ISO 28000 Supply Chain Security Management System – Lead Implementer Training Courses
Experiencing security issues is usually not a matter of if but when. Organizations are continuously facing security risks that seriously threaten their operations. High-value products are prone to theft, confidential information is prone to hacking, and personnel are prone to injury. Such security incidents will not only cause financial and business losses, but may also lead to legal consequences and reputational damage. This is why security management has become a crucial aspect for organizations. In this regard, ISO 28000 provides organizations with a comprehensive approach to security management.
What is ISO 28000?
ISO 28000 specifies the requirements for establishing, implementing, maintaining, and improving a security management system (SeMS), including the aspects relevant to the security of the supply chain.
ISO 28000:2022 Security and resilience – Security management systems – Requirements replaces the ISO 28000:2007 Specification for security management systems for the supply chain. The title of the standard has been changed to emphasize the fact that ISO 28000 requirements are not only applicable to organizations in the supply chain, but to all organizations, regardless of the type, size, or industry.
The new edition of ISO 28000 follows the harmonized structure of ISO, where the requirements for the SeMS are outlined in clauses 4 to 10. This enables organizations to integrate the SeMS with other management systems based on ISO standards.
The new edition of ISO 28000 includes additional recommendations as well. In clause 4, recommendations on eight principles for security management have been added to ensure better alignment with ISO 31000 (the standard for risk management). In addition, clause 8 sets out recommendations related to security strategies, procedures, processes and treatments, and security plans that ensure consistency with ISO 22301 (the standard for business continuity management).
ISO 28000, Figure 2 – Principles
ISO 28000 Lead Implementer
Why should you attend?
In today’s rapidly evolving environment, organizations face significant security challenges to protect their assets, operations, and reputation. The ever-changing security risks can pose serious threats to organizations; therefore, it is crucial for organizations to establish an effective security management system.
The PECB ISO 28000 Lead Implementer training course helps you develop the necessary competencies to establish, implement, maintain, and continually improve a security management system (SeMS). This training course aims to equip you with an in-depth knowledge of ISO 28000 requirements, as well as the best practices and approaches to security management.
After successfully completing the training course, you will be able to help organizations establish appropriate security processes and controls that proactively ensure the security of the environment and contribute to the creation and protection of value.
After completing the training course, you can sit for the exam. If you pass the exam, you can apply for the “PECB Certified ISO 28000 Lead Implementer” credential. The internationally recognized “PECB Certified ISO 28000 Lead Implementer” certificate demonstrates that you possess the professional capabilities to implement security management systems based on the requirements of ISO 28000.
Who should attend?
The ISO 28000 Lead Implementer training course is intended for:
- Individuals responsible for maintaining and improving the security environment in which organizations operate
- Professionals wishing to obtain in-depth knowledge of the requirements of ISO 28000
- Individuals responsible for maintaining conformity to the ISO 28000 requirements
- Expert advisors seeking to master the implementation of an SeMS
- Members of an SeMS implementation team
- Individuals seeking to pursue a career in security management
- Security management consultants
- Management representatives seeking to master the SeMS implementation process
Learning objectives
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of security management
- Interpret the requirements of ISO 28000 requirements for an SeMS from the perspective of an implementer
- Initiate and plan the implementation of an SeMS based on ISO 28000 by utilizing PECB’s IMS2 Methodology and other best practices
- Support organizations in operating, maintaining, and continually improving their SeMS based on ISO 28000
- Prepare organizations to undergo a third-party certification audit
Educational approach
This training course is participant centered and it:
- Elaborates theories, approaches, and best practices used in the implementation, maintenance, and continual improvement of a security management system
- Facilitates and encourages interaction between the trainers and participants through questions and discussions
- Provides theoretical basis supported by practical examples
- Provides quizzes with stand-alone questions (after each section) and scenario-based quizzes (at the end of each day), intended to prepare the participants for the certification exam
Prerequisites
To fully benefit from this training course, participants should have a basic knowledge of ISO 28000 requirements. In addition, a general understanding of security management principles and concepts can also facilitate the learning process.
Course agenda
-
Day 1: Introduction to ISO 28000 and initiation of an SeMS implementation
Day 2: Implementation plan of an SeMS
Day 3: Implementation of an SeMS
Day 4: SeMS monitoring, continual improvement, and preparation for the certification audit
Day 5: Certification exam
Examination
-
The “PECB Certified ISO 28000 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:
Domain 1: Fundamental principles and concepts of an SeMS
Domain 2: Initiation of an SeMS implementation
Domain 3: Planning of an SeMS implementation based on ISO 28000
Domain 4: Implementation of an SeMS based on ISO 28000
Domain 5: Evaluation of the performance of an SeMS based on ISO 28000
Domain 6: Continual improvement of an SeMS based on ISO 28000
Domain 7: Preparation for an SeMS certification audit
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
Certification
-
After passing the exam, you can apply for one of the credentials shown in the table below. You will receive a certificate as soon as you fulfill all the requirements related to the selected credential.
For more information about the ISO 28000 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
The table below presents the requirements for PECB ISO 28000 Implementer certifications:
Credential Exam Professional experience SCSMS project experience Other requirements PECB Certified ISO 28000 Provisional Implementer PECB Certified ISO 28000 Lead Implementer Exam or equivalent None None Signing the PECB Code of Ethics PECB Certified ISO 28000 Implementer PECB Certified ISO 28000 Lead Implementer Exam or equivalent Two years: One year of work experience in Supply Chain Security Management Project activities: a total of 200 hours Signing the PECB Code of Ethics PECB Certified ISO 28000 Lead Implementer PECB Certified ISO 28000 Lead Implementer Exam or equivalent Five years: Two years of work experience in Supply Chain Security Management Project activities: a total of 300 hours Signing the PECB Code of Ethics PECB Certified ISO 28000 Senior Lead Implementer PECB Certified ISO 28000 Lead Implementer Exam or equivalent Ten years: Seven years of work experience in Supply Chain Security Management Project activities: a total of 1,000 hours Signing the PECB Code of Ethics Note: PECB Certified Individuals who do possess the Lead Implementer and Lead Auditor Credentials are qualified for the respective PECB Master Credential, given they have taken 4 additional Foundation Exams which are related to this scheme. For more detailed information about the Foundation Exams and the overall Master Requirements, please go to PECB Master Credentials.
To be considered valid, the implementation activities should follow best implementation practices and include the following activities:
- Drafting an SeMS implementation plan
- Initiating an SeMS implementation project
- Managing or leading an SeMS implementation project
- Implementing an SeMS
- Managing documented information
- Evaluating the SeMS performance
- Performing continual improvement activities
General Information
-
- Certification and examination fees are included in the price of the training course.
- PECB will provide over 500 pages of instructional materials containing explanations, guidance, and practical examples.
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to participants who have attended the training course.
- In case of exam failure, the candidate can retake the exam once for free within 12 months following the initial exam date.
For additional information, please contact us at info@globalskillsfactory.fi