ISO 28000:2007 – Supply Security Management
A more secure logistics chain with ISO 28000:2007
Regardless of size, for an organization to function and thrive, it must connect to the business circuits that make up the logistics chain, from ideas, processes and raw materials to end consumers and, taking into account sustainable development, even to material recyclers / salvage or reuse companies. Business performance requires both speed and efficiency, to some extent competing requirements that are difficult to meet without specialized tools, such as, for example, ISO 28000:2007, Security of Supply Management.
ISO 28000:2007 was developed by the Technical Committee ISO/TC 8, Ships and Marine Technology, in collaboration with other relevant technical committees responsible for supply chain-specific nodes. This first edition of the ISO 28000 standard repeals and replaces ISO/PAS 28000:2005, which has been technically revised.
In the environment of interconnected producers and suppliers, supply is constantly “threatened” by unauthorized intentional acts (theft, smuggling, piracy, terrorism). The ISO 28000:2007 standard takes into account the safety of documentation, manufacturing, transportation, storage and supply processes for small and large organizations.
In order to be successful, organizations need to establish, maintain and improve a security of supply management system. In this way they will reduce the risks of transport, delays and facilitate national and international connections.
Advantages of ISO 28000:2007 certification:
- Increase in the logistics performance
- Facilitating internal or external trade
- Monitoring and managing security risks throughout the supply chain
- Decrease of costs by reducing security incidents
- Improvement of the public image of the company, towards third parties (authorities, public, customers), in terms of credibility and notoriety
- Compliance with legal requirements in force
- The resilience of the organization in relation to the evolution of the company’s external environment
- Systematized management practices
- Common vocabulary, by aligning the terminology and concepts used with international practice
Performance evaluation in relation to internationally recognized criteria
The certification process
Certification costs
The price of a certification according to ISO 28000:2007 is established depending on the structure, size and field of activity of the organization.
Frequently Asked Questions
Certification is the verification of the compliance of management systems with the ISO reference standards.
This analysis is carried out by a certification body.
ISO is the abbreviation for the International Organization for Standardization based in Geneva.
This organization issues international standards called generic ISO.
Management system certifications according to ISO standards are valid for a period of 3 years.
In the third year, the recertification audit is performed, the organization thus entering a new 3-year certification cycle.
The audit is a systematic, independent and documented activity that aims to assess the extent to which certain requirements are met.
The audit should be seen as a tool for improvement and in addition to the objectives of any audit, the audit team should also consider identifying potential areas for improvement and shall document these in the form of recommendations in the audit report, along with other findings (nonconformities or identified weaknesses).
The certification audit is carried out in 2 stages:
- The analysis of the documentation and obtaining the necessary information regarding the field of the management system.
- The assessment of the Management System operation on site.
The verification of the implementation and operation of the management system in accordance with the reference standard, followed by the closure of non-conformities.
We consider the audit process as a comfortable, positive experience, oriented towards providing added value – it is a process of collaboration, cooperation and you are the customer. An effective audit process allows the management to evaluate their own efficiency in controlling the company in the desired manner.
- Sending the quotation.
- Signing the contract and agreeing on the payment method.
- Scheduling the audit date.
- The certification audit. Preparation of necessary reports.
- Verification of audit documentation and closure of non-compliances.
- The issue of the certificate.
- Surveillance audit I. It is found that the system is maintained and improved by a new audit no later than 1 year after the completion of the certification audit.
- Surveillance audit II. It is found that the system is maintained and improved by a new audit no later than 2 years after the completion of the certification audit.
- Recertification. In order to maintain continuity, the recertification audit must be carried out before the expiration of the certificates.
A standard is a document established by consensus and approved by a recognized body, which provides, for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context. (according to ISO/IEC Guide 2:1996).
Certification according to ISO management systems or the Good Practice Guide in order to ensure the health of the customers is a voluntary process.
The Certification is a useful tool for the management of the company, which thus has the certainty of implementing the best practices in order to protect the health of the customers and employees.
- Accreditation and recognition at national and international level
URS Certificari performs audits and issues certificates according to the ISO/IEC 17021:2011 accreditation standard.
The most professional ISO certification bodies are accredited by accreditation institutions recognized for their competence and performance worldwide. This accreditation clearly certifies that the certification body carries out activities in the most professional way possible.
For Romania, there is RENAR, the institution that accredits certification bodies in Romania, thus allowing for national recognition.
- Service quality.
The attitude and professionalism of the URS team are evaluated monthly by our clients.
Recommendation is one of the most important ways to promote ourselves. We consider the recommendation a powerful tool because it speaks about the trust that our clients have in the URS Certificari team and in the services provided.
The validity period of an ISO certificate is three years. In order to maintain continuity, the recertification audit must be carried out before the expiration of the certificates.
The organizations that grant certifications of compliance with international standards to third parties are themselves accredited by accreditation bodies (e.g., RENAR Romania) and are therefore called Accredited Certification Bodies.
The accreditation means that certification bodies have in turn been assessed in regard to internationally recognized standards, in order to demonstrate their competence, impartiality and performance.
The accreditation allows to distinguish a competent assessor who ensures that the choice of a certification or inspection body is a well-documented one. An accredited certification body can prove to their customers that they meet the requirements of the international accreditation standards. The result is a reduced risk of a customer choosing and paying an incompetent assessor, or worse, being guided by results without any real basis.
The accredited ISO certification complies with the strictest requirements of the tenders and is recognized nationally and internationally.
URS Certificari conducts audits and issues certificates according to the ISO/IEC 17021:2015 accreditation standard.