 and becoming more common in other trades, for example bulk carriers. Even though not a mandatory requirement, it is an element which speaks to a company’s operational quality as well as a tool to improve performance, not only in the tanker business but also in order to satisfy charterers’ requirements.

Navigational audits assess how the ship is handled by the crew, what kind of support is provided shoreside and can reveal important navigational and bridge management errors, which could potentially lead to a collision or grounding. Improvements to existing Safety Management Systems can also be identified through the auditing process.

What are the advantages of navigational audits?

  • Comply with charterers requirements (especially: Vetting, TMSA)
  • Learn from your and other people’s mistakes
  • Recognise that the human element plays a major role in the causation of accidents
  • Enable a safe and professional navigational culture
  • Use effective navigational audits to reduce overall risk
  • Take advantage of navigational audits to improve company procedures
  • Take advantage of navigational audits to improve training demands based on a gap analysis of crew skills and competences

Source: stagmarine


OCIMF’s TMSA 3 has now been released with changes in element 7 regarding software management a brand new element 13 which has Cybersecurity topics to be addressed for compliance.

Element 7 – Change management

Element 7 has a section regarding software management. This includes having procedures which could include:

  • Assigned responsibilities for software management including cyber security.
  • Records of all software installed including version numbers.
  • A method to ensure that the appropriate/latest version is installed.
  • Compatibility checks to ensure integration with existing systems.
  • Instructions for installation of updates.
  • Instructions for back-up where applicable.
  • Performance tests following software upgrades .
  • Training requirements

SOFTimpact can assist your company with reviewing existing procedures or creation of procedures on all of the above as well as recommending technologies which can be used to carry out reporting on software and versions installed across your fleet.

Element 13 – Cybersecurity

The newly introduced element 13 on security has a few sections on Cybersecurity for both vessels and onshore. This includes ensuring proper policies and procedures are in place, alongside guidance and mitigation techniques against Cyber attack.

Our Risk assessments allow your company to get a complete overview of risks faced and recommendations on how to migrate these with technology, education and implementation of correct policies & procedures

The second part focuses on Cybersecurity awareness and encouraging responsible behavior by both vessel and shore based personnel and any third parties.

SOFTimpact provides Maritime focused Cybersecurity training for both End Users Decision makers.


CYBERimpact as a product line of SOFTimpact specializing in Maritime Cybersecurity, helps Maritime companies address the Cyber Threat.

Source: cybersail


Based on our experience from Oil Majors’ Audits, we may offer a Full Compliance Solution against TMSA 3 requirements (depending always on the current status of TMSA 3 knowledge of your company’s personnel) which may consist of the following stages:


1. A GAP Analysis & Internal Audit will be performed which will mainly focus to the TMSA 3 actual implementation from your Office. A mapping among your current system implementation evidence and the TMSA 3 requirements shall be carried out and all gaps will be identified and recorded. The results are to be documented and based on the findings we shall provide you with:

  • Identification of any weak areas.
  • General recommendations and implementation instructions.
  • General strategic recommendations for improving the TMSA 3 implementation status.

Also, we will identify the non-satisfied KPI’s and we shall provide you with a summary of the items that need to be improved.

2. Relevant Guidance will be provided on actions needed to be taken from each company’s Department.


During this phase we will review your SMS and will proceed with the below actions:

  • Modification/ amendment of existing SMS Manuals and introduction of new procedures/ instructions/ forms as necessary to incorporate the TMSA 3 requirements based on your individual SMS and compliance needs.
  • Furthermore, we shall provide supplementary information where applicable for specific oil major requirements.
  • A final mapping of the revised SMS against TMSA 3 requirements will be delivered to your company.
  • During this service, we will review and compare the SMS against the new Vessel’s Inspection Questionnaire VIQ7 requirements. Such evaluation will identify gaps between the new VIQ7 and your current SMS.
  • Based on the findings above we shall proceed with the integration of new requirements into your SMS, so that the standards are met, as per above.
  • Based on the final SMS a clear and full mapping between the standards of VIQ7 and your SMS will be developed and documented. This will enable the prompt and clear documentation compliance during on board VIQ vetting inspection.



This course is provided in partnership with MICE Global of Singapore whose trainers are highly experienced experts in their field.

The TMSA was introduced within the tanker industry upon the occurrence of significant inconsistencies with the application of the ISM code across the industry. This led OCIMF to develop the Tanker Management Self-Assessment designed to bridge this gap and at the same time provide Companies with guidance to develop a sound Safety Management System.

