The decision is to handle cyber security through ISM and as is well known, the risk assessment and handling requirement in the objective of that code. When that is said cyber risk may also impact security (ISPS) and working and living conditions (MLC) so we encourage also needs related to these to be considered. We do recommend that DoC Holders handle requirements and objectives through one system and that this is the safety management system (and systematics), required by the ISM Code.