Two-Person Rule

The two-person rule is an access control requiring two authorized individuals to be present for a critical operation, so no single person can act alone on a sensitive system; it limits insider sabotage and error. ISPS does not name the rule but the ship security plan may adopt it as a restricted-area measure under ISPS Code Part A Section 9.4.2. Its formal origin is in nuclear weapons surety and ISO/IEC 27001 access-control practice; in maritime use it guards machinery controls, the ship security alert system, magazines on naval vessels, and citadel access during a piracy transit.