To be effective, a management system needs to look beyond procedures. The company leadership/management should define the company’s values and aspirations and detail how the company intends to achieve the objectives of their stated policies. Management should provide adequate resources to ensure that the vessels are properly managed, crewed, operated and maintained. The management system should also include procedures which ensure that incidents and near misses are investigated to determine root causes, so that corrective and preventative actions can be implemented. There should be systems in place to analyse risk to ensure exposure to risk is considered at every level of management.

TMSA contains all of these elements and provides a structure to assist owners and operators to assess the effectiveness of their own safety management system with suitable tools to measure and improve aspects identified as being sub-standard or weak. The first edition of TMSA was originally intended for tankers of more than 500 GT, since those ships were subject to the requirements of the 1974 SOLAS Convention, and therefore the ISM Code. Four years of experience and comprehensive feedback from the oil industry brought about the publication of TMSA 2 in 2008. TMSA 2 was updated to widen its application to all tank vessels, irrespective of size. The third edition of TMSA (TMSA 3) was introduced in April 2017. TMSA 3 revised and updated all of the twelve existing elements and introduced a thirteenth – ‘Maritime Security’.

This course will provide an in-depth understanding of the TMSA which has enormous potential for operators of all vessel types and will identify how safety management can be improved by implementing key performance indicators, backed up by examples of industry best practice.

Source: admacademy


The Oil Companies International Marine Forum (OCIMF) has launched the third edition of its Tanker Management and Self Assessment (TMSA) programme and book. Widely used since 2004, the latest edition adopts the same familiar document structure as previous TMSA editions, but has been updated to provide clarity of wording, improve consistency of language, make conducting the self assessment easier and to promote continuous improvement.

What’s New

New in this third edition we have:

• Expanded best practice guidance to complement the KPIs.
• Revised best practice guidance to remove ambiguity and duplication.
• Streamlined and merged elements to improve consistency and make conducting the self-assessment easier.
• Removed the option to mark KPIs as not applicable.
• Introduced updated industry legislative requirements, including the Manila Amendments to the Maritime Labour Convention 2006, the Polar Code and the Ballast Water Management Convention.
• Revised Element 6 and 6A – Cargo, Ballast, Tank Cleaning, Bunkering, Mooring and Anchoring Operations, with additional KPIs and best practice guidance.
• Revised Element 10 – Environmental and Energy Management (previously Environmental Management) incorporating the OCIMF Energy Efficiency and Fuel Management paper that was a supplement to TMSA2.
• Added a new element; Element 13 – Maritime Security

TMSA 3 puts a focus on security issues faced by tanker vessels.

Elements 7 and 13 require every maritime company to have in place cyber security plans that consider the cybersecurity needs of vessels, on shore premises and the communication between them.

More specifically the cyber security plan should address cyber threats and mitigation measures, incident response procedures, management of change  and risk assessments.

Aspida’s cybersecurity consultants can assist shipmanagers to update their Cyber security plans to address and mitigate all cyber related risks efficiently while gaining market preference.

Source: cyber.aspida


Tanker management self-assessment (TMSA) may be voluntary in principle but for tanker operators seeking regular charters from oil majors meeting its requirements is a fundamental commercial imperative.

Whereas traditional class requirements give a snapshot of a vessel’s quality at a given moment in time, TMSA was devised to gauge quality of a company’s operations over time. The second edition of the programme, which was introduced in 2008, comprised twelve elements covering a range of safety and performance metrics. In April last year, OCIMF, the industry body that devised and maintains the assessment programme, released a highly anticipated update, that took effect from 1 January 2018.

The update from TMSA2 to TMSA3 was a radical overhaul. The biggest change was the introduction of a completely new element on maritime security that zeroed in on cyber risk management. “While there was a growing awareness of cyber risk in the shipping industry, until that point it was nearly always framed in the future tense. It was raised as a hypothetical issue, one that would have to be addressed in the years to come,” observes Jason Stefanatos, Senior Research Engineer in DNV GL’s Maritime R&D and Advisory team. “Offering operators less than a year to prepare or risk losing business, TMSA3 brought it solidly into the present.”

Holistic approach

Effective cyber security is built on three pillars: people, processes and technology. “There’s still a common misconception that it’s a matter for the company IT department and that as long as I remember my password, it doesn’t affect me. But that’s no longer today’s reality,” Stefanatos stresses.

