Skip Navigation LinksASIS International / News / Press Room / Press Releases / 2011 / ISO 28002 Standard for Resilience in the Supply Chain Approved by the International Organization for Standardization (ISO)

News Release

ISO 28002 Standard for Resilience in the Supply Chain Approved by the International Organization for Standardization (ISO)

Alexandria, Va 2011-08-04

Based on ANSI/ASIS Organizational Resilience Standard, ISO 28002 offers organizations a cost effective, holistic approach to managing risks

The latest member of the ISO 28000 series, the ISO 28002 standard for resilience in the supply chain, has been unanimously approved for publication by the International Organization for Standardization (ISO). Based on the ANSI/ASIS Organizational Resilience Standard (ANSI/ASIS.SPC.1), the ISO 28002 provides a basis for an organization to evaluate both its organizational and supply chain risks and to develop a comprehensive strategy to manage the risks that may disrupt its operations. The ISO 28000 series of standards seamlessly integrate with the ISO 31000 risk management standard, thereby allowing organizations to develop a cost effective holistic approach to managing risk. With ratification of the ISO 28002, the ASIS/ANSI.SPC.1 Standard becomes the only U.S. Department of Homeland Security Private Sector Preparedness (PS-Prep) standard with a ratified ISO counterpart.

“Nearly all organizations today are in some sort of supply chain,” says Dr. Marc Siegel, commissioner, ASIS International Global Standards Initiative. “By implementing the ISO 28002 with the ANSI/ASIS.SPC.1 Standard, organizations can demonstrate conformance with all the requirements of the PS-Prep Program, C-TPAT Program, the security requirements of the ISO 28000, as well as the requirements of the upcoming ISO business continuity and organizational resilience standards, not to mention the key reason for implementing a standard in the first place: assuring uninterrupted delivery of products and services.”

ASIS congratulates ISO/TC 8, the ISO technical committee that developed the ISO 28000 series, for developing a single approach for organizations to manage the risks of disruptive events. Like the ANSI/ASIS.SPC.1, the ISO 28002 eliminates the old paradigm of siloing disciplines into separate security, crisis, and continuity programs. By converging disciplines in one approach, organizations can better manage risks before, during, and after a disruptive event.

To help organizations implement the ANSI/ASIS.SPC.1 and ISO 28002 standards, ASIS is working on an organizational resilience maturity model for phased implementation ANSI standard. In addition, ASIS is in the final stages of certification for an accredited RABQSA-RES lead auditor course. This classroom program will follow the internationally accepted standards for management system auditing and covers all the PS-Prep management system standards, as well as the ISO 28000 series and the upcoming ISO business continuity and organizational resilience standards.  

# # #
ASIS International is the preeminent organization for security professionals, with more than 37,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities and the public. By providing members and the security community with access to a full range of programs and services, and by publishing the industry’s No. 1 magazine—Security Management—ASIS leads the way for advanced and improved security performance.
 
The work of preparing ASIS Standards and Guidelines is carried out through the ASIS International Standards and Guidelines Commission and its committees. ASIS International is an ANSI accredited Standards Development Organization and actively participates in the International Organization for Standardization, developing standards and guidelines within a voluntary, nonproprietary and consensus-based process, utilizing the knowledge, experience and expertise of ASIS membership, security professionals and the global security industry. View a complete list of all ASIS Standards and Guidelines currently under development.