ISO 28000 is a management system specification which has been developed and introduced in response to a demand from the transportation and logistics industry for a common security management standard, with the ultimate objective of improving the overall security of supply chains.

Compatible with ISO 9001:2000 (quality) and ISO 14001:2004 (environmental) standards, ISO 28000:2005 has been designed to aid the integration of quality, environmental and supply chain security management systems within an organization. The specification is a plan-do-check-act based management system that has been modeled on the well proven ISO 14001 standard framework. This means organizations already familiar with the same risk based approach used by ISO 14001 will be able to use a similar approach when analyzing supply chain security risks and threats.

ISO 28000 is suitable to all sizes and types of organization that ar

e involved in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to implement and maintain a security management system.

It is compatible with, and complements other, Governmental and International Customs Agency security initiatives including: the World Customs Organization's Framework of Standards for supply chain security and facilitation, the EC Regulation For Enhancing Supply Chain Security - Authorized Economic Operator (AEO) and the US Customs and Border Protection initiative - Customs Trade Partnership against Terrorism (C-TPAT).

The standard may be used:

  • by businesses that are going out to tender for their services
  • to provide a consistent approach by all service providers in a supply chain
  • to benchmark IT service management
  • as the basis for an independent assessment
  • to demonstrate the ability to meet customer requirements
  • to improve services

For further detail, copies of the ISO 28000 standard can be obtained from www.ISO.org.