ISO Offers Standard Approach to Global Supply Chain Security

ISO publishes ISO/PAS 28000:2005 to standardize supply chain security


With billions of dollars worth of goods moving at any given time along global supply chains, the newly published ISO/PAS 28000:2005 for security management systems will help combat threats to the safe and smooth flow of international trade.

"The publication of ISO/PAS 28000:2005 is a major security initiative," says Captain Charles Piersall, Chair of ISO technical committee ISO/TC 8, Ships and marine technology. "It is designed to enable better monitoring of freight flows, to combat smuggling and to respond to the threat of piracy and terrorist attacks as well as to create a safe and secure international supply chain regime."

Supply chain describes an overall process that results in goods being transported from the point of origin to final destination and includes the movement of the goods, the shipping data, and the associated processes as well as the series of dynamic relationships. It involves many entities such as producers of the goods, logistics management firms, consolidators, truckers, railroads, air carriers, marine terminal operators, ocean carriers, cargo/mode/customs agents, financial and information services, and buyers of the goods being shipped. For example, a company may employ more than one logistics firm, trucking companies may subcontract to operators or other companies, and vessel operating companies may divert the cargo to other carriers for various reasons.

As security hazards can enter the supply chain at any stage, adequate control throughout is essential. Security is a joint responsibility of all the actors in the supply chain and requires their combined efforts.

ISO/PAS 28000:2005, Specification for security management systems for the supply chain, outlines the requirements to enable an organization to establish, implement, maintain and improve a security management system, including those aspects critical to security assurance of the supply chain. These aspects include, but are not limited to, financing, manufacturing, information management and the facilities for packing, storing and transferring goods between modes of transport and locations.

ISO/PAS 28000:2005 can be used by a broad range of organizations – small, medium and large – in the manufacturing, service, storage and transportation sectors at any stage of the production or supply chain. Its implementation will reassure business partners that security is taken seriously within the organizations they deal with.

ISO/PAS 28000:2005 integrates the process-based approach of ISO's management system standards – ISO 9001:2000 and ISO 14001:2004 – including the Plan-Do-Check-Act (PDCA) cycle and requirement for continual improvement, as well as the risk management elements of ISO 14001:2004

While ISO/PAS 28000 can be implemented on its own, it is designed to be fully compatible with ISO 9001:2000 and ISO 14001:2004 and companies already using these management system standards may be able to use them as a foundation for developing the security management system of ISO/PAS 28000. To help users to do so, ISO/PAS 28000 includes a table showing the correspondence of its requirements with those of ISO 9001:2000 and ISO 14001:2004.

"ISO/PAS 28000, completed in less than one year, was truly remarkable and its success marks the deep spirit of cooperation and energies of all stakeholders," further noted Captain Piersall. "It was an extraordinary effort of cooperation and proves that standards can and will be accomplished to meet market needs 'on time'."

This content continues onto the next page...