ISO 28000 for Supply Chain Security

The ISO 28000 series of standards on supply chain security management systems have been upgraded from their status as Publicly Available Specifications to that of full International Standards. They are expected to help reduce risks to people and cargo by addressing potential security issues such as terrorism, fraud, and piracy.

The ISO 28000 standards specify the requirements for a security management system to ensure safety in the supply chain. They can be applied by organizations of all sizes involved in manufacturing, service, storage, or transportation by air, rail, road, and sea at any stage of the production or supply process. The standards include provisions to:

  • establish, implement, maintain, and improve a security management system;
  • assure conformity with security management policy;
  • demonstrate such conformity;
  • seek certification of conformity by an accredited third party organization; or
  • make a self-determination and self-declaration of conformity.

The ISO 28000 series consists of:

ISO 28000:2007Specification for security management systems for the supply chain;
ISO 28001:2007Security management systems for the supply chain – Best practices for implementing supply chain security – Assessments and plans – Requirements and guidance;
ISO 28003:2007Security management systems for the supply chain – Requirements for bodies providing audit and certification of supply chain security management systems;
ISO 28004:2007Security management systems for the supply chain – Guidelines for the implementation of ISO 28000.
ISO 28005:200xShips and marine technology – Computer applications – Electronic port clearance is being developed as the latest addition to the series.

The ISO 28000 series will facilitate trade and the transport of goods across borders. The standards will increase the ability of organizations in the supply chain to effectively implement mechanisms that address security vulnerabilities at strategic and operational levels, as well as, to establish preventive actions plans.

Organizations can then continually assess their security measures to protect their business interests and ensure compliance with international regulatory requirements. By encouraging the implementation of these standards by the various organizations in the supply chains, countries will be able to maximize the use of government’s resources, while maintaining a level of optimal security.

The ISO 28000 series will also assist in implementing governmental and international customs agency security initiatives, including the World Customs Organization’s Framework of Standards to Secure and Facilitate Global Trade, the EU Authorized Economic Operators Program, the US Customs Trade Partnership against Terrorism, and the International Maritime Organization’s International Ship and Port Facility Security Code.

ISO 28000, ISO 28001, ISO 28003 and ISO 28004 are available from the ANSI Web Store.