The International Ship and Port Facility Security (ISPS) Code became mandatory for international shipping in 2004. For vessels transiting the Suez Canal, ISPS compliance is not optional — every vessel must carry a valid International Ship Security Certificate (ISSC), have an approved Ship Security Plan (SSP) on board, and complete the SCA's pre-transit security notification process.
What makes Suez ISPS compliance particularly tricky for fleet operators is that SCA's requirements go beyond the baseline ISPS standard. Most flag-state-approved SSPs cover port operations but omit the canal-specific provisions SCA requires. The result: a vessel with a current ISSC can still be held for an SSP deficiency at the last moment. Understanding what SCA actually checks — and what the SSP must include — is the difference between a smooth transit and a 24-hour security hold.
ISPS Code at the Suez Canal: What the Standard Covers
The ISPS Code requires that vessels on international voyages maintain three core security documents:
- International Ship Security Certificate (ISSC): Issued by the flag state or a recognized organization on the flag state's behalf, confirming the vessel's security management system has been audited and is operating as specified
- Ship Security Plan (SSP): The vessel's approved plan for security threat response, including procedures for different security levels, access control, and security officer responsibilities
- Continuous Synopsis Record (CSR): A record of the vessel's security history, including flag state security assessments and any security incidents
These documents apply to the Suez Canal in the same way they apply to international port calls. However, SCA's pre-transit inspection adds an additional layer: verification that the SSP includes provisions specific to canal transit that are not covered in most flag-state-approved plans.
The ISSC: What SCA Checks
SCA inspectors verify the ISSC's validity — meaning the certificate must be current, the issuing organization must be one recognized by the flag state, and the audit on which the certificate is based must not be overdue. The ISSC is valid for a period typically matching the vessel's ISM certificate cycle.
The most common ISSC-related issues at Suez:
- Expired ISSC: No waiver available; transit denied until renewed certificate is presented
- Audit overdue: If the vessel's security audit is due or overdue per the certificate schedule, SCA may flag this as a deficiency even if the certificate has not yet formally expired
- Issuing organization not recognized: If the ISSC was issued by an organization not recognized under the flag state's authorizing regime, SCA inspectors may question its validity
The Ship Security Plan: SCA's Canal-Specific Requirements
This is where most Suez ISPS compliance gaps originate. A standard SSP — the template used to satisfy port state control inspections worldwide — covers three security levels (1, 2, 3), access control procedures, search procedures, and security officer duties for port operations. It typically does not cover:
- Transit through a narrow, confined waterway with limited maneuverability
- Coordination with external patrol boats, escort vessels, or harbor tugs during transit
- Procedures for communicating security status changes to a canal authority operations center
- Designation of a specific security officer responsible for canal-transit coordination
- Pre-transit security assessment procedures specific to entering the canal approach area
SCA inspectors expect to see these provisions in the SSP. When they review the plan and find the canal-specific sections absent or inadequate, the vessel is flagged for a security hold — not a denial, but a hold that requires the SS officer to demonstrate familiarity with the procedures and, in some cases, to produce an updated plan.
Action item: Operators whose SSPs were approved before their vessel began regular Suez transits should review the plan with their flag state or recognized organization to confirm it includes the canal-specific provisions SCA requires. An SSP amendment addendum addressing Suez transit provisions — rather than a full plan rewrite — is typically sufficient.
The Pre-Arrival Security Notification
SCA requires vessels to submit a security notification through its electronic portal no later than 24 hours before reaching the canal approach area. This notification is separate from the general pre-arrival documentation package and is treated as an independent workflow item.
The security notification includes:
- Vessel ISSC details: Certificate number, issuing organization, validity date
- Current security level: Default is Security Level 1; any elevation must be declared
- Security incidents: Any security incidents during the voyage that may be relevant to the canal transit
- Security officer designation: Confirmation that a named security officer is designated for the canal transit
Failure to submit this notification within the required window is itself a compliance failure. The vessel may be held at the canal approach area until the notification is submitted and acknowledged — creating a delay that compounds with any concurrent documentation review.
Security Level 3 Contingencies
The ISPS Code's Security Level 3 procedures are relevant for vessels transiting Suez during periods of elevated regional security. Security Level 3 — the highest level, invoked when a security incident is imminent or has occurred — requires additional coordination with SCA's security operations center.
If the vessel is operating at Security Level 2 or 3 at the time of canal transit, this must be declared in the pre-arrival security notification and coordinated with SCA in advance. Vessels at elevated security levels may be subject to additional escort requirements, modified transit schedules, or transit deferral pending security clearance.
Comparison: Suez ISPS vs. Panama Canal ISPS
Both canals apply ISPS requirements, but the scope of the canal-specific provisions differs. ACP's ISPS requirements have been thoroughly documented and standardized since the code's adoption. ACP inspectors check ISSC validity and review the SSP for standard security procedures. The canal-specific additions at ACP relate primarily to access control during canal transit and coordination with ACP's security operations.
SCA's ISPS requirements are less codified publicly and include provisions around escort coordination, pre-transit security reporting, and designation of a canal-specific security officer. A vessel that clears ISPS inspection at the Panama Canal may still encounter an SSP gap at Suez if the plan was not drafted or updated to include these canal-specific procedures.
Our full canal comparison guide covers these and other compliance differences in detail.
Frequently Asked Questions
What is ISPS Code compliance in the context of Suez Canal transit?
ISPS Code compliance at the Suez Canal means a vessel carries a valid International Ship Security Certificate (ISSC), has an approved Ship Security Plan (SSP) on board that specifically addresses canal transit scenarios, and has completed the required pre-arrival security notification to SCA. SCA inspectors board the vessel before transit and verify all three conditions. A deficiency in any one triggers a security hold that delays the transit.
What specific SSP provisions does SCA require for canal transit?
SCA requires that the SSP include canal-specific provisions: a designated security officer for the canal transit, pre-transit security assessment procedures, reporting requirements to SCA's security operations center, provisions for security escort or patrol boat coordination, and procedures for communicating security status changes during transit. Many SSPs approved for general port operations do not include these canal-specific provisions. An SSP addendum addressing Suez transit provisions — rather than a full plan rewrite — is typically sufficient.
Can a vessel with a valid ISSC still be delayed for ISPS reasons at Suez?
Yes. The ISSC confirms the vessel's security management system has been audited and is operating. SCA separately verifies that the SSP contains canal-specific provisions. If the SSP was approved for general port operations but has not been updated to include Suez transit provisions, SCA inspectors will flag this as a deficiency — even with a current ISSC. The vessel will not be allowed to transit until the SSP gap is addressed.
How does Suez Canal ISPS verification differ from Panama Canal ISPS requirements?
Both canals require ISPS compliance, but the canal-specific provisions differ. ACP's ISPS requirements are well-documented and standardized. At Suez, SCA includes additional provisions related to canal transit — particularly around escort coordination, security reporting during transit, and pre-transit notification procedures. A vessel with an SSP that satisfies ACP requirements may still have gaps for Suez.
What pre-arrival security notification does SCA require?
SCA requires vessels submit a pre-arrival security notification through its electronic portal at least 24 hours before reaching the canal approach area. The notification includes the vessel's ISSC details, current security level, information on security incidents during the voyage, and confirmation of the designated security officer for the transit. This must be submitted separately from the general pre-arrival documentation package.
Automate Your Compliance Checks Before Canal Transit
CanalClear validates your security documentation, certificate expiration dates, and pre-arrival notifications for Panama Canal — with Suez Canal automation coming soon. Build the compliance habit now so nothing slips through before Suez.
Get Started at canalclear.org