IT departments do play an important role in implementing technical mitigations such as firewalls and intrusion detection systems and so forth, and it is true these defences successfully prevent many attempted attacks. However, processes are also essential. “End-users – both crews at sea and staff ashore – need to know how to react to the attack or system failure that wasn’t prevented or anticipated by technical safeguards,” he warns. More importantly, he adds: “You need people to be aware of the risks and to take them seriously.”

TMSA3’s new maritime security section – Element 13 – is intended to instil these behaviours and encourage operators to adopt such a holistic approach. To attain the lowest score (Level 1), procedures for identifying threats applicable to the vessel and shore sites must be demonstrated. Reaching Level 2 requires guidance and mitigation measures in all procedures, as well as the promotion of cyber security good-practice among vessel personnel. Satisfying Level 3 calls for security procedures to be regularly updated. The highest grade, Level 4, demands that novel or innovative methods for minimizing cyber risk are evidenced.

Leadership and change

Although cyberrisk management is addressed in greatest depth in Element 13, it exerts a gravitational pull on other elements covered by TMSA. Providing an effective response to cyberrisk, for instance, will require good leadership (Element 1). Meanwhile, management of change (MoC, Element 7) will have to incorporate software and system configuration management. The latter aspect is particularly important.

Satisfying Level 1 of MoC requires that documented procedures are in place for implementing change and for assessing its impact, as well as specifying the framework for granting approval. Level 2 demands that all documentation and records affected by the change are identified and amended or annotated.

Reaching Level 3 calls for a comprehensive software management procedure covering both shipboard and shore systems. Crucially this goes beyond items typically associated with standard business IT infrastructure and should include operational technology (OT), such as the PLCs (Programmable Logic Controllers) and related interfaces for controlling onboard machinery.

Threat evolution

The threat landscape is evolving faster than ever, says Stefanatos. Hackers have grown up and become professional. They are more organized and have more resources at their disposal. Consequently, techniques and tactics have grown in sophistication.

In the 2000s, office IT systems were the predominant target. In other words, the PC on your desk. But these days, attacks directed at OT – the embedded systems and PLCs – are growing increasingly frequent. “It’s a worrying trend. Whereas before it was mostly a company’s finances and reputation at risk, now that has escalated to safety of life, property and the environment. The stakes are much higher,” Stefanatos observes.

One of the first obstacles facing any operator implementing the new TMSA requirements is to decipher and establish a common interpretation of what they mean, a task which, according to Stefanatos, isn’t as straightforward as it sounds: “Some are open to interpretation depending on what perspective you’re approaching them from. Senior managers, for example, may arrive at different conclusions to those working in the IT department or working as an ETO on a ship. It is essential everyone agrees before getting started.”

Credit: DNV GL

Demanding work

Another challenge is the sheer amount of work involved in performing the necessary risk assessments for all IT and OT systems. “Because the procedures and documentation are new, they must be created from scratch. Tanker owners are familiar with how TMSA works, but few quite anticipated the scale of the task facing them,” explains Stefanatos recalling conversations with clients.

Operators can purchase pro forma procedures off the shelf, but he emphatically cautions against taking such shortcuts: “A cookie-cutter approach defeats the object. Unless you properly investigate and drill down into the potential security gaps particular to your company, you won’t be able to find the vulnerabilities specific to your operations. In turn, you won’t be able to devise effective remedial actions or countermeasures.”


While the workload might be daunting, ultimately managing cyber risk is no different to managing any other risk. The equipment and terminology may be unfamiliar but the approach is fundamentally the same as, say, managing any hot work that modifies a vessel’s structure. Software changes, for example, should not be done ad hoc. They should be planned, approved, and recorded. They should be categorized as minor or major to ensure personnel with appropriate authority can approve. This is very similar to the process for gaining approval prior to carrying out welding.

Close collaboration

In 2016, DNV GL compiled and published a set of recommended practice (RP), which details the principles and processes that underpin effective cyber risk management. It provides an authoritative resource for operators of tankers – or any ship type – intending to build a cyber risk management system under their own steam.

However, feedback from and conversations with tanker operators using the RP highlighted a clear need for a more collaborative approach. “Operators understood the guidance as it was written down on paper but translating that into action was proving harder than expected,” notes Stefanatos. This realization prompted DNV GL to start providing dedicated advisory services to assist operators meet TMSA3 requirements.

DNV GL experts work alongside the operator to familiarize themselves with the existing management system and then carry out a gap analysis. This reveals what safeguards are already in place, what requires attention and what’s missing. These outcomes facilitate a highly methodical approach to developing procedures that are effective at reducing risk and that mesh neatly with the specific nuances of an operator’s structure and working practices.

