ISO 28000

Supply Chain Security Management System

Continually improve your business with the international supply chain security management system

ISO 28000 is an internationally recognized supply chain security management system.

Security management is closely linked to many other parts of an organization’s business. More specifically, it refers to aspects that have an impact on security in the supply chain.

This international standard is applicable to organizations of all sizes (from local to multinational), whether engaged in manufacturing or providing services.

In short, ISO 28000 helps you to:

  • Establish, implement, maintain and improve a supply chain security management system;
  • Ensure compliance with established management policies by security;
  • Comparative advantage over competition;
  • Request certification of your management system from an accredited certification body;
  • Compliance with international market requirements.
1. Introduction

Find out what the ISO 28000 Supply Chain Security Management System really is and what makes it suitable for your business.

Learn more
2. Benefits

Find out the best way to implement ISO 28000 and how our company can help you with this.

Learn more
3. Certification

Familiarize yourself with the Safety Risk Assessment.

Learn more
4. Maintenance

Make sure your system is constantly growing and evolving to deliver the best solutions for your business.

Learn more

1. Introduction

Discover the best way to get started with ISO 28000 Supply Chain Management implementation and find out why this standard can contribute to any type of business, whether big or small.

ISO 28000 will help you constantly monitor and manage your organization’s supply chain security. This standard is a significant tool for enhancing the security chain and processes that will enhance the quality of your customer relationship.

Good preparation is key to getting the best out of ISO 28000. We provide you with the methods, customized documentation and technical experts to gain confidence and get started with the ISO 28000 implementation process.


When implementing ISO 28000, we are at your disposal to familiarize yourself with the requirements of the standard with a view to its successful implementation.

How to implement ISO 28000?

When implementing this standard, the predicted probability of an event, as well as any possible consequences that the event may cause, shall be taken into account. Among other things, these consequences must include:

– Physical security (Location and building security, Physical integrity and layout, Perimeter security, Access control procedures and ID cards, Security technology, Secure storage, Asset management, Staff security activities);

– Employee safety (Employee safety, Employee integrity and pre-employment checks, Employee education and training, Security awareness, Physical and IT access control procedures);

– Information Security (Information Security Procedures, Access Procedures, Data Security, Data Delivery Procedures, Data Exchange with Customs, Compliance with Regulatory and Industry Standards);

– Security of goods and transport (Security procedures for managing and controlling access, Supervision of goods loading and unloading operations, Goods integrity procedures, Alarm and incident reporting procedures, Use of information from intelligence circuits);

– Closed/secure transport units (Seal integrity procedures, Cargo loading and proper cargo distribution, Bribing detection, Documentation of all transactions, Inspection control, Handover, Quantity discrepancy procedures, Cargo transport unit integrity procedures).

2. Benefits

The ISO 28000 standard brings numerous benefits to organizations that implement it in their operations.

Some of the most basic and concrete benefits of implementing this standard are:

– Control over all processes in the supply chain;

– Increase employee safety, infrastructure and products;

– Preventing the misuse of the supply chain for criminal purposes;

– Reducing financial losses;

– Increasing customer satisfaction;

– Shortening time for customs clearance and other inspections;

– Increasing the company’s reputation.

3. Certification

Create new opportunities for your organization and meet supply chain security management system requirements through ISO 28000 certification. Fulfill your organizational resistance expectations and prove that you are using the best business continuity practice.

Once you reach the ISO 28000 certification level, you will be able to show your customers and stakeholders that you are ready to continue doing business in the event of a serious incident or disaster. This is a good opportunity to promote your business and show that you are a trusted partner, which could open up new business opportunities for the organization.

Certification steps ISO 28000:

1. Analysis of nonconformity

The non-compliance analysis is an optional activity that is carried out before the assessment itself. We will look closely at your existing business continuity management activities and compare them with the requirements of ISO 28000. This is a cost-effective way to check if there are areas to be improved before a formal assessment is made.

2. Formal assessment

A formal assessment is a two-step process. At first, the consultant will review the readiness of your organization for the assessment, checking the necessary procedures of ISO 28000 and the control methods developed here. Details of our analyses will be shared with you and in case of discrepancies, you will be able to solve them. In the case when all requirements are met, it switches to the assessment of the level of implementation of procedures and control within the organization, according to the requirements of ISO 28000 certification.

3. Certification

Once the level of certification is achieved, you will receive the ISO 28000 certificate valid for three years, subject to an annual check. With this certificate, you have formal evidence that your organization operates in accordance with quality requirements and thus not only takes care of internal resources and processes, but also demands of clients and other stakeholders.

4. Maintenance

The implementation of the ISO 28000 standard is not done solely because of the fullfilment of standard requirements, but also because it provides guidelines on how to constantly improve your organization. Maintenance of the ISO 28000 system is carried out by regular visits by a consultant, to make sure that you are implementing the system requirements, improving the system and thus adding value to your organization.

Popular courses and training for ISO 28000

We use effective learning techniques to make sure that you fully understand all the requirements of ISO 28000. This type of training consists of lectures and workshops of interactive parts, which allow you to give your opinion and present your views, practical examples and the like.

Learn more about ISO 28000 training.