ISO 28001:2007 Security management systems for the supply chain - Best practices for implementing supply chain security, assessments and plans - Requirements and guidance

ISO 28001:2007 provides requirements and guidance for organizations in international supply chains to

  • develop and implement supply chain security processes;
  • establish and document a minimum level of security within a supply chain(s) or segment of a supply chain;
  • assist in meeting the applicable authorized economic operator (AEO) criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes.

In addition, ISO 28001:2007 establishes certain documentation requirements that would permit verification.

Users of ISO 28001:2007 will

  • define the portion of an international supply chain within which they have established security;
  • conduct security assessments on that portion of the supply chain and develop adequate countermeasures;
  • develop and implement a supply chain security plan;train security personnel in their security related duties.

ISO 28001:2007 Security management systems for the supply chain - Best practices for implementing supply chain security, assessments and plans - Requirements and guidance, is available from ISO national member institutes. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information department.

Upcoming events

22 February, Zoom
WG 5 meeting (ISO 22392)

14 March, Zoom
WG 2 meeting (ISO 22317/18)

26-29 March in Calgary
WG 3 meeting

1-4 April in Paris
WG 6 meeting

[TBD] May, Zoom
Communication Group meeting

14-17 May in Tokyo
WG 4 meeting

20-24 May in Delft
WG 2 meeting

8-13 September in Bangkok, Thailand
7th ISO/TC 292 plenary meeting

[TBD] June, 2020, in Berlin, Germany
8th ISO/TC 292 plenary meeting