In addition, ISO 20858:2007 establishes certain documentation requirements designed to ensure that the process used in performing the duties described above was recorded in a manner that would permit independent verification by a qualified and authorized agency (if the port facility has agreed to the review). It is not an objective of ISO 20858:2007 to set requirements for a contracting government or designated authority in designating a Recognized Security Organization (RSO), or to impose the use of an outside service provider or other third parties to perform the marine port facility security assessment or security plan if the port facility personnel possess the expertise outlined in this specification. Ship operators may be informed that marine port facilities that use this document meet an industry-determined level of compliance with the ISPS Code.
Port infrastructure that falls outside the security perimeter of a marine port facility might affect the security of the facility/ship interface. ISO 20858:2007 does not address the requirements of the ISPS Code relative to such infrastructures. State governments have a duty to protect their populations and infrastructures from marine incidents occurring outside their marine port facilities. These duties are outside the scope of ISO 20858:2007.