Security Management Courses

ISO 28000 Supply Chain Security Management Systems Training Course

Course Introduction / Overview:

This course provides a comprehensive A to Z guide to implementing a Security Management System (SMS) based on the ISO 28000 standard. In an era of complex global supply chains, ensuring security is not just a regulatory requirement but a critical component of operational resilience and competitive advantage. The program delves into the principles of supply chain risk management, moving beyond theoretical knowledge to practical application. As articulated by the renowned academic Martin Christopher in his work "Logistics & Supply Chain Management", a resilient supply chain is a secure one, capable of withstanding and recovering from disruptions. This course is designed to equip professionals with the skills to identify threats, assess risks, and implement effective security controls throughout their supply chain. Participants will learn to develop and manage an SMS that protects assets, prevents losses, and ensures the continuity of operations. BIG BEN Training Center has structured this program to align with international best practices, enabling organizations to build trust with partners, meet customer expectations, and achieve certification to the ISO 28000 standard, thereby demonstrating a robust commitment to supply chain security.

Target Audience / This training course is suitable for:

  • Supply Chain and Logistics Managers.
  • Corporate Security Managers and Professionals.
  • Operations Managers.
  • Compliance and Risk Managers.
  • Internal and External Auditors.
  • Procurement and Sourcing Professionals.
  • Consultants specializing in supply chain management and security.
  • Individuals responsible for their organization's ISO 28000 implementation.

Target Sectors and Industries:

  • Logistics and Transportation Services.
  • Manufacturing and Production.
  • Retail and Consumer Goods.
  • Pharmaceutical and Healthcare.
  • Aerospace and Defense.
  • Oil and Gas Industry.
  • Technology and Electronics.
  • Governmental agencies, including customs and border protection authorities.

Target Organizations Departments:

  • Supply Chain Management.
  • Logistics and Distribution.
  • Corporate Security.
  • Operations Management.
  • Procurement and Purchasing.
  • Risk Management and Compliance.
  • Internal Audit.
  • Quality Assurance.

Course Offerings:

By the end of this course, the participants will have able to:

  • Interpret the requirements of the ISO 28000:2022 standard in detail.
  • Develop a comprehensive security policy and establish measurable security objectives.
  • Conduct a thorough supply chain security risk assessment to identify threats and vulnerabilities.
  • Design and implement effective security controls and risk treatment plans.
  • Integrate the ISO 28000 SMS with other management systems like ISO 9001 and ISO 14001.
  • Plan, conduct, and report on an internal audit of the security management system.
  • Lead the process of preparing an organization for ISO 28000 certification.
  • Manage and facilitate the management review process for the SMS.
  • Drive continual improvement of the supply chain security performance.

Course Methodology:

The training methodology at BIG BEN Training Center is designed to be highly interactive and participant-centered, ensuring a deep and practical understanding of the ISO 28000 standard. Our approach moves beyond traditional lectures to create an immersive learning environment. The course combines expert-led presentations with practical, hands-on exercises, including the analysis of real-world case studies that illustrate the challenges and successes of SMS implementation in various industries. Participants will engage in collaborative group workshops to conduct mock security risk assessments and develop sample security plans. Interactive sessions, facilitated discussions, and role-playing scenarios, such as a simulated internal audit, allow for the practical application of learned concepts in a controlled setting. Ample time is allocated for Q&A sessions to address specific challenges and queries from participants. This blended learning approach ensures that attendees not only grasp the theoretical requirements of the standard but also gain the confidence and competence to apply them effectively within their own organizations, fostering a culture of security and resilience.

Course Agenda (Course Units):

Unit One: Introduction to Supply Chain Security and ISO 28000

  • Fundamentals of supply chain management and security.
  • Identifying common threats and vulnerabilities in the modern supply chain.
  • History and evolution of the ISO 28000 standard.
  • Detailed overview of the ISO 28000:2022 structure and clauses.
  • The business case for implementing a Security Management System (SMS).
  • Integration with other management system standards (e.g., ISO 9001, ISO 27001).
  • Key terminology and definitions within the standard.

Unit Two: Planning the Security Management System (SMS)

  • Clause 4: Understanding the context of the organization and stakeholder needs.
  • Clause 5: Leadership commitment, roles, and responsibilities.
  • Developing and communicating the organizational security policy.
  • Clause 6: Actions to address risks and opportunities.
  • Conducting a comprehensive security risk assessment.
  • Methodologies for threat identification and vulnerability analysis.
  • Establishing security objectives and planning to achieve them.

Unit Three: SMS Support and Operation

  • Clause 7: Determining and providing necessary resources for the SMS.
  • Establishing competence, training, and awareness programs.
  • Managing internal and external communication processes.
  • Requirements for creating and controlling documented information.
  • Clause 8: Operational planning and control.
  • Implementing security plans and procedures.
  • Managing specific security controls for assets, transport, and facilities.
  • Developing an incident response and emergency preparedness plan.

Unit Four: Performance Evaluation and Continual Improvement

  • Clause 9: Monitoring, measurement, analysis, and evaluation of security performance.
  • Establishing key performance indicators (KPIs) for supply chain security.
  • Planning and conducting effective internal audits of the SMS.
  • The role and process of the management review.
  • Analyzing audit findings and evaluation results.
  • Clause 10: Managing nonconformities and implementing corrective actions.
  • Strategies for the continual improvement of the SMS.

Unit Five: Certification and Maintaining the System

  • The ISO 28000 certification process from start to finish.
  • How to select and work with a certification body.
  • Preparing for the Stage 1 and Stage 2 certification audits.
  • Addressing audit findings and achieving certification.
  • Best practices for maintaining and enhancing the SMS post-certification.
  • Leveraging ISO 28000 for competitive advantage and stakeholder confidence.
  • Course review, final Q&A, and action planning session.

FAQ:

Qualifications required for registering to this course?

There are no requirements.

How long is each daily session, and what is the total number of training hours for the course?

This training course spans five days, with daily sessions ranging between 4 to 5 hours, including breaks and interactive activities, bringing the total duration to 20 - 25 training hours.

Something to think about:

How can an ISO 28000 framework be dynamically adapted to address emerging and unpredictable threats, such as cyber-attacks on logistics systems or global pandemics, beyond its traditional scope?

What unique qualities does this course offer compared to other courses?

This course distinguishes itself by focusing intensely on the practical implementation and strategic integration of the ISO 28000 standard, rather than merely reciting its clauses. We move beyond theoretical knowledge by immersing participants in real-world scenarios and complex case studies drawn from diverse industries, enabling them to analyze challenges and formulate robust security solutions. A key differentiator is our emphasis on integrating the Security Management System with other critical business frameworks, such as quality (ISO 9001) and business continuity (ISO 22301), fostering a holistic approach to organizational resilience. The curriculum is designed not just to prepare for certification, but to empower participants to use the standard as a dynamic tool for continual improvement and risk mitigation. Our expert instructors provide deep insights into conducting effective risk assessments and developing pragmatic security controls that are both compliant and operationally efficient. The program fosters critical thinking, encouraging participants to build a security culture that is proactive and adaptive to the ever-evolving landscape of global supply chain threats, ensuring a lasting and tangible impact on their organization's security posture.

All Dates and Locations