ISO 28001:2018

General

ISO 28000:2007 is an international standard, developed by International Organization for Standardization (ISO) in response to the need of world business community to promote the security of cargo, transport means and transportation facilities from terrorist threats, smuggling, and embezzlement. The main objective of ISO 28000:2007 is to improve transport security and align the requirements for security management system (SMS). ISO 28000 family of international standards include ISO 28000:2007, Specification for security management systems for the supply chain; ISO 28001:2007, Security management systems for the supply chain, Best practices for implementing supply chain security, assessments and plans, Requirements and guidance; ISO 28003:2007, Security management systems for the supply chain. Requirements for bodies providing audit and certification of supply chain security management systems; ISO 28004:2007, Security management systems for the supply chain. Guidelines for the implementation of ISO 28000. ISO 28000 is deemed to be the main document of the mentioned series of standards.

Who is this standard for?

International standard ISO 28000 is applicable to all organizations, regardless of their size and kind of activity, which are somehow involved in a supply chain and strive to implement security management system (SMS) to ensure an appropriate level of supply chain (or its part) security. Such organizations can include:

1. product manufacturers, independently conducting full or partial delivery of products;
2. importers;
3. exporters;
4. customs brokers;
5. shipping brokers;
6. transport operators (auto, railway, aero, marine, river);
7. container terminal operators;
8. airports, maritime and river port, railway station;
9. warehouse complexes;
10. shipping agents;
11. distributors

The benefits of implementation and certification

Implementation and certification of supply chain security management system allows the Organization to gain confidence that its supply chain (or part of the supply chain, controlled by the Organization) operates in safe conditions; and demonstrate evidence of attained security level to all stakeholders, including potential clients of the Organization.

Benefits, obtained by organizations with management systems compliant with the requirements of ISO 28000:2007 international standard:

• reduction in the number of security incidents, extent of damage, caused by security incidents, embezzlement and smuggling on transport;
• efficient monitoring and risk management in respect of security hazards, applicable to the kind of activity of the Organization;
• promotion of the image of a reliable partner and the Organization’s reputation on the market of provided products/ rendered services;
• optimization of costs for maintenance of appropriate level of supply chain (or its part) security by means of systematic use of the Organization’s internal resources, allocated for provision of security;
• alleviation of obtaining by the Organization the status of conformity to the requirements of programs on security of national customs organizations (e.g. status of European Approved Economic Operator (AEO) or partnership on the program S-TRAT);
• opportunity to develop integrated management system trough exceptionally high level of ISO 28000 alignment with ISO 9001 and ISO 14001 standards;
• more efficient cooperation between the Organization and stakeholders regarding security and their awareness, including activity in choosing contractor/supplier by the Organization.

Certification of the Organization for compliance with the requirements of ISO 28000:2007 is agreed with the actions of governmental authorities of the Russian Federation, focused on implementation of provisions of the Federal law № 16 “On transport security”, the objective of which is to ensure security of transportation facilities and transport means.