ISO 28000:2007 identifies the requirements for a security management system, including those aspects dangerous to security assurance. Security management is linked to many other aspects of business management. Aspects include all activities controlled by organizations that effect on supply chain security. Other aspects should be considered where and when they have an effect on security management, including transporting these goods beside the supply chain.
ISO 28000:2007 came into development with a purpose of organizing security operations within broader supply chain management system. PDCA management system structure was brought into use for developing ISO 28000:2007 in order to maintain similarity between elements of this standard and related ones such as ISO 9001:2000 and ISO 14001:2004.
The scope for brush up documents are to be changed only in accordance and conformity to present way of writing standards. The standard talks about and specifies requirements of security management system, including phases that are important for assurance of security for supply chain.