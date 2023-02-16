DUBLIN, Feb. 16, 2023 /PRNewswire/ -- The "Security Supply Chain ISO 28000 Audit Program - Gold Edition" report has been added to ResearchAndMarkets.com's offering.

The Security Supply Chain ISO 28000 Audit Program is provided in Excel and PDF formats. The program is 23 pages in length with 369 individual audit points. It is IS0 28000, ISO 27000, Sarbanes Oxley, PCI-DSS, and HIPAA compliant. It meets Massachusetts, New York, California, UK, and EU mandated security requirements.

The Security Supply Chain ISO 28000 Audit Program Gold Edition includes all the items in the premium version plus 25 full security management job descriptions which define specific roles and responsibilities and 28 electronic forms.

With this edition, you get everything in the Standard edition plus the job description for:

Chief Security Officer (CSO)

Chief Compliance Officer (CCO)

Chief Digital Officer

Chief Mobility Officer

VP Strategy - Architecture

Data Protection Officer (DPO)

Director e-Commerce

Database Administrator

Data Security Administrator

Manager Compliance

Manager Data Security

Manager Facilities and Equipment

Manager Network - Computing Services

Manager Network Services

Manager Security and Workstations

Manager Training - Documentation

Manager Voice and Data Communication

Manager Wireless Systems

Identity Management Protection Analyst

Information Security Analyst

Network Security Analyst

System Administrator - Linux

System Administrator - Unix

System Administrator - Windows

Wi-Fi Administrator

In addition you get 28 electronic forms

Forms that can be Emailed, completed via a computer or tablet, and stored electronically including:

Application & File Server Inventory

Blog Policy Compliance Agreement

BYOD Access and Use Agreement

Company Asset Employee Control Log

Email - Employee Acknowledgement

Employee Termination Checklist

Internet Access Request

Internet & Electronic Communication Employee Acknowledgement

Internet Access Request

Internet Use Approval

Mobile Device Access and Agreement

Mobile Device Security and Compliance Checklist

New Employee Security Acknowledgement and Release

Outsourcing and Cloud Security Compliance Agreement

Outsourcing Security Compliance Agreement

Preliminary Security Audit Checklist

Privacy Compliance Policy Acceptance Agreement

Security Access Application

Security Audit Report

Security Violation

Sensitive Information Policy Compliance Agreement

Social Network Compliance Agreement

Telecommuting Work Agreement

Text Messaging Sensitive Information Agreement

Threat and Vulnerability Assessment

Work From Home Work Agreement

ISO 28000:2007 is necessary for the support of an organization implementing and managing a Supply Chain Security Management System (SCSMS)

ISO 28000 - Supply Chain Security - With companies that have a high reliance on just-in-time delivery, aging infrastructure and increased natural and human-made threats. As a result Supply Chain Security has become a very important item for them, especially when viewed in relation with Business Continuity Management, Risk Management and Security Management.

ISO 28000 Definition

"This International Standard (ISO 28000) specifies the requirements for a security management system, including those aspects critical to the security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting goods along the supply chain".

Security Supply Chain Audit Program is easy to use and generates graphics that can be used in management and compliance review presentations.

ISO 28000 was developed by the ISO Technical Committee TC8 "Ships and Maritime Technology". It is based on the ISO format adopted by ISO 14001:2004 because of its risk-based approach to management standards. The ISO 28000 series of standards consists of:

ISO 28000:2007 - The Security Management Standard (SMS) requirements standard, a specification for an SMS against which organizations can certify compliance.

ISO 28001:2007 - Provides requirements and guidance for organizations in international supply chains.

Assists in meeting the applicable authorized economic operator (AEO) criteria outlined in the World Customs Organization Framework of Standards and conforming to national supply chain security programs.

ISO 28002:2011 - Development of resilience in the supply chain - Requirements with guidance for use.

ISO 28003:2007 - Requirements for bodies providing audit and certification of supply chain security management systems

ISO 28004:2007 - provides generic advice on the application of ISO 28000:2007.

ISO/AWI 28005 - ( Under development) Electronic port clearance (EPC) -- Part 1: Message structures.

ISO/AWI 28005 - Electronic port clearance (EPC) -- Part 2: Core data elements

Key Topics Covered:

28000 Security Supply Chain Audit Program

Security Risk Assessment and Planning

Supply Chain Security Management Objectives

Internal Security Organization

Implementation and Operation of Supply Chain Security

Organizational Supply Chain Security Management Objectives

Responsibility for the Supply Chain

Information Classification System

Human Resource Security Management Objectives

Security Prior to Employment

Security During Employment

Security at Termination

Physical and Environmental Supply Chain Security Management Objectives

Secure Areas

Enterprise Equipment

Remote Devices

Communication and Operations Management Objectives

Procedures and Responsibilities

Third Party Service Delivery

System Planning Activities

Malicious and Mobile Code

Back-up Procedures

Computer Networks

Media

Exchange of Information

Blockchain Interfaces

Information Processing Facilities

Information Access Control Management Objectives

Access to Information

User Access Rights

Access Practices

Access to Network Services

Access to Operating Systems

Access to Applications

Mobile and Remote Users

Systems Development and Maintenance Objectives

Information System Application Security

Application Processing Information

Cryptographic Controls

System Files

Development and Support Processes

Information Security Incident Management Objectives

Security Events and Weaknesses

Managing Security Incidents and Improvements

Disaster Recovery and Business Continuity Objectives

Disaster Recovery Plan/Business Continuity

Compliance Management Objectives

Mandated Security Requirements

Security Compliance Reviews

28000 Summary Audit Analysis Graphics

28000 Security Audit Summary Graphic

28000 Supply Chain Security Audit % Analysis Graphic

28000 Supply Chain Security Audit Raw Score

