ISO 28000:2022

Security and resilience — Security management systems — Requirements


This document specifies requirements for a security management system, including aspects relevant to the supply chain.

This document is applicable to all types and sizes of organizations (e.g. commercial enterprises, government or other public agencies and non-profit organizations) which intend to establish, implement, maintain and improve a security management system. It provides a holistic and common approach and is not industry or sector specific.

This document can be used throughout the life of the organization and can be applied to any activity, internal or external, at all levels.




Status Current
Edition 2022
No. of Pages 20
ICS Classification 03.100.70 Management systems
03.100.01 Company organization and management in general
Committee ISO/TC 292
Available for Purchase For sale in Singapore only
Adoption ISO