ISO 28000:2007 specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that influence supply chain security.

Benefits:

ISO 28000:2007 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:

  • Establish, implement, maintain and improve a security management system
  • Assure conformance with stated security management policy
  • Demonstrate such conformance to others
  • Make a self-determination and self-declaration of conformance with ISO 28000:2007

DCS offers a certifiable and state of the art Standard according to ISO requirements for Management Systems.

Contact us to carry out the full certification process, or a gap assessment against the ISO 28000 to identify your organization’s preparedness.

FAQ

What is ISO 28000:2007?

ISO 28000:2007 is a management system specification which has been developed and introduced in response to a demand from the transportation and logistics industry for a common security management standard, with the ultimate objective of improving the   overall security of supply chains.

What are the benefits of adopting ISO 28000:2007?

It has been clearly demonstrated through industry adoption of ISO 28000: 2007 that enhanced supply chain security provide significant benefits to organisations. It can help all sectors of industry to assess security risk and implement controls to manage security threats. Invariably, it helps organisations to view security not just as a customer requirement but as a competitive advantage and market differentiator.

What is the methodology of ISO 28000:2007?

The ISO 28000:2007 is based on the methodology known as Plan-Do-Check-Act (PDCA), which can be described as follows:

  • Plan: establish the objectives and processes necessary to deliver results in accordance with the organization’s security policy.
  • Do: implement the processes.
  • Check: monitor and measure processes against security policy, objectives, targets, legal and other requirements, and report results.
  • Act: take actions to continually improve the performance of the security management system.

How different is it from other security programs and standards?

ISO 28000:2007 is the only truly global supply chain security management system. It is a Security Management System, which differentiates it from all other programs. Nonetheless, ISO 28000: 2007 remains fully compatible with other standards, including ISO 9001:2004 and 14001:2004

How come ISO 28000:2007 shows Security Management Systems can improve efficiencies in the Supply Chain?

ISO 28000 is a global Security Management System best practice standard that helps all sectors of industry assess security risks and implement controls and mitigating strategies to effectively manage potential security threats and impacts from the supply chain.

What are the Key clauses of ISO 28000:2007?

  • Security management policy
  • Security risk assessment and planning
  • Implementation and operation
  • Checking and corrective action
  • Management review and continual improvement