Featured Product
This Week in Quality Digest Live
Standards Features
Marc Lepere
The current system for rating ethical credentials is meaningless
For CO2 climate data, missing standards create underreporting
Wade Schroeder
The FDA is looking to make them mandatory
The short answer: Standard weights, rigorous procedures, and state inspectors ensure measurements are fair and accurate

More Features

Standards News
Appointments are the first for recently established committee to advise the President
ASQ’s five quality certifications are the only ones to earn global recognition by ANSI
ISO 21434 automotive cybersecurity and implementing design and process FMEAs
Standards for plastics enjoy a privileged status
Elsmar Cove is a leading forum for quality and standards compliance
Awards available in Kentucky, Nebraska, Rhode Island and South Dakota
Prior to vote, IAF seeks industry feedback to understand the level of demand from businesses and regulators.
FedEx demonstrates commitment to customer-focused continuous improvement
Merger will expand data-driven insight, advisory services, and analytics for supply chain assurance

More News



New ISO Standard for Ensuring Supply-Chain Resilience

ISO 28002 offers a comprehensive process for prevention, recovery from disruptive incidents.

Published: Tuesday, August 23, 2011 - 13:48

(ISO: Geneva) -- Emergencies, crises, and disasters like the tsunami in Japan or the recent riots in London can happen at any time. Organizations around the world are increasingly implementing risk management processes to deal with uncertainty and ensure continuity. But if their suppliers are unable to deliver or customers unable to purchase, the ability of an organization to achieve its objectives would be compromised.

To promote resilience at every step of the supply chain, the International Organization for Standardization (ISO) has developed a new standard, ISO 28002:2011—“Security management systems for the supply chain–Development of resilience in the supply chain–Requirements with guidance for use.”

“Organizations are realizing more and more that to be resilient, it is not enough to focus on internal processes,” says Capt. Charlie Piersall, chair of the committee that developed the standard. “As they seek assurance that their suppliers and the extended supply chain in general have planned for and taken steps to prevent and mitigate the threats and hazards to which they may be exposed, there is a strong demand for standards and best practice. For resiliency, ISO 28002 is that standard.”

ISO 28002 offers a comprehensive and systematic process to enhance prevention, protection, preparedness, mitigation, response, continuity of operations, and recovery from disruptive incidents. Its generic auditable criteria, when implemented in a management system, can be used to establish, implement, monitor, review, maintain, and improve an organization’s resiliency policy to plan for, take action, and make decisions before, during, and after an incident to its supply chain.

“Today, the leadership of any organization has a duty to its stakeholders to plan for its survival,” Piersall adds. “ISO 28002 offers them an invaluable tool. Its integrated approach is both flexible and proactive, and utilizes to the maximum the knowledge, capabilities, and expertise within an organization. In this way the standard helps meet individual needs for risk management within an economically sound context.”

ISO 28002 can be applied to any organization, including private, nonprofit, nongovernmental, and public sector. Implemented within a management system, the standard enhances an organization’s capacity to manage and survive any disruptive event and take appropriate actions to help ensure its viability and continued operation. This international standard was developed as part of the ISO 28000 series on security management systems for the supply chain. ISO 28000:2007—“Specification for security management systems for the supply chain,” is the only published, certifiable international management systems standard that takes a holistic, risk-based approach to managing risks associated with any disruptive incident in the supply chain.

ISO 28002:2011 was developed by the ISO technical committee ISO/TC 8—“Ships and marine technology.” It costs 158 Swiss francs and is available from ISO national member institutes (see the complete list with contact details) and from ISO Central Secretariat through the ISO Store, or by contacting ISO’s marketing, information, and communication department.


About The Author

ISO’s picture


The International Organization for Standardization (ISO) is the world’s largest developer and publisher of international standards. ISO is a network of the national standards institutes of 162 countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. ISO is a nongovernmental organization that forms a bridge between the public and private sectors. ISO enables a consensus to be reached on solutions that meet both the requirements of business and the broader needs of society. View the ISO Standards list.