Establishment and implementation of ISO 28000 Supply Chain Management System differs from organization to organization. Different departments in each organization may have different demands regarding their activities. This can pose different challenges. That's why Supply Chain Security Management Systemshould be consistent with the realities of the organization and be sustainable.

As with all quality systems, ISO 28000 Supply Chain Security The certification process of the Management System requires a similar method. In other words, there will be an application, then audit activity will be carried out and then certification will be made.

The certification process of the organizations that have established and implemented ISO 28000 Supply Chain Management System goes through the following stages:

  • Offer stage

Companies receive quotes from certification bodies. Prices are determined according to the number of employees and the field of activity of the company. If the company is large, the audit activities will take longer.

  • Application phase

Companies must fill in the application form to be received from the certification body accurately and completely. Meanwhile, ISO 28001 Supply Chain Security Management System documents and other required documents are prepared.

  • Document review phase

The certification body appoints an auditor. The auditor shall examine whether the documents meet the relevant standard requirements in the examination of the documents. If the documents meet the relevant standard requirements, they are included in the company audit plan. If it does not, the company is notified in writing and asked to correct the deficiencies.

  • Audit planning phase

According to the size of the company, the certification body determines the required audit period and the appropriate auditors for the applications to be seen in place.

  • Inspection phase

The certification body starts an audit in the company environment according to the plan prepared. In accordance with the plan, the relevant units are visited on site and the practices are examined by the auditors. When the audit is over, the auditors evaluate their findings and make a recommendation that the company is positive or negative for certification.

  • Document editing phase

If the certification body makes its decision in accordance with the auditor's reports and approves it, the necessary document is prepared and delivered to the company. In addition, a certification contract is signed with the company. The validity period of the system certificate and contract is three years. The certification body monitors the continuity of the system by conducting an inspection audit at least once a year.

In order to get information about 28001 Supply Chain Security Management System certification process and even to establish and own this system, you can contact experienced managers and employees of TURCERT certification organization.