(a) The owner or managing operator will be issued a TSMS certificate by a TPO when his or her organization is deemed in compliance with the TSMS requirements. It should be kept on file at the owner or managing operator's shoreside office and available for review, at the request of the Coast Guard.

(b) A TSMS certificate is valid for 5 years from the date of issue, unless suspended, revoked or rescinded as provided in paragraphs (d) and (e) of this section.

(c) The vessel owner or managing operator must maintain a list of vessels currently covered by each TSMS certificate and must provide it to the Coast Guard upon request.

(d) A TSMS certificate may be suspended or revoked by the Coast Guard at any time for non-compliance with the requirements of this part.

(e) The TPO that issued the TSMS certificate may rescind the certificate for non-compliance with the requirements of this part.

(f) A copy of the TSMS certificate must be maintained on each towing vessel that is covered by the TSMS certificate and on file at the owner or managing operator's shoreside office.

(a) Internal management audits must be conducted annually, within 3 months of the anniversary date of the TSMS certificate, to ensure the owner or managing operator is effectively implementing all elements of their TSMS.

(b) The internal management audit must ensure that management has implemented the TSMS throughout all levels of the organization, including audits of all the owner or managing operator's towing vessels to which a TSMS applies to ensure implementation at the operational level.

(c) The results of internal audits must be documented and maintained for a period of 5 years and made available to the Coast Guard upon request.

(d) Internal auditors:

(1) Must have knowledge of the management, its SMS, and the standards contained in this subchapter;

(2) Must have completed an ANSI/ISO/ASQ Q9001-2000 or ISO 9001:2008(E) (incorporated by reference, see § 136.112 of this subchapter) internal auditor/assessor course or Coast Guard-recognized equivalent;

(3) May not be the designated person, or any other person, within the organization that is responsible for development or implementation of the TSMS; and

(4) Must be independent of the procedures being audited, unless this is impracticable due to the size and the nature of the organization.

External audits for obtaining and renewing a TSMS certificate are conducted through a TPO and must include both management and vessels as follows:

(a) Management audits. (1) Prior to the issuance of an owner or managing operator's initial TSMS certificate, or subsequent renewals, an external management audit must be conducted by an auditor from a TPO.

(2) A mid-period external management audit must be conducted between the 27th and 33rd month of the certificate's period of validity.

(b) Vessel audits. (1) An external audit must be conducted prior to the issuance of the initial COI for vessels subject to an owner or managing operator's TSMS that have been owned or operated for 6 or more months prior to receiving the initial COI.

(2) An external audit must be conducted no later than 6 months after the issuance of the initial COI for vessels subject to the owner or managing operator's TSMS that have been owned or operated for fewer than 6 months prior to receiving the initial COI.

(3) An external audit of all vessels covered by a TSMS certificate must be conducted during the 5-year period of validity of the TSMS certificate. The vessels must be selected randomly and distributed as evenly as possible.

(4) External audits may include the use of objective evidence which may be available at the owner or managing operator's corporate office. Some portions of this audit require visiting each vessel at some point during the 5-year period of validity of the TSMS certificate.

(c) Documentation. The results of the external audit must be documented and maintained for a period of 5 years and made available to the Coast Guard or the external auditor upon request.