Global supply chains rely on Customs and industry cooperating for secure supply chains. C-TPAT and other AEO programs are developing around the world, but what holds them together. The World Customs Organisation (WCO) has established security criteria, as well as the objectives for trade facilitation and mutual recognition, with 147 countries signifying their intent to comply.
The WCO security criterion exists, nations are utilizing them to a varying degree within their national AEO programs, but the question remains “how do different national Customs confirm business security around the globe”?
Should Customs and businesses start accepting and recognizing 3rd party audits to International Standards by reputable audit / assurance companies?
These programs are not rocket science, but having said that, there is the need for professional security auditors to conduct the assessments.
Would industry / security professionals be interested in their organisation / site / facility undergoing Certification to ISO 28000 - Supply Chain Security Management Systems for recognition globally to C-TPAT, AEO, or other National Customs Security programs?
1 comment:
Immediately after 9/11, the International Maritime Organisation (IMO) and the World Customs Organisation (WCO) established the International Ship and Port Facility Security (ISPS) Code. This initiative necessitates a formal security management system which is risk-based, dynamic and requires re-certification every three years.
The Customs Trade Partnership Against Terrorism scheme (C-TPAT), was first introduced in the United States two months after 9/11.
Responding to the potential proliferation of different national requirements, which would multiply compliance costs and impose significant delays, the WCO has developed the ‘baseline guidelines’ for the implementation of AEO (Authorised Economic Operator) programmes. These guidelines support the WCO Framework of Standards to Secure and Facilitate Global Trade (the SAFE Framework), adopted in 2005, which incorporates the AEO concept.
On 1 January 2008 the EU introduced their AEO (Authorised Economic Operator) program.
ISO 28000 was developed to facilitate the identification and mitigation of security risk in the supply chain through the implementation of security processes to reduce the risks of theft, smuggling and tampering and to provide a response to the threat from attacks by criminals, terrorists or others. The Standard specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. It is applicable to all sizes of organisations from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain.
Security management systems are common to all emerging supply chain security initiatives. For this reason, it is clear that an opportunity exists to create a common approach which can be adopted and recognised by all parties. This would reduce duplication, save time and money, lower risks and improve the security of supply chains.
A note of caution. Under normal circumstances, it is important to seek certification to any Standard from a reputable body, but this is even more critical in the selection of a certification body for the ISO 28000 security management standard because of the enormity of its importance.
In order to achieve global confidence it is absolutely vital that certification is rigorous and reliable, and that it is delivered by international organisations with the reputation and credibility that is essential for an issue of such political and economic importance.
Wider official recognition of ISO 28000 will confer a number of benefits to government executive agencies. The most significant benefit will be a better split of responsibilities. Whereas government agencies are responsible for law enforcement and administering legal compliance, the assurance industry can provide independent verification, certification and subsequent surveillances for certification maintenance. This is common practice with a number of European Directives, where conformity is assessed through so-called Notified Bodies (accredited assurance providers that have been appointed by Government for conformity assessment). A second benefit will be the considerable resource savings, derived from the fact that as a government body it is less resource intensive to use a trusted independent assurance provider than to conduct and enforce security standards directly.
Further benefits to government include a more risk-focused and targeted control practice which is unrestricted by national borders.
Recognition of ISO 28000 certificates, in meeting the requirements of governmental schemes is also likely to reduce the regulatory burden suffered by businesses and reduces transaction efforts and costs between business and government and to Customs to Customs Mutual Recognition initiatives and Customs to Business inter-jurisdictional recognition of security “best practice” by establishing a common framework from which to manage security requirements.
Post a Comment