ISO 28003:2007
Security management systems for the supply chain - Requirements for bodies providing audit and certification of supply chain security management systems

Standard No.
ISO 28003:2007
Release Date
2007
Published By
International Organization for Standardization (ISO)
Latest
ISO 28003:2007
Scope
This International Standard contains principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO 28000. It defines the minimum requirements of a certification body and its associated auditors, recognizing the unique need for confidentiality when auditing and certifying/registering a client organization. Requirements for supply chain security management systems can originate from a number of sources, and this International Standard has been developed to assist in the certification of supply chain security management systems that fulfil the requirements of ISO 28000, Specification for security management systems for the supply chain, and other supply chain security management system International Standards. The contents of this International Standard may also be used to support certification of supply chain security management systems that are based on other specified supply chain security management system requirements. This International Standard - provides harmonized guidance for the accreditation of certification bodies applying for ISO 28000 (or other specified supply chain security management system requirements) certification/registration; - defines the rules applicable for the audit and certification of a supply chain security management system complying with the supply chain security management system standard’s requirements (or other sets of specified supply chain security management system requirements); - provides the customers with the necessary information and confidence about the way certification of their suppliers has been granted. NOTE 1 Certification of a supply chain security management system is sometimes also called registration, and certification bodies are sometimes called registrars. NOTE 2 A certification body can be nongovernmental or governmental (with or without regulatory authority). NOTE 3 This International Standard can be used as a criteria document for accreditation or peer assessment or other audit processes.

ISO 28003:2007 Referenced Document

  • ISO 19011:2002 Guidelines for quality and/or environmental management systems auditing
  • ISO 28000 Security and resilience*2024-01-01 Update
  • ISO/IEC 17000:2004 Conformity assessment - Vocabulary and general principles

ISO 28003:2007 history

  • 2007 ISO 28003:2007 Security management systems for the supply chain - Requirements for bodies providing audit and certification of supply chain security management systems
Security management systems for the supply chain - Requirements for bodies providing audit and certification of supply chain security management systems


Copyright ©2024 All Rights Reserved