Customer Support: +44 (0)203 327 3140

Login to i2i Subscription Intertek.com
  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Go to AMERICAS site
Dismiss alert
Please enter a keyword to search
Advanced search

BS ISO 28003:2007

Current
Current

The latest, up-to-date edition.

Security management systems for the supply chain. Requirements for bodies providing audit and certification of supply chain security management systems
Published date

31-12-2007

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Principles for certification bodies
   4.1 General
   4.2 Impartiality
   4.3 Competence
   4.4 Responsibility
   4.5 Openness
   4.6 Confidentiality
   4.7 Resolution of complaints
5 General requirements
   5.1 Legal and contractual matters
   5.2 Management of impartiality
   5.3 Liability and financing
6 Structural requirements
   6.1 Organizational structure and top management
   6.2 Committee for safeguarding impartiality
7 Resource requirements
   7.1 Competence of management and personnel
   7.2 Personnel involved in the certification activities
   7.3 Use of external auditors and external technical
        experts
   7.4 Personnel records
   7.5 Outsourcing
8 Information requirements
   8.1 Publicly accessible information
   8.2 Certification documents
   8.3 Directory of certified clients
   8.4 Reference to certification and use of marks
   8.5 Confidentiality
   8.6 Information exchange between a certification
        body and its clients
9 Process requirements
   9.1 General requirements applicable to any audit
   9.2 Initial audit and certification
   9.3 Surveillance activities
   9.4 Recertification
   9.5 Special audits
   9.6 Suspending, withdrawing or reducing scope of
        certification
   9.7 Appeals
   9.8 Complaints
   9.9 Records on applicants and clients
10 Management system requirements for certification bodies
   10.1 Option 1 - Management system requirements in
        accordance with ISO 9001
   10.2 Option 2 - General management system requirements
Annex A (informative) - Guide for process to determine
                        auditor time
Annex B (normative) - Criteria for auditing organizations
                      with multiple sites
Annex C (normative) - Auditor education, work and audit
                      experience and training durations
Annex D (normative) - Auditor competence requirements
Bibliography

Describes principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO 28000.

This International Standard contains principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO28000.

It defines the minimum requirements of a certification body and its associated auditors, recognizing the unique need for confidentiality when auditing and certifying/registering a client organization.

Requirements for supply chain security management systems can originate from a number of sources, and this International Standard has been developed to assist in the certification of supply chain security management systems that fulfil the requirements of ISO28000, Specification for security management systems for the supply chain, and other supply chain security management system International Standards. The contents of this International Standard may also be used to support certification of supply chain security management systems that are based on other specified supply chain security management system requirements.

This International Standard

  • provides harmonized guidance for the accreditation of certification bodies applying for ISO28000 (or other specified supply chain security management system requirements) certification/registration;

  • defines the rules applicable for the audit and certification of a supply chain security management system complying with the supply chain security management system standard’s requirements (or other sets of specified supply chain security management system requirements);

  • provides the customers with the necessary information and confidence about the way certification of their suppliers has been granted.

NOTE1 Certification of a supply chain security management system is sometimes also called registration, and certification bodies are sometimes called registrars.

NOTE2 A certification body can be nongovernmental or governmental (with or without regulatory authority).

NOTE3 This International Standard can be used as a criteria document for accreditation or peer assessment or other audit processes.

Committee
SME/32
DevelopmentNote
Supersedes DD ISO/PAS 28003. (12/2007)
DocumentType
Standard
PublisherName
British Standards Institution
Status
Current
Supersedes

Standards Relationship
ISO 28003:2007 Identical

ISO/IEC 17000:2004 Conformity assessment Vocabulary and general principles
ISO 19011:2011 Guidelines for auditing management systems
ISO/IEC 17021:2011 Conformity assessment Requirements for bodies providing audit and certification of management systems
ISO/IEC 17030:2003 Conformity assessment General requirements for third-party marks of conformity
ISO 10002:2014 Quality management Customer satisfaction Guidelines for complaints handling in organizations
ISO 9001:2015 Quality management systems — Requirements
ISO 28000:2007 Specification for security management systems for the supply chain

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us