DD ISO/PAS 28004:2006 provides generic advice on the application of ISO/PAS 28000:2005 Specification for security management systems for the supply chain. It explains the underlying principles of ISO/PAS 28000 and describes the intent, typical inputs, processes and typical outputs, for each requirement of ISO/PAS 28000. This is to aid the understanding and implementation of ISO/PAS 28000.
Contents
Foreword Introduction 1 Scope 2 Normative references 3 Terms and definitions 4 Security management system elements 4.1 General requirements 4.2 Security policy 4.3 Security risk assessment and planning 4.4 Implementation and operation 4.5 Checking and corrective action 4.6 Management review and continual improvement Annex A (informative) Correspondence between ISO/PAS 28000:2005, ISO 14001:2004 and ISO 9001:2000 Bibliography