scope:

This part of ISO/DIS 28004 has been developed to supplement ISO 28004-1 by providing additional guidance to medium and small businesses (other than marine ports) that wish to adopt ISO 28000. The additional guidance in this part of ISO/DIS 28004, while amplifying the general guidance provided in the main body of ISO 28004-1, does not conflict with the general guidance, nor does it amend ISO 28000. 1.1 Additional guidance ISO 28000 is designed to be adopted by any size organization interested in better securing their supply chain or services they provide to supply chain operators. The main body of ISO 28004 is designed to provide guidance to organizations of any size that wish to adopt ISO 28000. Because ISO 28004 is designed to provide guidance to a wide size range of organizations it may appear more complex than is needed by a smaller sized organization. The purpose of this part of ISO/DIS 28004 is to simplify the guidance for use by smaller sized organization. Entities using this part of ISO/DIS 28004 for guidance should refer to the main body of ISO 28004 when more information on specific issues is needed than is provided in this part of ISO/DIS 28004. The guidance provided in this part of ISO/DIS 28004 does not amend ISO 28000 or the main body of ISO 28004. Where specific methodologies are discussed in this part of ISO/DIS 28004 they are provided for illustrative purposes (to explain what needs to be accomplished) and other methodologies could be substituted. Organizations adopting ISO 28000 will need to; - Specify what their objectives are in regard to providing supply chain security, - Assess the current state of supply chain security, - Develop plans that will include existing supply chain processes and procedures, and any additional processes/procedures or systems that have been identified as necessary to meet the stated supply chain security objectives, - Train personnel as to their duties and responsibilities as defined in the supply chain security plan, - Install/maintain any systems or equipment specified in the supply chain security plan, - Begin execution of the supply chain security plan - Monitor performance of the supply chain security plan execution,