IMO & IACS UR E26/E27 Compliance | Maritime Cybersecurity India

Achieve full compliance with IMO MSC.428(98) Safety Management System requirements and IACS Unified Requirements E26/E27 mandatory since July 2024 for vessels 500GT and above.

Maritime / IMO & IACS UR E26/E27 Compliance

What is IMO and IACS UR E26/E27 Compliance?

IMO Resolution MSC.428(98) requires that approved Safety Management Systems (SMS) address cyber risk management for all SOLAS-regulated vessels. IACS Unified Requirements E26 and E27, mandatory since July 2024 for newbuild contracts, establish detailed cybersecurity standards for vessels and onboard equipment respectively. UR E26 covers the ship as a whole entity including secure integration of IT and OT networks, while UR E27 applies to individual Computer Based Systems (CBS) onboard. Codesecure Solutions provides end-to-end compliance support including gap assessments against both standards, remediation roadmaps, policy and procedure development, and documentation required for class society verification.

We are available 24/7 to help secure your maritime operations.

Benefits of IMO and IACS UR E26/E27 Compliance

• SMS Integration: Cyber risk management integrated into your vessel Safety Management System as required under IMO MSC.428(98).
• Class Society Ready: Documentation and evidence packages prepared for DNV, Bureau Veritas, ClassNK, ABS, and Lloyd's Register verification audits.
• Gap Assessment: Detailed assessment identifying compliance gaps against both UR E26 (ship-level) and UR E27 (system-level) requirements.
• Lifecycle Support: Compliance support from design and newbuild through to operational phases and annual SMS audits.
• Regulatory Risk Reduction: Reduces risk of port state control detentions, insurance premium increases, and flag state non-conformities.

Frequently Asked Questions about IMO & IACS UR E26/E27 Compliance

Who does IACS UR E26/E27 apply to?

IACS UR E26 and E27 apply to commercial vessels of 500 GT or more where the design and build contract was signed after July 1, 2024. Existing vessels are subject to IMO MSC.428(98) requirements through their SMS.

What is the difference between UR E26 and UR E27?

UR E26 applies to the ship as a whole, covering network architecture, IT/OT integration, and the overall cybersecurity management program. UR E27 applies to individual Computer Based Systems onboard, requiring each system to meet specific security hardening requirements.

How long does an IMO/IACS compliance project take?

A typical compliance project takes 4 to 12 weeks depending on the current maturity level of the vessel's cybersecurity posture and the number of systems to be assessed.

Do existing vessels need to comply with IACS UR E26/E27?

IACS UR E26/E27 is currently mandatory only for newbuilds contracted after July 2024. However, many class societies and charterers are beginning to require existing vessels to meet equivalent standards voluntarily.

Is your vessel secure? We work 24x7 to protect it

We work around the clock to ensure your maritime digital safety with proactive, cutting-edge solutions and expert support

Terms & Conditions • Privacy Policy • Cookie Settings • Cookie Policy

Get in Touch
Email: contact@codesecure.in
Phone: +917358463582
Address: No 3,Plot 81, 5th Street, Ramnagar Velachery, Chennai, Tamilnadu.

Subscribe to our Newsletter

By subscribing, you consent to receive newsletters from Codesecure Solutions. You can unsubscribe anytime by emailing contact@codesecure.in. See our Privacy Policy.