ISO 28000

The ISO 28000 series of standards on supply chain security management systems, which have just been upgraded from their status of Publicly Available Specifications to that of fully fledged International Standards, will help to reduce risks to people and cargo within the supply chain. The standards address potential security issues at all stages of the supply process, thus targeting threats such as terrorism, fraud and piracy.

ISO Secretary-General, Alan Bryden, commented: “Threats in the international market-place know no borders. The ISO 28000 series provides a global solution to this global problem. With an internationally recognized security management system, stakeholders in the supply chain can ensure the safety of cargo and people, while facilitating international trade, thus contributing to the welfare of society as a whole. "

The ISO 28000 series of International Standards specifies the requirements for a security management system to ensure safety in the supply chain. Its standards can be applied by organizations of all sizes involved in manufacturing, service, storage or transportation by air, rail, road and sea at any stage of the production or supply process. The series includes provisions to:

		establish, implement, maintain and improve a security management system;
		assure conformity with security management policy;
		demonstrate such conformity;
		seek certification/registration of conformity by an accredited third party organization;or
		make a self-determination and self-declaration of conformity.

The following standards have been recently published:

		ISO 28000:2007, Specification for security management systems for the supply chain;
		ISO 28001:2007, Security management systems for the supply chain - Best practices for implementing supply chain security - Assessments and plans - Requirements and guidance;
		ISO 28003:2007, Security management systems for the supply chain - Requirements for bodies providing audit and certification of supply chain security management systems;
		ISO 28004:2007, Security management systems for the supply chain - Guidelines for the implementation of ISO 28000;

The ISO 28000 series will facilitate trade and the transport of goods across borders. It will increase the ability of organizations in the supply chain to effectively implement mechanisms that address security vulnerabilities at strategic and operational levels, as well as to establish preventive actions plans. Organizations can then continually assess their security measures to protect their business interests, and ensure compliance with international regulatory requirements. By encouraging the implementation of these standards by the various actors in the supply chains, countries will be able to maximize the use of government’s resources, while maintaining a level of optimal security.

The ISO 28000 series indeed assist in implementing governmental and international customs agency security initiatives, including the World Customs Organization's Framework of Standards to Secure and Facilitate Global Trade, the EU Authorized Economic Operators Programme, the US Customs Trade Partnership against Terrorism, and the International Maritime Organization’s (IMO) International Ship and Port Facility Security Code.

The report of IMO’s Maritime Safety Committee meeting held earlier this month, acknowledged that "the ISO 28000 series were now published and numerous ports, terminals and organizations were being certified by third party independent accredited certification bodies; "while recognizing that “ISO standards could be applied to all ships, irrespective of size, type, purpose and whether operated internationally, domestically or within internal waters. "The same can be said of all other transport segments in the supply chain.

The ISO 28000 series was developed by ISO/TC 8, Ships and marine technology, in cooperation with other organizations and stakeholders. Captain Charles Piersall, Chair of ISO/TC 8 explained that “in order to deliver a much needed timely aid, the standards were made available to the public as PAS, prior to publication as International Standards. "ISO/TC 8 has published over 100 standards in support of international organizations.

ISO 28005, Ships and marine technology - Computer applications - Electronic port clearance (EPC) is currently being developed as the latest addition to the series.

ISO 28000, ISO 28001, ISO 28003 and ISO 28004 are available from ISO national member institutes (see the complete list with contact details) and from the ISO Central Secretariat through the ISO Store or by contacting the Marketing & Communication department (see right-hand column)