ISO 28000 Certification: Security Management System

Addresses potential security issues at all stages of the supply process, specifically within the logistics area.

The ISO 28000 - 2022 standard provides a best practice framework to reduce security risks across all activities, functions and operations that have an impact on the security management of the organization including (but not limited to) its supply chain. It can be used throughout all aspects of security of the organization.
With particular regard to the supply chain, some organizations managing multiple supply chains may require service providers to meet related security standards as a condition of being included in that supply chain in order to meet requirements for security management.

What is ISO 28000 - 2022

ISO 28000 focuses on aspects critical to manage and assure security risks. This may include financing, manufacturing, information management and transportation, in-transit storage and warehousing of goods. Originally devised to cover only the supply chain, the revised 2022 version can be used throughout all aspects of security of the organization.
ISO 28000 – 2022 employs the Plan-Do-Check-Act (PDCA) model to planning, establishing, implementing, operating, monitoring, reviewing, maintaining and continually improving the effectiveness of an organization’s security management system.
The standard is applicable to organizations of all sizes and types intending to establish maintain and improve a security management system.

An ISO 28000 - 2022 compliant management system helps you achieve:

  • integrated enterprise resilience;
  • systematized management practices;
  • enhanced credibility and brand recognition;
  • aligned terminology and conceptual usage;
  • improved supply chain performance;
  • benchmarking against internationally recognizable criteria;
  • greater compliance processes.

ISO 28000 - 2022 can easily be integrated with other major management system standards, like ISO 9001. This is an advantage for organizations looking to incorporate security aspects into other existing management systems.

Benefits of becoming certified

By becoming certified by an independent third- party verifies that your supply chain security management system complies with the ISO 28000 requirements. You get confirmation that you have systems in place to manage and mitigate aspects critical to security assurance of the supply chain.  Among the certification benefits are:

  • facilitate trade and expedite the transport of goods across borders;
  • monitor and manage security risks;
  • gain a competitive advantage and new business opportunities;
  • encourage companies to secure their own processes;
  • allow management to focus on areas of greatest concern;
  • benchmark security management practices;
  • achieves cost savings by reducing security incidents;
  • potentially reduce corporate insurance premiums;
  • improve efficiency across working practices;
  • demonstrate commitment to ensure safety of individuals and security of goods and services.

Getting started

The first step towards third party certification is to implement an effective management system complying with the standard’s requirements. DNV can help you throughout the journey from initial training to gap-analysis and the certification process.

See how you can get started on the road to certification.

More information