The final stage is for the procedures to be tested to ensure that all the identified gaps have been addressed and that they would stand up under the scrutiny of a TMSA vetting inspection. Depending on the level of customer engagement, the whole process can take between six and eight weeks to complete.

Positive feedback

With only a short window of opportunity between TMSA3 being announced and it taking effect, DNV GL has experienced strong uptake for its advisory services from across the tanker segment, including a number of reputed Greek operators.

Frantzeskos Kontos, Technical Manager at Prime Marine Management, says cyber security is no longer a paperwork exercise. “In recent times, we’ve identified many minor threats – and a handful of more serious ones – on our vessels, so it was urgent we took action to prevent further escalation. The inclusion of cyber security in TMSA gave us an additional commercial impetus.”

Collaborating with DNV GL enabled the Greek operator to detect gaps existing in its management system and address them swiftly and systematically. Procedures were enhanced and new control measures were introduced as a direct result of DNV GL’s proposals and recommendations. “There were some challenging discussions along the way, but, on reflection, they produced tangible results,” reports Kontos.

Initially educating and bringing employees on board was challenging, Kontos admits. “DNV GL’s training resources proved effective in communicating the criticality of cyber security to staff at all levels and across company operations, on shore and at sea.”

Minerva Marine also turned to DNV GL to help it develop a cyber resilience strategy that both complies with TMSA3 and aligns with forthcoming IMO requirements. Part of the project was to carry out a vulnerability assessment on board a Minerva vessel. Company IT manager Eftihia Benaki says: “In addition to the potential financial and reputational damage, cyber risk now carries significant safety and environmental implications. The assessment was invaluable in revealing the technical gaps we faced and identifying the areas we needed to focus on.” She adds: “DNV GL provided a depth of resource and level of specialism that we didn’t have internally.”

The Massachusetts Institute of Technology (MIT) calls cyber security a negative target: it is impossible to ever be 100 per cent secure. This is for two reasons. Firstly, it’s highly dynamic with new threats and risks emerging on a daily basis and, secondly, there is a large attack surface for hackers to exploit. This latter aspect is especially true in a complex supply chain environment, such as shipping, characterized by interactions with and between numerous and diverse stakeholders. However, as we have seen, it is possible to take steps and minimize exposure to these risks and plan a response for when the unexpected happens. This is what TMSA3 essentially seeks to achieve by incentivizing preparedness.

While TMSA3 has made cyber risk management a priority for tanker operators, it is only a matter of time before similar requirements arrive in other market segments. The advisory services developed by DNV GL for TMSA3 sit alongside with associated cyber security offerings including gap analysis for various global standards; a growing range of practical services including penetration testing and incident response drills; and training courses for raising awareness and tackling phishing and social engineering. These can be deployed in various configurations to manage risk on bulk carriers – should RightShip evolve in this direction – and across the global fleet when IMO requirements to incorporate cyber risk within ISM take effect in 2020.

Reflecting on the maritime industry’s response to cyber risk has evolved, Stefanatos observes: “Misha Glenny, a British computer journalist specializing in cyber security, famously quipped that there are two types of companies in the world: those that know they’ve been hacked and those that don’t. Maybe the day has come to add a third type: those that have prepared and are confident they can respond.”

Source: safety4sea


The OCIMF Tanker Management and Self Assessment programme was originally introduced in 2004 as a tool to help companies assess, measure and improve their management systems. It is an essential complement to IMO Conventions, Codes and Circulars and is intended to encourage self-regulation and promote continuous improvement to enhance the safety of merchant shipping and achieve incident free operations.

This fully updated and revised third edition reflects current legislation, expectations and emerging issues, and incorporates feedback from companies and users of previous editions of TMSA. Key new features to the text include:

  • Updated industry legislative requirements, including the Manila Amendments to the Maritime Labour Convention 2006, the Polar Code and the Ballast Water Management Convention

  • A new element 13 covering Maritime Security

  • Expanded best practice guidance to complement key performance indicators and remove ambiguity and duplication

  • Streamlining and merging of elements to improve consistency and make conducting the self assessment easier

  • Revised Environmental and Energy Management Element, which now incorporates the OCIMF Energy Efficiency and Fuel Management paper that was a supplement to TMSA2

As well as this printed guide, the TMSA programme includes a useful online tool for recording self assessment as well as a database for sharing reports, providing ship operators with an interactive and constantly evolving platform to monitor and improve their performance and attain high standards of safety.

Source: witherbyseamanship