ISO 28000:2007 Specification for security management systems for the supply chain, Uncategorized

ISO 28000:2007 specification for security management systems for the supply chain

Posted on by owner

Courtesy: ISO 28000:2007 specification for security management systems for the supply chain

Benefits

Implementing ISO 28000 has broad strategic, organisational and operational benefits that are realized throughout the organization.

Benefits include, but are not limited to:

  • Improved security and thereby enhancing resilience
  • Systematised management practices
  • Enhanced credibility and brand recognition
  • Aligned terminology and conceptual usage
  • Improved organizational performance including aspects of the supply chain
  • Benchmarking against internationally recognisable criteria
  • Greater compliance processes

Improved risk management integration

The international standard addresses specifically the assessment and treatment of security-related risks (risks that relate to the security of the organization and its interested parties) and in this context refers to ISO 31000. This improves the broader interface with existing enterprise risk management in a common integrated platform. This integrated approach to risk management is recommended by ISO 31000 to better coordinate cross functional risk management mechanisms, improve performance measurement, ensure continual improvement and prevent silo thinking within the organization.

Application

ISO 28000:2007 was initially developed so that organizations of varying scale could apply the standard to their supply chains of various degrees of complexity. Now, after the revison, ISO 28000:2022 can be applied beyond the supply chain to all aspects of the organization.

The general rational for an organization to adopt ISO 28000:2022 pertains to:

  • developing a security management system,
  • internal compliance with objectives of a security management policy,
  • external compliance with best practice benchmarks,
  • conformity assurance with the standard,
  • enhancing the organization’s resilience by an effective, coordinated and integrated application of its security management system.

ISO 28000:2022 is a certifiable standard. In 2016, the countries with the highest number of certificates were India (425), Japan (299), Spain (231), US (223) and UK (197).

ISO 28000 was originally developed as a Publicly Available Specification by ISO technical committee ISO/TC 8 on Ships and marine technology  and published in 2005. In 2007, ISO/PAS 28000:2005 was withdrawn and replaced by a full ISO standard under the title ISO 28000:2007. In 2014, ISO 28000:2007 was reviewed and confirmed.
In 2015, ISO/TC 292 Security and resilience took over the responsibility of the standard and decided later in 2019 to initiate a revision of the standard. In March 2022 the revised second edtion of the standard was published

owner