Customer Support: 131 242

i2i Intertek.com
  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Go to AMERICAS site
Dismiss alert
Please enter a keyword to search
Advanced search
Home
BSI
BS ISO 28001:2007

BS ISO 28001:2007

Current

Current

The latest, up-to-date edition.

Security management systems for the supply chain. Best practices for implementing supply chain security, assessments and plans. Requirements and guidance

Published date

31-12-2007

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Field of application
  4.1 Statement of application
  4.2 Business partners
  4.3 Internationally accepted certificates or
      approvals
  4.4 Business partners exempt from security
      declaration requirement
  4.5 Security reviews of business partners
5 Supply chain security process
  5.1 General
  5.2 Identification of the scope of security
      assessment
  5.3 Conduction of the security assessment
  5.4 Development of the supply chain security plan
  5.5 Execution of the supply chain security plan
  5.6 Documentation and monitoring of the supply
      chain security process
  5.7 Actions required after a security incident
  5.8 Protection of the security information
Annex A (informative) - Supply chain security process
        A.1 General
        A.2 Identification of the scope of the
             security assessment
        A.3 Conduction of the security assessment
        A.4 Development of the security plan
        A.5 Execution of the security plan
        A.6 Documentation and monitoring of the
             security process
        A.7 Continual improvement
Annex B (informative) - Methodology for security risk
                        assessment and development of
                        countermeasures
        B.1 General
        B.2 Step one - Consideration of the security
             threat scenarios
        B.3 Step two - Classification of consequences
        B.4 Step three - Classification of likelihood
             of security incidents
        B.5 Step four - Security incident scoring
        B.6 Step five - Development of countermeasures
        B.7 Step six - Implementation of countermeasures
        B.8 Step seven - Evaluation of countermeasures
        B.9 Step eight - Repetition of the process
        B.10 Continuation of the process
Annex C (informative) - Guidance for obtaining advice
                        and certification
        C.1 General
        C.2 Demonstrating conformance with
             ISO 28001 by audit
        C.3 Certification of ISO 28001 by third
             party certification bodies
Bibliography

Describes requirements and guidance for organizations in international supply chains to: - develop and implement supply chain security processes; - establish and document a minimum level of security within a supply chain(s) or segment of a supply chains; - assist in meeting the applicable authorized economic operator (AEO) criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes.

This International Standard provides requirements and guidance for organizations in international supply chains to

  • develop and implement supply chain security processes;

  • establish and document a minimum level of security within a supply chain(s) or segment of a supply chain;

  • assist in meeting the applicable authorized economic operator (AEO) criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes.

NOTE Only a participating National Customs Agency can designate organizations as AEOs in accordance with its supply chain security programme and its attendant certification and validation requirements.

In addition, this International Standard establishes certain documentation requirements that would permit verification.

Users of this International Standard will

  • define the portion of an international supply chain within which they have established security (see 4.1);

  • conduct security assessments on that portion of the supply chain and develop adequate countermeasures;

  • develop and implement a supply chain security plan;

  • train security personnel in their security related duties.

Committee
GW/3
DevelopmentNote
Supersedes DD ISO/PAS 28001. (12/2007) Supersedes 07/30161531 DC. (01/2008)
DocumentType
Standard
PublisherName
British Standards Institution
Status
Current
Supersedes

Standards Relationship
ISO 28001:2007 Identical

ISO/PAS 17712:2006 Freight containers Mechanical seals
ISO 19011:2011 Guidelines for auditing management systems
ISO/IEC 17021:2011 Conformity assessment Requirements for bodies providing audit and certification of management systems
ISO 28003:2007 Security management systems for the supply chain Requirements for bodies providing audit and certification of supply chain security management systems
ISO/PAS 20858:2004 Ships and marine technology Maritime port facility security assessments and security plan development
ISO 14001:2015 Environmental management systems — Requirements with guidance for use
ISO 9001:2015 Quality management systems — Requirements
ISO 28000:2007 Specification for security management systems for the supply chain
ISO 20858:2007 Ships and marine technology — Maritime port facility security assessments and security plan development

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us

Need help?
Call us on 131 242, then click here to start a Screen Sharing session
so we can help right away! Learn more