How can ISO 28000:2007 benefit my organisation?
27/03/2008
For organisations working within, or relying on, the logistics industry, certification to the ISO 28000:2007 supply chain management standard provides a valuable framework. It will help minimise the risk of security incidents and so help provide problem free 'just in time' delivery of goods and supplies. It will also provide substantial support in achieving the EU Authorised Economic Operator certification, a crucial certificate for companies importing and exporting with the EU.
Lloyd's Register Quality Assurance (LRQA) is at the leading edge of supply chain security management system certification. We have experience of security assessments gained from carrying out audits to the International Ship and Port Facility code (ISPS). Having issued the first ISO 28000 global certificate, we are in a prime position to share our experience and expertise to help our clients manage security risks and assure continuity of supply.
Most organisations rely in some way on the supply chain to ensure business continuity and are vulnerable if supplies are interrupted. To help prevent this and manage security risks and so be better able to assure continuity of supply in this current volatile world climate, ISO has published ISO 28000:2007, with valuable and extensive inputs from Lloyd's Register.
This new management system specification provides, for the first time, a framework for organisations that operate or rely on any aspect of the supply chain. It can help all sectors of industry assess security risks and implement controls and mitigating arrangements to manage potential security threats and impacts from the supply chain, in the same way other fundamental business principles such as quality, safety and customer satisfaction are managed.
The specification is a plan-do-check-act based management system that has been modelled on the well proven ISO 14001 standard. This means organisations already familiar with the same risk based approach used by ISO 14001 will be able to use a similar approach when analysing supply chain security risks and threats.
ISO 28000 and EU regulation for Authorised Economic Operator (AEO)
The EC Regulation for Enhancing Supply Chain Security, related to the EU Customs, has introduced the concept of Authorised Economic Operator (AEO) which can be regarded as an essential part of the EU answer to the US Customs and Border Protection initiative - Customs Trade Partnership against Terrorism (C-TPAT).
Companies shipping goods in to the EU can apply for certification as an AEO, which implies that they have demonstrated compliance on a number of issues. Supply Chain Security is a major subject in the requirements. The ISO 28000 series therefore have acted as the baseline to the AEO requirements. Companies who can demonstrate ISO 28000 certification, including the best practices for security threat and risk assessment as laid down in ISO 28001:2006, and issued through an independent 3rd Party, therefore are considered to comply with the most extensive part of the AEO requirements. This will provide them with substantially reduced efforts to demonstrate compliance to AEO requirements. Moreover, they also benefit from the distinguishing competitive advantage of having an internationally renowned certificate to demonstrate their adequate security management to their clients.
How can we gain certification to ISO 28000:2007?
We are able to provide assessment services to this recently launched standard. If you would like to speak to one of our business advisors call (insert appropriate telephone number). They will ask you a few key details about your organisation, to assist your query. Alternatively, complete the (insert link to enquiry form) on this website.
To learn more about how the LRQA assessment process works, click here.
Background to ISO 28000:2007
ISO 28000:2007 is a management system specification which has been developed specifically for logistics companies and organisations that manage supply chain operations. This specification was published by The International Standards Organisation in 2005.
ISO 28000:2007 is suitable to all sizes and types of organisation that are involved in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to implement and maintain a security management system.
The associated ISO 28001:2007 provides best practices for implementing supply chain security - Assessments and plans - Requirements and guidance.
The standard may be used:
<< Go back
Lloyd's Register Quality Assurance (LRQA) is at the leading edge of supply chain security management system certification. We have experience of security assessments gained from carrying out audits to the International Ship and Port Facility code (ISPS). Having issued the first ISO 28000 global certificate, we are in a prime position to share our experience and expertise to help our clients manage security risks and assure continuity of supply.
Most organisations rely in some way on the supply chain to ensure business continuity and are vulnerable if supplies are interrupted. To help prevent this and manage security risks and so be better able to assure continuity of supply in this current volatile world climate, ISO has published ISO 28000:2007, with valuable and extensive inputs from Lloyd's Register.
This new management system specification provides, for the first time, a framework for organisations that operate or rely on any aspect of the supply chain. It can help all sectors of industry assess security risks and implement controls and mitigating arrangements to manage potential security threats and impacts from the supply chain, in the same way other fundamental business principles such as quality, safety and customer satisfaction are managed.
The specification is a plan-do-check-act based management system that has been modelled on the well proven ISO 14001 standard. This means organisations already familiar with the same risk based approach used by ISO 14001 will be able to use a similar approach when analysing supply chain security risks and threats.
ISO 28000 and EU regulation for Authorised Economic Operator (AEO)
The EC Regulation for Enhancing Supply Chain Security, related to the EU Customs, has introduced the concept of Authorised Economic Operator (AEO) which can be regarded as an essential part of the EU answer to the US Customs and Border Protection initiative - Customs Trade Partnership against Terrorism (C-TPAT).
Companies shipping goods in to the EU can apply for certification as an AEO, which implies that they have demonstrated compliance on a number of issues. Supply Chain Security is a major subject in the requirements. The ISO 28000 series therefore have acted as the baseline to the AEO requirements. Companies who can demonstrate ISO 28000 certification, including the best practices for security threat and risk assessment as laid down in ISO 28001:2006, and issued through an independent 3rd Party, therefore are considered to comply with the most extensive part of the AEO requirements. This will provide them with substantially reduced efforts to demonstrate compliance to AEO requirements. Moreover, they also benefit from the distinguishing competitive advantage of having an internationally renowned certificate to demonstrate their adequate security management to their clients.
How can we gain certification to ISO 28000:2007?
We are able to provide assessment services to this recently launched standard. If you would like to speak to one of our business advisors call (insert appropriate telephone number). They will ask you a few key details about your organisation, to assist your query. Alternatively, complete the (insert link to enquiry form) on this website.
To learn more about how the LRQA assessment process works, click here.
Background to ISO 28000:2007
ISO 28000:2007 is a management system specification which has been developed specifically for logistics companies and organisations that manage supply chain operations. This specification was published by The International Standards Organisation in 2005.
ISO 28000:2007 is suitable to all sizes and types of organisation that are involved in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to implement and maintain a security management system.
The associated ISO 28001:2007 provides best practices for implementing supply chain security - Assessments and plans - Requirements and guidance.
The standard may be used:
- by businesses that are going out to tender for their services
- to provide a consistent approach by all service providers in a supply chain
- to benchmark IT service management
- as the basis for an independent assessment
- to demonstrate the ability to meet customer requirements
- to improve services
<< Go back
