This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. To find out more about the cookies we use and how to delete them, see our Privacy policy.


Lloyds Register Quality Assurance - Improving performance, reducing  riskLloyds Register Quality Assurance - Improving performance, reducing risk


IT and telecommunications

ISO 28000

ISO 28000 is an international supply chain security management system standard.

security, ports, terrorism, safety, supply chain, assurance, lrqa

What is ISO 28000?

Most organisations rely in some way on their supply chain to ensure business continuity and they are vulnerable if supplies are interrupted. To help prevent this and manage security risks in this current volatile world, ISO has published ISO 28000; with valuable and extensive inputs from Lloyd's Register.

ISO 28000 is an international supply chain security management system standard.  It offers organisations working within, or relying on, the logistics industry, a framework that identifys aspects critical to the security assurance of their supply chain.  These aspects include, but are not limited to, financing, manufacturing, information management and the facilities for packing, storing and the transferring of goods between modes of transport and locations.

Who can use ISO 28000?

ISO 28000 is a management system specification which has been developed specifically for logistics companies and organisations that manage supply chain operations. This specification was published by The International Standards Organisation (ISO) in September 2007.

ISO 28000 is suitable to all sizes and types of organisation that are involved in purchasing, manufacturing, service, storage, transportation and/or sales processes that wishes to implement and maintain a secure management system for their supply chain.

Benefits of ISO 28000

  • Stakeholder confidence - to demonstrate a robust and secure supply chain management system to regulators/authorities, their customers/potential customers and other interested organisations.

  • Consistency - to provide a consistent approach by all service providers within a supply chain.

  • Customer satisfaction - to demonstrate the ability to meet customer requirements 

  • Risk management - Can help all sectors of industry assess security risks and implement controls and mitigating arrangements to manage potential security threats and impacts from the supply chain

  • Easily integrated - it uses a plan-do-check-act based management system that has been modelled on the well proven ISO 14001 standard. This means that organisations already familiar with the same risk based approach used by ISO 14001 will be able to use a similar approach when analysing supply chain security risks and threats. 

  • Supplier of choice - Can demonstrate to customs authorities the organisation's capability to manage security issues within the supply chain. This is significant when considering an application for Authorised Economic Operator (AEO) as many of the requirements are aligned. To find out more information on AEO read the European Commission's fact Sheet.

LRQA Services

Certification - LRQA is at the leading edge of supply chain security management system certification. We have experience of security assessments gained from carrying out audits to the International Ship and Port Facility code (ISPS).  Having issued the first ISO 28000 global certificate, we are in a prime position to share our experience and expertise to help our clients manage security risks and assure continuity of supply.

Training - LRQA can offer training to organisations wanting to update their staff with the information required to allow a suitable security management system to be set up, maintained and certified.  Training courses include:

  • Appreciation and Interpretation of ISO 28000

  • Implementation of an ISO 28000 Security Management System

  • ISO 28000 Internal Auditor Training

  • Lead Auditor Training

Next steps...

Please contact us for more information