b'UNTRAINED PERSONNEL In addition to documenting the min-Similar to what is done for individualsimum training data listed above, theKEY whoaregrantedaccesstosecureorfollowinginformationneedstobe restricted areas of a facility or vesseldocumented:TAKEAWAYSwithoutaTransportationWorker IdentificationCard(TWIC),indi- How key personnel are defined The U.S. Coast Guardvidualswhohavenotreceivedcom- updated securitypanycybersecuritytrainingmustHow training is delivered, whichregulations for MTSAbe escorted by individuals who havemay utilize a combination ofregulated vessels andhadthetraining.Dependingonthedelivery options, as noted above facilities to includeworkbeingdonebytheindividual,cybersecurity escortingcanbedonephysicallyThe processes or procedures for or remotely.physical accompaniment or mon- PVAs currentitoring of untrained personnel ascybersecurity guidance DOCUMENTATION AND well as the processes, procedures,remains relevant butRECORDKEEPINGand/or automated systems utilizedwill require updatingOwners and operators must maintainfor remote escorting of untrainedto meet the new Coast trainingrecordsanddocumentationpersonnelGuard cybersecurityin accordance with 33 CFR 101.640.regulationsSince development of a cyber security Contractor training records,plan (CSP) is not required until July if applicable PVA has developed a2027, cybersecurity training will needcybersecurity trainingbe documented as additional securityUntil such time as the sixth revisiontemplate for use bytraining under the PVA ASP (Sectionof the PVA ASP is approved, the ad- members in providingX) or a companys existing FSP/VSP.ditionalinformationabovecanbetraining to facility andRecordsdocumentingcybersecuritykept as standalone document withinvessel personneltrainingmaybekeptinhardcopyappendix Q of the PVA ASP. Compa-orelectronicformat(includinginanies not using the PVA ASP can either Compliance with newlearningmanagementsystem)andincludetheinformationasasectioncybersecuritymust include the following informa- under 33 CFR104.225 or 33 CFR training requirementstion at a minimum:105.215 or kept with the FSP/VSP as afor all personnel is duestandalone document. Jan. 12, 2026The date of each sessionCybersecuritycomplianceinforma- New and seasonal Duration of session tion can be found in the Member Re- personnel are required source area of the PVA website underto receive cybersecurityA description or outline of theSecurity Tools. As more informationtraining within 5 daystraining demonstrating how person- becomes available and guidance devel- of system access butnel are trainedoped, the website will be updated. Forno later than 30 days of further information on Coast Guardbeing employed A list of attendees cybersecurity requirements, memberscan consult the official Coast GuardDocumentation isThis documentation will be used byMaritimeIndustryCybersecurityrequired for training,theCoastGuardtoverifythattheResourcewebsiteorcontactEricdetermination of keycybersecurity training meets the basicChristensen of the PVA staff at echris- personnel, and escorting requirements outlined above.tensen@passengervessel.com.untrained personnel53 DECEMBER 2025'