Certified ISO 28000 Lead Implementer (5 days)

Mastering the implementation and management of a Supply Chain Security Management System (SCSMS) based on ISO 28000

This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Supply Chain Security Management System (SCSMS) based on ISO 28000:2007. Participants will also gain thorough understanding of best practices used to implement supply chain security controls from all areas of ISO 28001. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). This training is fully compatible with ISO 28004 (Guidelines for the Implementation of a SCSMS).

Who should attend?

  • Project managers or consultants wanting to prepare and support an organization in the implementation of a Supply Chain Security Management System (SCSMS)
  • ISO 28000 auditors who wish to fully understand the Supply Chain Security Management System implementation process
  • Persons responsible for the supply chain security conformity in an organization
  • Members of an supply chain security team
  • Expert advisors in physical security
  • Technical experts wanting to prepare for an supply chain security function or for a SCSMS project management function

Learning objectives

  • To understand the implementation of a Supply Chain Security Management System in accordance with ISO 28000
  • To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of a Supply Chain Security Management System
  • To understand the relationship between the components of a Supply Chain Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To acquire the necessary expertise to support an organization in implementing, managing and maintaining a SCSMS as specified in ISO 28000
  • To acquire the necessary expertise to manage a team implementing ISO 28000
  • To develop the knowledge and skills required to advise organizations on best practices in the management of supply chain security
  • To improve the capacity for analysis and decision making in the context of supply chain security management

Course Agenda

Day 1: Introduction to Supply Chain Security Management System (SCSMS) concepts as required by ISO 28000;initiating a SCSMS

  • Introduction to management systems and the process approach
  • Presentation of the ISO 28000 family of standards and the regulatory and legal framework related to supply chain security
  • Fundamental principles of Supply chain security and physical security
  • Preliminary analysis and establishment of the maturity level of an existing Supply Chain Security Management System based upon ISO 21827
  • Writing a business case and a project plan for the implementation of a SCSMS

Day 2: Planning a SCSMS based on ISO 28000

  • Definition of the scope of a SCSMS
  • Development of a SCSMS policy and ocbjectives
  • Selection of the approach and methodology for security risk assessment
  • Security risk management (identification, analysis and treatment of risk)
  • Development of a security plan

Day 3: Implementing a SCSMS based on ISO 28000

  • Implementation of a document management framework
  • Design of controls and writing procedures
  • Implementation of processes and controls
  • Development of a training & awareness program and communication about the supply chain security
  • Incident management
  • Operations management of a SCSMS

Day 4: Controlling, monitoring,measuring and improving a SCSMS; certification audit of a SCSMS

  • Controlling and monitoring the SCSMS
  • Development of metrics, performance indicators and dashboards
  • ISO 28000 internal Audit
  • Management review of a SCSMS
  • Implementation of a continuous improvement program
  • Preparing for an ISO 28000 certification audit

Day 5: Certification Exam


ISO 28000 Foundation Certification or a basic knowledge of ISO 28000 and ISO 28001 is recommended

Educational approach

  • This training is based on both theory and practice:
    • Sessions of lectures illustrated with examples based on real cases
    • Practical exercises based on a full case study including rôle playings and narrative presentation
    • Review exercises to assist the exam preparation
    • Practice test similar to the certification exam
  • To benefit from the practical exercises, the number of training participants is limited

Examination and certification

  • The “Certified ISO 28000 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts of supply chain security
    • Domain 2: Supply chain security Control Best Practice based on ISO 28001
    • Domain 3: Planning a SCSMS based on ISO 28000
    • Domain 4: Implementing a SCSMS based on ISO 28000
    • Domain 5: Performance evaluation, monitoring and measurement of a SCSMS based on ISO 28000
    • Domain 6: Continual improvement of a SCSMS based on ISO 28000
    • Domain 7: Preparing for a SCSMS certification audit
  • The “Certified ISO 28000 Lead Implementer” exam is available in different languages (the complete list of languages can be found in the examination application form)
  • Duration: 3 hours
  • After successfully completing the exam, participants can apply for the credentials of Certified ISO 28000 Provisional Implementer, Certified ISO 28000 Implementer or Certified ISO 28000 Lead Implementer, depending on their level of experience
  • A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential

General Information

  • Certification fees are included in the exam price
  • A student manual containing over 450 pages of information and practical examples will be distributed to participants
  • A participation certificate of 31 CPE (Continuing Professional Education) credits will be issued to participantsIn a case of failure of the exam,participants are allowed to retake the exam for free under certain conditions

Request a Course

Interested in a particular course or would like addition information

Training request

Currently Scheduled Courses

See listing of currently planned courses.


Copyright © NISKAA Group 2017. All rights reserved