This International Standard provides generic advice on the application of ISO 28000:2007, Specification for
security management systems for the supply chain.
It explains the underlying principles of ISO 28000 and describes the intent, typical inputs, processes and typical
outputs, for each requirement of ISO 28000. This is to aid the understanding and implementation of ISO 28000.
This International Standard does not create additional requirements to those specified in ISO 28000, nor does it
prescribe mandatory approaches to the implementation of ISO 28000.
ISO 28004:2007 history
2012ISO 28004:2007/cor 1:2012 Security management systems for the supply chain - Guidelines for the implementation of ISO 28000 - Part 1: General principles; Technical Corrigendum 1
2007ISO 28004:2007 Security management systems for the supply chain - Guidelines for the implementation of ISO 28000