DD ISO/PAS 28003:2006 Security management systems for the supply chain. Requirements for bodies providing audit and certification of supply chain security management systems
DD ISO/PAS 28003:2006 contains principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO/PAS 28000. It defines the minimum requirements of a certification body and its associated auditors, recognizing the unique need for confidentiality when auditing and certifying/registering a client organization.
DD ISO/PAS 28003:2006:
Provides harmonized guidance for the accreditation of certification bodies applying for ISO/PAS 28000 (or other sets of specified supply chain security management system requirements) certification/registration
Defines the rules applicable for the audit and certification of a supply chain security management system
Helps firms comply with the ISO/PAS 28000 requirements (or other sets of specified supply chain security management system requirements)
Provides customers with the necessary information and confidence about the way certification of their suppliers has been granted.
NOTE 1 Certification of a supply chain security management system is sometimes also called registration, and certification bodies are sometimes called registrars.
NOTE 2 A certification body can be nongovernmental or governmental (with or without regulatory authority).
NOTE 3 This Publicly Available Specification can be used as a criteria document for accreditation or peer assessment or other audit processes.
Contents
Foreword Introduction 1 Scope 2 Normative references 3 Terms and definitions 4 Principles for certification bodies 4.1 General 4.2 Impartiality