Given the events of the past year, it is not surprising that minds have been focused on making supply chains more resilient. But that is all about to be formalised with a new international standard ISO 28002:2011.
According to the International Standardisation Organisation this new standard specifies requirements for a resilience management system in the supply chain to enable an organisation to develop and implement policies, objectives, and programmes.
This system must take into account legal, regulatory and other requirements to which the organisation subscribes; information about significant risks, hazards and threats that may have consequences to the organisation, its stakeholders, and on its supply chain; protection of its assets and processes; and management of disruptive incidents.
It follows on from ISO 28000:2007 which specified the requirements for a security management system, including those aspects critical to security assurance of the supply chain. And it is designed to integrate with the ISO 31000 risk management standard.
Much of the work on ISO 28002 has been done by ASIS International, the US security organisation. It said: “With ratification of the ISO 28002, the ASIS/ANSI.SPC.1 Standard becomes the only US Department of Homeland Security Private Sector Preparedness (PS-Prep) standard with a ratified ISO counterpart.”
With management standards, the biggest benefit often comes from creating virtuous circles, with organisations working together to maintain the standard.
Take up of the standard will be critical – are you ready for the challenge?