Skip to content
Please enter a keyword to search

  • ISO/PAS 28001:2006

    View superseded by
    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
    View superseded by

    Security management systems for the supply chain Best practices for implementing supply chain security Assessments and plans

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Withdrawn date:  18-03-2019

    Language(s):  English

    Published date:  25-08-2006

    Publisher:  International Organization for Standardization

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Foreword
    Introduction
    1 Scope
    2 Normative references
    3 Terms and definitions
    4 Field of application
      4.1 Statement of application
      4.2 Business partners
      4.3 Internationally accepted certificates or approvals
      4.4 Business partners exempt from security declaration
          requirement
      4.5 Security reviews of business partners
    5 Supply chain security process
      5.1 General
      5.2 Identification of the scope of security assessment
      5.3 Conduction of the security assessment
      5.4 Development of the supply chain security plan
      5.5 Execution of the supply chain security plan
      5.6 Documentation and monitoring of the supply chain
          security process
      5.7 Actions required after a security incident
      5.8 Protection of the security information
    Annex A (informative) Supply chain security process
    Annex B (informative) Methodology for security risk
                          assessment and development of
                          countermeasures
    Annex C (informative) Guidance for obtaining advice and
                          certification
    Bibliography

    Abstract - (Show below) - (Hide below)

    ISO/PAS 28001:2006 provides requirements and guidance for organizations in international supply chains to

    • develop and implement supply chain security processes;
    • establish and document a minimum level of security within a supply chain(s) or segment of a supply chain;
    • assist in meeting the applicable Authorized Economic Operators criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes.

    NOTE Only a participating National Customs Agency can designate organizations as Authorized Economic Operators in accordance with its supply chain security programme and its attendant certification and validation requirements.

    In addition, ISO/PAS 28001:2006 establishes certain documentation requirements that would permit verification.

    Users of ISO/PAS 28001:2006 will

    • define the portion of an international supply chain within which they have established security (see 4.1);
    • conduct security vulnerability assessments on that portion of the supply chain and develop adequate countermeasures;
    • develop and implement a supply chain security plan;
    • train security personnel in their security related duties.

    General Product Information - (Show below) - (Hide below)

    Development Note DRAFT ISO/DIS 28001 is also available for this standard. (01/2007)
    Document Type Standard
    Publisher International Organization for Standardization
    Status Withdrawn
    Superseded By

    Standards Referenced By This Book - (Show below) - (Hide below)

    DIN ISO 28000 E : 2015 SPECIFICATION FOR SECURITY MANAGEMENT SYSTEMS FOR THE SUPPLY CHAIN (ISO 28000:2007)
    BS ISO 28000:2007 Specification for security management systems for the supply chain
    ISO 28000:2007 Specification for security management systems for the supply chain
    DIN ISO 28000:2015-08 Specification for security management systems for the supply chain (ISO 28000:2007)

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/PAS 28000:2005 Specification for security management systems for the supply chain
    ISO 19011:2011 Guidelines for auditing management systems
    ISO/IEC 17021:2011 Conformity assessment Requirements for bodies providing audit and certification of management systems
    ISO/PAS 20858:2004 Ships and marine technology Maritime port facility security assessments and security plan development
    ISO 14001:2015 Environmental management systems — Requirements with guidance for use
    ISO 9001:2015 Quality management systems — Requirements
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective