BUSINESS CHALLENGEIn today’s global economic landscape, security management has become a complex challenge in allareas of industry and, in particular, supply chains. Logistic operations and supply chain partners areoften scattered worldwide with varying national regulations and business processes. Companies wouldlike to assure security while identifying potential threats, assessing risk and implementing measuresto prevent any risks and threats affecting the success of their business.

SOLUTIONWhat is ISO 28000? ISO 28000 was de veloped in r esponse to the tr ansportation and l ogistics industries’ need f or acommonly applicable security management sys tem specific to supply chain security. However,companies in many other industries are finding it useful to assess security risks, implement controls,and mitigate arrangements to manage potential security threats and impacts from the supply chain.Quality, safety and customer satisfaction also benefit from this management system.

The requirements for ISO 28000 include all critic al aspects for supply chain security as surance.Some examples include: financing, manufacturing, information management, and the facilities forpacking, storing and transferring goods between vehicles and locations. Security management islinked to many other aspects of business management. These should be considered directly, whenand where they impact security management, including transporting goods through the supply chain.

What are the key benefits?Enhanced security risk assessment, asset protection and inventory visibility and managementAssured supply continuity for sustainable business development and reduction of delivery timesImproved customer satisfaction and business cooperation along the supply chainReduction of losses resulted from transport related theftShorter customs clearance time (Green LaneApprovals) and reduced secondary inspectionsCompliance with other trade and supply chainsecurity schemes, such as AEO and C-TPAT

WHY CHOOSE BUREAU VERITAS? Recognition - Bureau Veritas Certification is recognizedby more than 40 national and international accreditationbodies across the world. Network - 5,700 skilled auditors operating in more than100 countries offer a unique combination of internationaland l ocal e xpertise pr oviding c onsistent servic eswherever our clients are. Expertise - Our auditors have extensive knowledge ofspecific industry sectors, local regulations, markets andlanguage that enables them to provide solutions adaptedto your needs.Mark of Global recognition - The Bur eau V eritasCertification mark is a gl obally recognized symbol ofyour organization’s ongoing commitment to excellence,sustainability and reliability.

Bureau Veritas Certification Services

ISO 28000 CERTIFICATIONSecurity Management System for the Supply Chain.

RELATED SERVICESIntegrated CertificationBureau V eritas Certific ation off ers thepossibility of integrated and/or combinedcertification with other schemes such as

TAPA, SQAS, TDGA ISO 9001, ISO 14001, OHSAS 18001 AEO, C-TPAT

This deliv ers greater audit efficiency,consistency and optimization .

Other servicesBureau V eritas Certific ation has alsoexpanded its offer to provide a completerange of suppl y chain and riskmanagement services:

VeriCert®: risk based audit approachSupplier and network auditInternal auditBusiness Continuity: BS 25999-2Information security: ISO 27000

ISO 28000

BUREAU VERITASCertification

ISO28000_09.qxd 4/06/09 14:16 Page 1

CONTACTFor details about this service, please contact

Bureau Veritas Certification

By phone: +91 022 6695 6317 (B) 022 6695 6331 (D)By e-mail: scsinfo@in.bureauveritas.com

FOR MORE INFORMATIONplease visit:

www.bureauveritas.co.in

OUR CERTIFICATION PROCESSKey steps in our certification process are:

Definition of certification scopePre-audit (optional): gap analysis and diagnosis ofyour current position against standardCertification audit performed in 2 stages:

- Stage 1 – r eadiness review performed to verifythat the organization is ready for certification

- Stage 2 – e valuation of implementation,including the effectiveness, of the managementsystem of the organization

A certificate valid for 3 years is issued uponsatisfactory results of stage 2 auditSurveillance audits to verify that the managementsystem continues to fulfill the requirements of thestandard and monitor the continual improvement Re-certification after 3 years to confirm the continuedconformance and effectiveness of the managementsystem as a whole

FAQ Who would benefit from ISO 28000?Companies that wish to implement and maintain a proven supply chain security management system;any type and size of organization involved in manufacturing, services, storage and transportation relatedto the production or supply chains.

How are ISO 28000 and ISO 9001/14001 linked?ISO 28000 was designed to help integrate quality environmental and supply chain security managementsystems within an organization. It is c ompatible with ISO 9001 (quality management) and ISO 14001(environmental management). ISO 28000 is based on a plan-do-check-act management sys temmodelled after the proven ISO 14001 fr amework. The risk-based approach outlined in ISO 14001 issimilar to the one used in ISO 28000.

Will the adoption and integration of ISO 28000 requirements entail a big investment?For industry logistics and supply chain partners most of the requirements are also the requirementsof their clients. Adopting this standard represents a limited effort in organization and documentation.

ISO 28000

BUREAU VERITASCertification

CA*CA*

Pre

-aud

it (o

ptio

nal)

Certificateissued

Surveillance audits

Stage 2 audit

Stage 1 audit

Def

init

ion

ofce

rtif

icat

ion

scop

e

Certification audit

* CA: Corrective Action (if necessary)

• Policy • Security risk assessment

& planning • Implementation

& operation • Checking & corrective

action • Management review

ISO28000_09.qxd 4/06/09 14:16 Page 2