Astaara Cyber SMS Review

Our aim

To provide shipping companies and their ships with a review of their cyber capabilities against the Astaara interpretation of the IMOs cyber security requirements. It recognises that a cyber-attack could be the root cause of a safety incident or environmental event.

Failure to meet these can mean: Delay or non-issuance of DOC; Worst case denial of trading of a ship and commercial losses for shipowner/operator; Insurers refusing to insure ship for breach of warranty in respect of Safety Management System on board ship.

Specific aspects

A structured approach to the IMO model of Identify, Protect, Detect, Respond & Recovery
A three-stage delivery model: Discovery, verification & report
Review against Astaara’s Cyber IMO SMS Maturity Model
Gap Analysis and report showing pass/fail vs the IMO standards and where you can improve

We will

Ask you for information on your:
- company
- existing approach to cyber security
Undertake a detailed review of the information provided
Provide advice on where and how you can improve you
cyber posture against the IMO SMS guidelines

You will

Complete the questionnaire and provide requested information
Agree to interviews (Head Office and Ships)
Identify internet-facing assets and provide list of relevant IP addresses
Discuss the findings and provide requested additional information ahead of final report

Assessment

We will review your documents against the five main headings of the IMO questions
Astaara will interview key personnel
Measurement against our proprietary C – GAP analysis framework
Identify key gaps and areas for immediate remediation & improvement

Outcome

Astaara will provide you with a summary report, including:

Evaluation
Status
Gap analysis
Remediation
Next Steps

Key benefits

Done properly, the implementation of the standards and the audit can become a focal point of the shipping companies’ licence to trade
From risk analysis through to risk transfer, we can help you identify the risks, the threats, the activities you need to undertake to mitigate the risks and provide you with cost-effective risk transfer mechanisms
Agreement to Astaara’s general terms and conditions