ISO/PAS 28000:2005


The ISO/PAS 28000 standard has become an essential tool for enhancing supply chain security as the threat to international trade and the economic growth of trading nations through security incidents and terrorism has increased.

The security of people, infrastructure, equipment, and means of transport, should be protected against security incidents and their potential devastating effects. ISO/PAS 28000:2005 integrates the process-based approach of the management system standards – ISO 9001:2000 and ISO 14001:2004.

90% of the world’s cargo is transported by container. There are over 300 seaports in the world and millions of containers are constantly on the move. There is little if any physical inspection of the contents; reliance is placed on a paperwork description of the manifest.

ISO/PAS 28000 helps companies demonstrate to their supply chain partners and stakeholders that they have top management commitment and sound operational arrangements in place for identifying threats and managing risks.

Requirements


The specification requires that an organisation provide a:
  • Statement of Coverage that defines the boundaries of the portion of the supply chain that is covered by the security plan
  • Security assessment report that documents the vulnerability of the chain to defined security scenarios. It also defines the impact expected from each of the threat scenarios if carried out.
  • Security plan that describes security measures in place to manage existing security threats.
  • Training program to enable supply chain personnel to meet any assigned security related duties.

To undertake the security assessment used to produce the security plan the user will need to:
  • Identify the threats posed.
  • Determine how likely a person attempting to carry out such security scenarios on the supply chain would be to succeed.

If the supply chain is considered vulnerable to a higher consequence threat then the organisation shall develop suitable countermeasures to reduce the threat to an acceptable level.

Who can I contact for further information?

If containers are used anywhere in your supply chain and you believe that you may be at risk  contact us for a confidential discussion of your ISO 28000 requirements .