What is ISO 28000:2007?

ISO 28000:2007 is a management system specification for the protection of people, property, information and infrastructure; in companies and organizations participating in local, national and international supply chain operations. It specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Supply Chain Security Management System (SCSMS), using a continual improvement approach.

Benefits of adopting ISO 28000:2007

It has been clearly demonstrated through industry adoption of ISO 28000: 2007 that enhanced supply chain security provides significant benefits to organizations. It can help all sectors of industry to assess security risk and implement controls to manage security threats. Invariably, it helps organizations to view security not just as a customer requirement but as a competitive advantage and market differentiator.

ISO 28000 was developed in response of industry demand for security management standard. Its ultimate objective is to improve the security of supply chains. It is a high-level management standard that enables an organization to establish an overall supply chain security management system. It requires the organization to assess the security environment in which it operates and to determine if adequate security measures are in place and if other regulatory requirements already exist, with which the organization complies.

The ISO 28000 standard is formally known as "Specifications for Security Management Systems in the Supply Chain".

Is ISO 28000 relevant to your organization?

According to the ISO it is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:

  • Establish, implement, maintain and improve a security management system;
  • Assure conformance with stated security management policy;
  • Demonstrate such conformance to others;
  • Seek certification/registration of its security management system by an Accredited third party Certification Body; or
  • Make a self-determination and self-declaration of conformance with ISO 28000:2007

Request Quote

You are here: Home Blog What is ISO 28000:2007?


"Excellent Program, very informative & practical"

Saurav Mondal, LG Electronics

More satisfied clients...

Contact us

  • Tel: +91-9810189048
  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Web: www.pmg-india.com
  • Add: C-9/36-FF, Palm Floors
    Ardee City, Sector-52, Gurgaon