ISO 28000 – Supply Chain Security Management System
This standard identifies the requirements for a supply chain security management system, relating security management to many other aspects of business management. These include all activities controlled or influenced by organizations that impact supply chain security, which includes transportation of these goods along the supply chain.
ISO 28000:2007 uses a additional pragmatic approach where the risk levels of your supply chain operations are identified. It enables your organization to execute a risk assessment with supporting management tools (i.e. document controls, key performance indicators, internal audits and training) and implements the controls in accordance with the risk involved.
The framework of ISO 28000:2007 is structurally very similar to ISO 14001:2004 Environmental Management Systems (EMS) standard. The environmental aspects identification and evaluation process in EMS is similar to security risk assessment in security management.
ISO 28000 – Its Key Benefits
- Allows security to be maintained as a process so that the effectiveness of security management can be measured and improved;
- Allows management to focus resources and efforts on areas with high-risk concerns (via a security risk assessment);
- Allows management to benchmark its security management efforts with international standards and
- Demonstrates to stakeholders the commitment to implement a systematic security management