What is ISO 28001:2017 - SCSMS?

The safety and security of people, goods, tools, and infrastructure should be of grave importance to the relevant companies and bodies. ISO 28001 is developed to organize operations of security within the broader supply chain management system, and this standard sets out best practices for implementing supply chain security, assessments, and plans. ISO 28001 Supply Chain Security Management System Certificate can help organizations eliminate impacts on firms, such as breaks in the supply chainrings or security problems. It is important for such firms to correctly identify the risks that may arise in the supply chain and manage them effectively. ISO 28001 is an international standard that defines the requirements of the Supply Chain Security Management System and provides a management model for organizations seeking to implement it.

Benefits of ISO 28001:2017 Certification

Improved partner, customer and stakeholder confidence

Integrated enterprise resilience

Increased credibility and trust

Organizational and trading partner assurance

Improved supply chain performance

Reduced regulation costs

Check out the ISO 28001 Video

Who can be certified ISO 28001:2017?

ISO 2800:2017 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage, or transportation at any stage of the production or supply chain that wishes to establish, implement, maintain and improve a security management system. ISO 28001 is the formal international security standard against which organizations may seek independent certification of their supply chain security management system. It specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving a documented Supply Chain Security Management System (SCSMS), using a continual improvement approach.

Manufacturing Companies

Service Sector


Drugs and Pharma


Government Organizations

Research Foundation


Shipping Industry




Document required for ISO 28001

  • System Manual
  • System Procedure
  • Policy
  • Objectives
  • Mission & Vision
  • Standard Operating Procedure (SOP)
  • Checklist
  • Forms
  • Formats
  • Records

The extent of Documented Information differs as per:

  • Organization’s size
  • Activities performed by the organization
  • Processes undertaken by the Organization
  • Products and services offered by the organization
  • The complexity of processes undertaken
  • Competence of persons involved

Role of Shamkris and Process of ISO 28001 Certification

Shamkris adopts a results-oriented approach to effective system implementation in the organization. A simple and practical method of system implementation helps organizations increase business efficiency and sustainability. Shamkris supports 100% documentation to obtain a certificate of success in addition to enhanced performance.

The implementation process is described below:

Day 1

GAP Analysis, Certification Body, Selection, Cost Estimates

• Finding the GAP between existing system related to ISO requirements
• Selecting the appropriate certification body
• Based on the scope of your business & certification body you choose

Week 1

Developing Documents

• Management System Manual, Management System Procedures, Policy, Objectives, Forms etc.
• Review of Standard Operating Procedures (SOP)

Week 4

Implementing Management System

• ISO Awareness training for the top management and staff
• Implementing a well-documented management system throughout the organization

Week 8

Internal Audit

• Internal audits identifying nonconformities related to ISO requirements
• Management Review Meetings
• Corrective and Preventive Action plan for nonconformities

Week 10

Certification Body
N-C Closing

• Shamkris acts on your behalf and assists you in the third-party audit
• Closing of any nonconformities identified by the certification body

Week 12

Certificate Issued

• ISO certificates issued for 3 years
• Surveillance Audits yearly

Year on Year

Yearly Compliance

• Support of Yearly documentation for audit