ISO 28000

from Wikipedia, the free encyclopedia

The ISO 28000 specification for security management systems for the supply chain is a comprehensive management system standard for security management, which in particular allows an organization to set up a complete system for security in the supply chain . Responsibility for the standard was transferred to ISO / TC Security and resilience , which decided in 2019 to revise ISO 28000.

Content

The requirements of ISO 28000 include the examination of all important aspects in order to increase security within the entire supply chain. The areas of financing, production, information management , infrastructure for packaging, storage and the transport of goods between the various means of transport and delivery locations are affected. Among other things, compliance with legal requirements and the handling of identified security risks are checked on the basis of ISO 14001 and ISO 9001 and in part corresponds to the proposals of the Transported Asset Protection Association (TAPA).

ISO 28000 is intended to give a company the opportunity to systematically track down the risks in the supply chain and initiate countermeasures. The certification is carried out by accredited certification companies.

Revision of the standard

ISO / TC 292 has established a working group for revising and updating the standard (WG 8). The scope of the revision will only be changed to the extent that the wording is adapted to current requirements. In order to facilitate the integration of the security management system of an organization with its other management systems, the structure of the standard is adapted to the structure of the other, more modern management system standards of the ISO, which already follow a uniform structure (e.g. quality management, energy management, business Continuity management).

There are no plans to remove existing requirements of the standard or to add new ones, so that organizations that are already ISO 28000 certified will not have any problems due to the revision. The countries with the largest number of certificates in 2016 were India (425), Japan (299), Spain (231), the United States (223) and the United Kingdom (197).

Experts who want to support the revision should find out from their national standards organization how they can be included in ISO / TC 292 WG 8. A list of organizations is provided by ISO.

Related norms

  • ISO 28001 : Good professional practice for the introduction of security systems in the supply chain, assessment and planning - Requirements and guidelines;
  • ISO 28004-1: Guidelines for principles, systems and supporting work techniques;
  • ISO 28004-2: Guidelines for the application of ISO 28000 for introduction in small and medium-sized seaport companies;
  • ISO 28004-3: Additional specific guide for small and medium-sized enterprises with the aim of introducing ISO 28000 (other than seaport operations);
  • ISO 28004-4: Additional special guide for the implementation of ISO 28000 if compliance with ISO 28001 is the management goal.

Web links

Individual evidence

  1. TC 292 news
  2. ISO
  3. TC 292 news
  4. ISO