Audible response

Consultation response regarding guidance for completing the port facility vulnerability assessment template

September 27, 2024

Danish Ports acknowledges the opportunity to submit a consultation response to the guidance for completing the template for port facility vulnerability assessment.

Guidance for completing the Port Facility Vulnerability Assessment Template and Port Facility Vulnerability Assessment aims to protect international shipping traffic as well as ports and port facilities, which Danish Ports supports.

In general
Danish Ports emphasizes that the introduction of the new template for port facility vulnerability assessment will not result in disproportionately large financial and/or administrative implementation costs for the ports, as version 4 contains significantly more new initiatives compared to version 3. version 3.

Specific changes
Re major changes, page 8:
The text states that a new vulnerability assessment must be prepared for major changes, including "the establishment of property or infrastructure [...] at a neighbor to the port" and "that the facility undergoes a rebuilding". Overall for the two points, Danish Ports believes that there is a risk of over-implementation if the port facility must prepare a new vulnerability assessment every time property or infrastructure [...] is established at a neighbor to the port or every time the port facility undergoes a redevelopment. Danish Ports believes that vulnerability assessments should only be required when the change has a real impact on the vulnerability of a port facility. Danish Ports suggests that the phrase "at a neighboring port" and "that the facility undergoes a refurbishment " be further clarified or deleted.

Re major changes, page 45:
It appears from the text that the proposed wording entails a significant risk that vulnerability assessments may become standard also for minor refurbishments or for refurbishments that have no impact on the vulnerability of the facility. Therefore, Danish Ports suggests that the text be clarified to include conversions that entail significant changes to the physical structure of the port facility and are relevant to the vulnerability of the facility or that it be deleted.

Re minor changes, page 27:
The text states 'If IT systems are outsourced, an assessment of the external suppliers' security level must also be included. Danish Ports finds it unclear who in this situation is responsible for an assessment of the external supplier's security level. Danish Ports suggests that this be clarified.

Kind regards,
Danish Ports, Iben Birk