By CAS

ISO 28001:2007 — Supply Chain Security

Best practices for implementing supply chain security — helping organisations assess risk and implement security practices that protect the international supply chain.

By CAS ISO 28001:2007
Apply for Certification Talk to Our Team
ISO 28001:2007
SCSM
What is Security Management for Supply Chain?

ISO 28001:2007 specifies requirements for organisations to establish and implement supply chain security processes and practices — covering the assessment, implementation, and documentation of security practices throughout the international supply chain.

Who Is This For?

Logistics companies, freight forwarders, customs brokers, exporters, importers, port operators, and supply chain participants requiring documented security management practices for international trade.

Key Benefits
  • Demonstrates supply chain security practices to customs and trade authorities
  • Supports AEO (Authorised Economic Operator) status applications
  • Reduces risk of cargo theft, tampering, and smuggling
  • Required by some shipping lines and logistics clients
  • Structured approach to supply chain threat and risk assessment
  • Improves supply chain transparency and traceability
Certification Process
1
Application & Review
Submit your application. CAS reviews your organisation's scope, personnel, sites, and activities to prepare a detailed audit time calculation and formal commercial proposal.
2
Stage 1 — Document Review
On-site or remote review of your management system documentation, readiness assessment, and confirmation of Stage 2 audit scope and plan.
3
Stage 2 — On-site Audit
Full on-site audit of the implemented management system against the standard's requirements. Findings are reported; nonconformities must be closed before certification.
4
Certification Decision
CAS's independent certification committee reviews the audit findings and issues the certificate. The certificate is valid for 3 years.
5
Surveillance & Recertification
Annual surveillance audits (~1/3 of initial audit time) maintain certification. Recertification audit (~2/3 of initial time) is conducted before certificate expiry to renew for a further 3 years.
Frequently Asked Questions
ISO 28001 is aligned with the principles of C-TPAT (US Customs-Trade Partnership Against Terrorism) and similar trade security programmes. It provides a certifiable standard for supply chain security practices.
Related Services
EGAC Accredited
Quality Management Systems
ISO 9001:2015
Learn more →
 EGAC Accredited
Occupational Health & Safety Management Systems
ISO 45001:2018
Learn more →
 By CAS
Good Storage Practices
WHO GSP Guidelines
Learn more →