|
ISO 28000
Implementation and Audit
ISO 28000, the specification for physical security management systems for the supply chain provides a framework for providing effective security management through a system that identifies security threats, assesses risk, controls and mitigates the consequences to the physical security of the organization.
Security Management System Elements
A conformant security management system (SMS) requires the organization to assess the security environment in which it operates and determine if adequate security measures are in place. This examination of the operational environment includes regulatory requirements as well as the physical, natural and human hazards, and specific industry requirements. ISO 28000 articulates the assessment of risk and determining countermeasures as a core component of providing physical security for the organization.
ISO 28000 Implementation and Audit
JBW Group International is uniquely qualified to assist organizations with implementation of an ISO 28000-conformant security management system and achieving successful certification on the first audit. Our implementation support and consulting services are as unique as your company. We work with our clients to craft a unique solution that best meets their goals and objectives.
We will assess the readiness for certification of your organization’s existing security program (usually one week on-site), identify any gaps that may exist and work with you to develop a strategy for addressing those gaps.
JBW Group can provide whatever level support your organization requires, from periodic implementation guidance to delivering a “turn-key” security management system solution. We collaborate with clients to assure that management oversight and governance strategies are in place (security policy) process requirements are met (security planning) that countermeasure are operating as expected and are effective (implementation and operation), and assure that monitoring, management review and continuous improvement objectives are achieved.
We will advocate on your behalf as part of the registration audit process and help with public relations upon successful completion and certification. Our custom approach and relationship building with our clients is one of the main reason why over 80% of our clients are referrals from other clients and industry professionals.
Methodology
The core of the JBW Group International methodology utilizes the framework of ISO 28000, interlaced with other applicable standards frameworks as appropriate to your organizations. Also informing the methodology are decades of real world security experience in technology, physical security, incident response, business continuity management in the military, government and a multitude of verticals in the private sector.
The methodology is a top-down approach, identifying the organization’s strategic objectives, identification of critical assets, and assessment of associated risks and development of a strategy to treat the identified risks. This approach, like the standards themselves, is measurable, repeatable, scalable, defensible, holistic, and incorporates the concepts of continuous improvement via the Plan-Do-Check-Act (PDCA) model for quality management. It also recognizes legal, regulatory and industry-specific requirements that impact an organization and physical security for the supply chain.
For more information, see our Insight Brief on this topic:
 Insight Brief: Supply Chain Security and ISO 28000
|
