ISO 28000:2007 specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting these goods along the supply chain.
ISO 28000:2007 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:
a) establish, implement, maintain and improve a security management system;
b) assure conformance with stated security management policy;
c) demonstrate such conformance to others;
d) seek certification/registration of its security management system by an Accredited third party Certification Body; or
e) make a self-determination and self-declaration of conformance with ISO 28000:2007.
There are legislative and regulatory codes that address some of the requirements in ISO 28000:2007. It is not the intention of
ISO 28000:2007 to require duplicative demonstration of conformance.Organizations that choose third party certification can further demonstrate that they are contributing significantly to supply chain security.It was developed in response to the transportation and logistics industries’ need for a commonly applicable security management system specific to supply chain security.
However, companies in many other industries are finding it useful to assess security risks, implement controls, and mitigate arrangements to manage potential security threats and impacts on the supply chain. Quality, safety and customer satisfaction also benefit from this management system.
The requirements for ISO 28000:2007. include all critical aspects for supply chain security assurance. Some examples include: financing, manufacturing, information management, and the facilities for packing, storing and transferring goods between vehicles and locations.
Security management is linked to many other aspects of business management. These should be considered directly, when and where they impact security management, including transporting goods through the supply chain.