Description

ISO 28000 Supply Chain Security Management System – Foundation Training Courses

Experiencing security issues is usually not a matter of if but when. Organizations are continuously facing security risks that seriously threaten their operations. High-value products are prone to theft, confidential information is prone to hacking, and personnel are prone to injury. Such security incidents will not only cause financial and business losses, but may also lead to legal consequences and reputational damage. This is why security management has become a crucial aspect for organizations. In this regard, ISO 28000 provides organizations with a comprehensive approach to security management.

What is ISO 28000?

ISO 28000 specifies the requirements for establishing, implementing, maintaining, and improving a security management system (SeMS), including the aspects relevant to the security of the supply chain.

ISO 28000:2022 Security and resilience – Security management systems – Requirements replaces the ISO 28000:2007 Specification for security management systems for the supply chain. The title of the standard has been changed to emphasize the fact that ISO 28000 requirements are not only applicable to organizations in the supply chain, but to all organizations, regardless of the type, size, or industry.

The new edition of ISO 28000 follows the harmonized structure of ISO, where the requirements for the SeMS are outlined in clauses 4 to 10. This enables organizations to integrate the SeMS with other management systems based on ISO standards.

The new edition of ISO 28000 includes additional recommendations as well. In clause 4, recommendations on eight principles for security management have been added to ensure better alignment with ISO 31000 (the standard for risk management). In addition, clause 8 sets out recommendations related to security strategies, procedures, processes and treatments, and security plans that ensure consistency with ISO 22301 (the standard for business continuity management).

ISO 28000, Figure 2 – Principles

ISO 28000 Foundation

Why should you attend?

The PECB ISO 28000 Foundation presents the basic concepts and principles of security management and provides a general explanation of ISO 28000 requirements. This training course will enable you to learn about various aspects of a security management system (SeMS) based on ISO 28000, including the top management’s commitment, security policy, security strategies, procedures, processes, and treatments, performance evaluation, and continual improvement as well.

After completing the training course, you can sit for the exam. If you pass the exam, you can apply for the “PECB Certified ISO 28000 Foundation” credential. The internationally recognized PECB Certified ISO 28000 Foundation certification, demonstrates that you have a general knowledge of ISO 28000 requirements for an SeMS and you are able to contribute in SeMS implementation projects.

Who should attend?

The ISO 28000 Foundation training course is intended for:

Managers and consultants seeking knowledge about the basic concepts and principles of security management
Professionals wishing to get acquainted with ISO 28000 requirements for an SeMS
Individuals engaged in or responsible for security management activities in their organizations
Individuals wishing to pursue a career in security management

Learning objectives

By the end of this training course, participants will be able to:

Understand the security management concepts, principles, and definitions
Explain ISO 28000 requirements for a security management system
Develop a general understanding of how ISO 28000 requirements could be applied in an organization

Educational approach

The training course is participant centered and contains:

Lecture sessions illustrated with graphics and practical examples
Interactions between participants by means of questions and suggestions
Quizzes with stand-alone questions intended to prepare the participants for the exam

Prerequisites

There are no prerequisites to participate in this training course.

Course agenda.

Day 1: Introduction to security management, SeMS, and clauses 4-6 of ISO 28000

Day 2: Clauses 7-10 of ISO 28000 and certification exam

Examination

This course is taught in partnership with PECB. The exam fully meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

Domain 1: Fundamental concepts and principles of security management and an SeMS based on ISO 28000

Domain 2: ISO 28000 requirements for a security management system — Clauses 4 to 10

For specific information about exam types, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certificate requirements

Upon the successful completion of the exam, you can apply for the “PECB Certificate Holder in ISO 28000 Foundation” certificate. For more information, please refer to the Certification Rules and Policies.

The certificate requirements for the ISO 28000 Foundation are:

Designation	Exam	Professional experience	MS audit/assessment experience	SCSMS project experience	Other requirements
PECB Certificate Holder in ISO 28000 Foundation	Pass the PECB ISO 28000 Foundation exam	None	None	None	Signing the PECB Code of Ethics

General Information

- Certification and examination fees are included in the price of the training course.
- PECB will provide over 200 pages of instructional materials containing explanations, guidance, and practical examples.
- An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued.
- In case of exam failure, you can retake the exam within 12 months for free.
For additional information, please contact us at info@globalskillsfactory.fi