ISO 28000 Supply Chain Security Management System standard is a quality management standard that helps supply chain service providers and companies meet and enhance overall quality of the security of supply chains. ISO 28000 certification also enables businesses to comply with the security requirements of Customs Trade Partnership Against Terrorism (C-TPAT), World Customs Organization (WCO) SAFE Framework and European Union Authorized Economic Operator (AEO).
ISO 28000 provides a framework for any organisation linked with the supply chains to assess and reduce their risks, ensuring brand integrity and product security throughout the entire process – from manufacturing to sales – against various threats including theft, terrorism and smuggling. ISO 28000 does not only safeguard products, it protects employees, too. It also reduces unnecessary stops and transit times, enhancing speed-to-shelf capacities.
DP World Yarımca, which is rightfully reputed as Turkey’s most hi-tech port, has started implementing the ISO 27001 Information Security Standard.
In today’s world, where information spreads so quickly and easily, many companies have their own information protection systems in place. The ISO/IEC 27001 standard released by the International Organization for Standardization (ISO) in 2013 in cooperation with the International Electrotechnical Commission (IEC) identifies the steps to be taken for information security while minimizing loss of labor and time.
The management systematically reviews the organization’s security risks in accordance with this standard, identifies which risks to take and which not to take, establishes risk management policies, and develops and maintains the organization’s security controls to ensure information security within the framework of an inclusive management process.
While the ISO 27001 certification process at DP World Yarımca mainly focused on the IT Department, Human Capital, HSSE and Procurement were also assessed as part of the standard. After a status analysis which was conducted to ascertain the current state of affairs at the organization, trainings were provided to stakeholders and necessary steps were taken with regard to risk management, documentation and continuous improvement.