scope:

This Publicly Available Specification contains principles and requirements for bodies providing the audit and certification of supply chain security management systems according to management system specifications and standards such as ISO/PAS 28000. It defines the minimum requirements of a certification body and its associated auditors, recognizing the unique need for confidentiality when auditing and certifying/registering a client organization. Requirements for supply chain security management systems can originate from a number of sources, and this Publicly Available Specification has been developed to assist in the certification of supply chain security management systems that fulfil the requirements of ISO/PAS 28000, Specification for security management systems for the supply chain. The contents of this Publicly Available Specification may also be used to support certification of supply chain security management systems that are based on other sets of specified supply chain security management system requirements. This Publicly Available Specification - provides harmonized guidance for the accreditation of certification bodies applying for ISO/PAS 28000 (or other sets of specified supply chain security management system requirements) certification/registration; - defines the rules applicable for the audit and certification of a supply chain security management system complying with the ISO/PAS 28000 requirements (or other sets of specified supply chain security management system requirements); - provides customers with the necessary information and confidence about the way certification of their suppliers has been granted.