ISO 28000:2007 Security Management System for Supply Chain (SMSSC)

ISO 28000 : 2007 Security Management System for Supply Chain (SCSMS)

What is ISO 28000 Certification?

A supply chain describes an overall process that results in goods being transported from the point of origin to the final destination and includes the movement of the goods, the shipping data, and the associated processes as well as the series of dynamic relationships. 

It involves many entities such as producers of the goods, logistics management firms, consolidators, truckers, railroads, air carriers, marine terminal operators, ocean carriers, cargo/mode/customs agents, financial & information services, and buyers of the goods being shipped are not limited to, financing, manufacturing, information management and the facilities for packing, storing and transferring goods between modes of transport and locations.

This standard can be applied by organizations of all sizes involved in manufacturing, service, storage or transportation at any stage of the production or supply chain.

Importance of ISO 28000 Certification

ISO 28000 outlines the requirements to enable an organization to establish, implement, maintain and improve a security management system, including those aspects critical to security assurance of the supply chain. These aspects include, but Supply risks such as threats from terrorism, fraud and piracy have serious implications to businesses. Throughout the supply chain, organizations must manage these risks and assure security by identifying potential threats, assessing risks and implementing measures to prevent any risks and threats from adversely affecting the success of their businesses.

Supply chain security is now and will continue to be, an integral component of business and trade landscapes. This is evident from a significant increase in regulatory compliance (for example in ‘voluntary’ initiatives such as C-TPAT and Authorised Economic Operator), threat awareness and a greater vulnerability of significant supply disruption caused by an unconnected event in another part of the world.

Benefits of ISO 28000 Certification

Global Recognition

The company gets globally recognized & more and more companies want to be seen linked to the certified company

Customer Satisfaction

Meet your customer expectations consistently

Competitive Advantage

The company gets market recognition and competitive advantage over the other companies

Improve Supply
Chain Performance

When the supply chain is well defined and regulated, its performance improves invariably

Enhance Quality

The quality of the product/services automatically improves as there is constant pressure on its credibility in the market

Legal Compliance

Ensure compliance with statutory, regulatory, and voluntary obligations

Take a Deep Dive Into ISO 28000 Certification

Looking to implement an ISO 28000 Security Management System for Supply Chain (SMSSC) but not sure where to start? Take a look at our ISO 28000 guide here. The free guide will give you a great insight into this certification.

Steps to ISO 28000 Certification

Step - 1

Application for ISO 28000 : 2007 certification from new (Fresh) client and existing client.

Step - 2
Offer Submission

After understanding your business, we create an offer that helps you to attain ISO 28000 : 2007 Certification without hassles.

Step - 3
Offer Acceptance

Acceptance of Offer by client and Confirmation of agreement by both client organization and IRQS.

Step - 4
Certification Audit

Conduct of Initial Certification audit – (Stage 1 + Stage 2) for new (Fresh) clients / Re-Certification audit (For existing clients).

Step - 5

Issuance of the “Certificate of approval” on successful completion of the initial / Re-certification audit process.

Step - 6

Surveillance audits are undertaken annually to ensure that compliance to the chosen Standard(s) is maintained throughout the three-year certification cycle.

Step - 7

The recertification audit process is to be initiated 3 months prior to the expiry of the certificate.

Want to Transfer Your ISO 28000 Certification?

You can transfer your ISO Certification from one Certification Body to another at any stage you wish, you are not tied into any contract. You need a trusted certification body and we’ll help you transfer to us quickly and easily.

If you would like a free quotation for the transfer of your certification then please complete the form and we will be able to provide you with a quotation.

Save Time & Money When You Audit Two Standards

Did you know ISO 28000 and other standards like ISO 14001, ISO 9001, ISO 45001, etc. share the same structure? You can save time and money when you audit any two standards at the same time.

ISO 28000 Remote Audits - Online

Your company is not easily accessible? No worries. Our auditor will engage with you on any online video conferencing platform that is convenient to you.  Remote auditing is the only option to circumvent the challenges we are facing due to the pandemic.

Expand Your Knowledge About ISO 28000 With Our Popular Training Courses

Profoundly understand the ISO 28000 standard from our subject matter experts and put your knowledge into practice. Check out our popular ISO 9001 training courses that help you realize your potential, upgrade your skills and remain competitive.

Client Case Study

Implementing ISO 28000:2007 can help ensure that your customers get high-quality products and services consistently. The following case studies offer a look at the difference ISO 28000 made for organizations in terms of customer satisfaction, overall process efficiency and revenue.

Frequently Asked Questions

What is the purpose of ISO 28000?

ISO 28000 certification aims at ensuring security and resilience by offering a well-defined framework. Organizations can enhance the security management systems, recognize the requirements, by following the norms of the management system standard acknowledged by International Organization for Standardization. The purpose of ISO 28000 is to define the essentials and relevant aspects for the supply chain to develop and maintain a robust security management system.

What are the 4 main clauses of the ISO 28000?

There are ten clauses in the integrated framework of ISO 28000. It includes the various steps of ensuring a resilient security management system in the organization. The ten clauses include – Scope, Normative references, Terms and definitions, Context of the organization, Leadership, Planning, Support, Operation, Performance evaluation and Improvement. Every clause is critical for ensuring the best security management system, regardless of the size of the organization.

What is the latest version of ISO 28000?

ISO 28000 was initially developed by ISO/TC 8. It based on the “Ships and maritime technology” and was published in 2007. In 2015 the standardization concerns of the series were transferred to ISO/TC 292. The 2015 version focused on security and resilience of an organization, who in 2019 decided to start a revision. In March 2022, it was revised again by the ISO TMB or Technical Management Board. It is the latest version. 

Related ISO 28000 Contents

ISO 9001:2015 Quality Management System Foundations

Upcoming webinars

A webinar created to help you understand the latest techniques and strategies.
ISO 9001 Quality Management System Certification


Register to popular ISO 28000 training courses.
Book Training
ISO 9001 Training and Certification: Quality Management


Download ISO 28000 brochure and related documents.
Download Brochure

Ready To Get ISO 28000 Certified?

Gain a competitive advantage and win new business