ISO/PAS 28003:2006

Security management systems for the supply chain - Requirements for bodies providing audit and certification of supply chain security management systems

Scope

ISO/PAS 28003:2006 contains principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO/PAS 28000.
It defines the minimum requirements of a certification body and its associated auditors recognizing the unique need for confidentiality when auditing and certifying/registering a client organization.
Requirements for supply chain security management systems can originate from a number of sources, and ISO/PAS 28003:2006 has been developed to assist in the certification of supply chain security management systems that fulfill the requirements of ISO/PAS 28000, Specification for security supply chain security management systems for the supply chain. The contents of ISO/PAS 28003:2006 may also be used to support certification of supply chain security management systems that are based on other sets of specified supply chain security management systems requirements.
ISO/PAS 28003:2006
provides harmonized guidance for the accreditation of certification bodies applying for ISO/PAS 28000 (or other sets of specified supply chain security management systems requirements) certification/registration; defines the rules applicable for the audit and certification of a supply chain security management systems complying with the ISO/PAS 28000 requirements (or other sets of specified supply chain security management systems requirements); provides customers with the necessary information and confidence about the way certification of their suppliers has been granted.