Sie sind auf Seite 1von 4

ISO 28000: 2007 Supply Chain Security Management Systems

FrequentlyAskedQuestions(FAQs)
WhatisISO28000:2007?

ISO 28000:2007 is a management system specification which has been developed and
introduced in response to a demand from the transportation and logistics industry for a
common security management standard, with the ultimate objective of improving the
overallsecurityofsupplychains.

Howdifferentisitfromothersecurityprogramsandstandards?

ISO 28000:2007 is the only truly global supply chain security management system. It is a
SecurityManagementSystem,whichdifferentiatesitfromallotherprograms.Nonetheless,
ISO 28000: 2007 remains fully compatible with other standards, including ISO 9001:2004
and14001:2004andcanbeintegratedwithothervoluntaryandnonvoluntaryprograms,
includingCTPAT,AEO,STPandTAPA

WhatarethebenefitsofadoptingISO28000:2007?

It has been clearly demonstrated through industry adoption of ISO 28000: 2007 that
enhancedsupplychainsecurityprovidesignificantbenefitstoorganisations.Itcanhelpall
sectors of industry to assess security risk and implement controls to manage security
threats. Invariably, it helps organisations to view security not just as a customer
requirementbutasacompetitiveadvantageandmarketdifferentiator.

AsaSME,shouldIadoptISO28000:2007?

ISO28000:2007isaspecificationforthesecuritymanagementsystemforthesupplychain
thatissuitableforallsizesandtypesoforganisation.

IamamemberoftheSingaporeTradePartnership(STP).Aretheresignificantdifferences
betweenSTPandISO28000:2007?

Strictly speaking, the Singapore Trade Partnership (STP) and ISO 28000 : 2007 are not
mutuallyexclusivebutcomplementary.CompaniesthatarealreadySTPcertifiedwillrealise
thattheyarewellpositionedtoattainISO28000:2007iftheychoosetogoforcertification
tothisinternationalstandard.


IalreadyrelyonTAPAtoauditmysites.WhywouldIneedISO28000:2007?

TAPA audits provide supply chain stakeholders with an excellent means to verify the
physical security of their partners in the supply chain. The TAPA audit process is limited,
however, to physical security measures. As a security management system, ISO 28000 :
2007 incorporates aspects of physical security, and experience has shown that companies
whohavealreadyadoptedTAPAarewellpreparedforthephysicalsecurityaspectsofISO
28000:2007.

CanIobtainGovernmentfundingtoimplementISO28000:2007?

Yes, Government funding is available upon application to SPRING thru Singapore


Manufacturers' Federation (SMA). SMEs can apply to SMA independently whilst MNCs
make application in a consortium approach with a minimum of 50% of the application
makingupSMEsidentifiedintheMNCsbusinessvaluechain.www.smafederation.org.sg

SMEsorSMEswhicharepartofaconsortiumcanapplyforsupporttohelpdefraypartof
thecost(upto50%)1tobecomeISO28000:2007certified.Coverageincludespartofthe:

Salary/trainingofstaffinvolvedinthecertificationproject
Costofengaging3rdpartyconsultancyservicetosupporttheprocessofISO28000:
2007certification
ISO28000:2007certificationcost
ITHardware/softwareneededtoimplementISO28000:2007

Howlongwillthisalltake?

Depending on the size of your organisation and complexity of its operations the general
timelineforanorganisationfromimplementationtocertificationwilltakeapproximately4
to 6 months2 allowing enough time for implementation, corrective action and continual
improvementasrequiredbythestandard.

1
Subjecttoorganisationcriteria(SMEvsMNC),applicationdetailandsuccessfulachievementofSecurity
ManagementSystemobjectivesaftercertification.
2
LSAConsultantswillprovideacustomisedprojectroadmapforyourorganisationtoincludefunding
applicationprocess;organisationtimelinerequirementsand3rdpartycertificationaudits.


TheapplicationforGovernmentfundingassistanceshouldbemadeassoonaspossibleto
capitaliseontheavailabilityofexistingGovernmentfunding.

WhatstudieshavebeenconductedtoshowthatSecurityManagementSystemscan
improveefficienciesintheSupplyChain?

ArecentstudybyStanfordUniversityreportedthatcompanieswhichhadinvestedinsupply
chain security were able to reap substantial benefits. These benefits were quantified as
follows:

; ReducedtheirCustomsinspectionsby48percent

; Increasedtheautomatedhandlingoftheirimportsby43percent

; Sawa29percentreductionintransittimes

; Improvedtheirassetvisibilityinthesupplychainby50percent

; Improvedontimeshippingtocustomersby30percent

; Reducedtimetakentoidentifyproblemsby21percent

; Reducedtheftininventorymanagementby38percent

; Reducedexcessinventoryby14percent

; Reducedcustomerattritionby26percent

ISO 28000 is a global Security Management System best practice standard that helps all
sectorsofindustryassesssecurityrisksandimplementcontrolsandmitigatingstrategiesto
effectivelymanagepotentialsecuritythreatsandimpactsfromthesupplychain.

Whocanhelpme?

Of course not all organisations have theskill, or available resources to implement the ISO
28000:2007standardstoacompliantlevel.InthiseventLSAConsultantscanprovideyou
withtheprojectmanagementcapabilityandexperiencetoeffectivelyengageyourstaffand
keystakeholderstoimplement,testandaudityourISO28000:2007securitymanagement
system to reach compliance status and achieve certification. In order to ensure we leave
you with a value add service, our consultants will provide ISO 28000 : 2007 awareness


trainingtostaff andtrainkeypersonnelinorderthatthey arecapableofmaintainingthe
systemafterweleave.

LSAConsultantsaregearedtoassistyourorganisationwithanendtoendcustomerservice
process.Ourconsultantswillarticulatetheentireconsultancyprocess,timelineandproject
deliverables and help provide the necessary documentation and quotes to SMA for the
SPRINGapplicationsubmission.

Pleaseemailcontact@lsaconsultants.comorvisitourwebsitewww.lsaconsultants.comfor
furtherinformationanddocumentdownloads.FeelfreetocompletetheLSAConsultants
ContactUsformhttp://www.lsaconsultants.com/contactusfromourwebsite.

Das könnte Ihnen auch gefallen