ASTM WK67401

    New Guide for Inclusion of Cyber Risks into Maritime Safety Management Systems

    (What is a Work Item?)

    Developed by Subcommittee: F25.07 | Committee F25 | Contact Staff Manager


    1. Scope

    This ASTM Guideline document is designed to provide the maritime industry guidance, information and options for incorporating cyber elements into Safety Management Systems (SMS) in accordance with International Safety Management (ISM) Code and other national (U.S.) and international requirements. These Guidelines will support U.S. maritime operating companies but are guidelines only and do not recommend a specific course of action. However, these guidelines are to be used to improve cyber safety, address vulnerability, recommend and outline training, raise knowledge and awareness of cyber threats by leveraging documented, auditable SMS mechanisms. The purpose of these guidelines is to offer guidance, information and options based on a consensus of opinion but not to establish a standard practice. Each organization must evaluate their SMS, their information management systems at sea and ashore and the level of cyber risk that exists within the organization to determine the best methods of compliance with the cybersecurity requirements of the ISM Code and/or other legal or self-imposed requirements.


    IMO; MSC.428(98); cyber attack; cyber risk; cyber safety; cyber security; cyber vulnerability;


    The need to protect information of any kind has grown proportionally with the expansion of information technology and the reliance of organizations on the use of information technology in the course of their business activities. This is as true for the maritime industry as with any other industry.

    The title and scope are in draft form and are under development within this ASTM Committee.

    Citing ASTM Standards
    Back to Top
    Work Item Status

    Date Initiated:

    Technical Contact:
    Regina Farr


    F25 (20-01)

    Ballot Item Approved as F3449-2020 and Pending Publication