iTeh Standards logo
EURUSD
Your shopping cart is empty.
ISO

ISO 28000:2022/Amd 1:2024

(Amendment)

Security and resilience - Security management systems - Requirements - Amendment 1: Climate action changes

Security and resilience - Security management systems - Requirements - Amendment 1: Climate action changes

Titre manque — Amendement 1: Actions relatives aux changements climatiques

General Information

Status
Published
Publication Date
22-Feb-2024
ICS
03.100.01 - Company organization and management in general
03.100.70 - Management systems
Technical Committee
ISO/TC 292 - Security and resilience
Drafting Committee
ISO/TC 292/WG 8 - Supply chain security
Current Stage
6060 - International Standard published
Start Date
23-Feb-2024
Due Date
19-Mar-2025
Completion Date
23-Feb-2024
Ref Project

Relations

Amends
ISO 28000:2022 - Security and resilience - Security management systems - Requirements
Effective Date
18-Nov-2023

Overview

ISO 28000:2022/Amd 1:2024 is the latest amendment to the ISO 28000:2022 standard, which defines the requirements for security management systems focused on organizational security and resilience. This important update integrates climate action considerations into security management systems, reflecting the growing global emphasis on environmental sustainability and climate-related risks. Developed by ISO Technical Committee ISO/TC 292 on Security and Resilience, this amendment ensures organizations address climate change as a relevant factor in their security management processes.

Key Topics

  • Climate Change Integration: Organizations are now required to determine whether climate change is a relevant issue within their security management system.
  • Interested Parties’ Requirements: The amendment recognizes that relevant stakeholders may have climate change-related requirements that organizations must consider.
  • Security and Resilience Enhancement: Incorporating climate action into security management enhances an organization’s ability to anticipate, prepare for, respond to, and recover from climate-related security threats.
  • Systematic Approach: The amendment promotes a systematic approach to assessing climate impacts within the framework of existing security management requirements.
  • Alignment with Sustainability Goals: By addressing climate-related factors, organizations align their security management systems with broader sustainability and environmental objectives.

Applications

ISO 28000:2022/Amd 1:2024 is applicable to organizations seeking to strengthen their security management systems against emerging risks related to climate change. Practical applications include:

  • Risk Assessment: Identifying and evaluating security risks linked to climate change impacts such as extreme weather events, supply chain disruptions, and infrastructure vulnerabilities.
  • Stakeholder Engagement: Understanding and incorporating the needs of interested parties concerned with climate change into security policies and procedures.
  • Business Continuity Planning: Enhancing resilience plans to incorporate climate-related scenarios ensuring uninterrupted operations during environmental disruptions.
  • Compliance and Reporting: Supporting compliance with environmental and climate-related regulations and facilitating transparent reporting on climate risks within security management.
  • Cross-sector Implementation: Relevant for diverse sectors including transportation, manufacturing, logistics, and critical infrastructure where security resilience is crucial.

Related Standards

ISO 28000:2022/Amd 1:2024 complements and aligns with several other international standards and frameworks focused on security, resilience, and environmental management:

  • ISO 28000:2022 - Core standard on security management systems requirements.
  • ISO 31000 - Risk management guidelines, useful for integrating climate risks.
  • ISO 22301 - Business continuity management systems to support resilience initiatives.
  • ISO 14001 - Environmental management systems, providing context for climate considerations.
  • ISO 50001 - Energy management, contributing to sustainability strategies.
  • ISO/IEC 27001 - Information security management systems, relevant for comprehensive organizational risk management.

Conclusion

ISO 28000:2022/Amd 1:2024 represents a critical evolution in security and resilience standards by embedding climate action into security management system requirements. Organizations implementing this amendment can better anticipate climate-related security challenges, meet stakeholder expectations, and contribute to sustainable development goals. This integration of climate considerations ensures a forward-looking approach to managing security risks in a rapidly changing global environment.

Keywords: ISO 28000 amendment, security management systems, climate action, resilience, climate change risk, organizational security, ISO TC 292, business continuity, environmental sustainability standards, interested parties climate requirements

ISO 28000:2022/Amd 1:2024 - Security and resilience — Security management systems — Requirements — Amendment 1: Climate action changes Released:23. 02. 2024ISO 28000:2022/Amd 1:2024 - Security and resilience — Security management systems — Requirements — Amendment 1: Climate action changes Released:23. 02. 2024
PreviousNext
Standard
ISO 28000:2022/Amd 1:2024 - Security and resilience — Security management systems — Requirements — Amendment 1: Climate action changes Released:23. 02. 2024
English language
1 pages
sale 15% off
Preview
sale 15% off
Preview

Frequently Asked Questions

ISO 28000:2022/Amd 1:2024 is a standard published by the International Organization for Standardization (ISO). Its full title is "Security and resilience - Security management systems - Requirements - Amendment 1: Climate action changes". This standard covers: Security and resilience - Security management systems - Requirements - Amendment 1: Climate action changes

Security and resilience - Security management systems - Requirements - Amendment 1: Climate action changes

ISO 28000:2022/Amd 1:2024 is classified under the following ICS (International Classification for Standards) categories: 03.100.01 - Company organization and management in general; 03.100.70 - Management systems. The ICS classification helps identify the subject area and facilitates finding related standards.

ISO 28000:2022/Amd 1:2024 has the following relationships with other standards: It is inter standard links to ISO 28000:2022. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.

You can purchase ISO 28000:2022/Amd 1:2024 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of ISO standards.

Standards Content (Sample)


International
Standard
ISO 28000
Second edition
Security and resilience —
2022-03
Security management systems —
Requirements
AMENDMENT 1
2024-02
AMENDMENT 1: Climate action
changes
Reference number
ISO 28000:2022/Amd.1:2024(en) © ISO 2024

ISO 28000:2022/Amd.1:2024(en)
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
ISO 28000:2022/Amd.1:2024(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

ISO
ISO 22301:2019/Amd 1:2024(Amendment)
Security and resilience - Business continuity management systems - Requirements - Amendment 1: Climate action changes
  • Standard
    1 page
    English language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
ISO
ISO 28000:2022(Main)
Security and resilience - Security management systems - Requirements
SIST ISO 28000:2023

This document specifies requirements for a security management system, including aspects relevant to the supply chain. This document is applicable to all types and sizes of organizations (e.g. commercial enterprises, government or other public agencies and non-profit organizations) which intend to establish, implement, maintain and improve a security management system. It provides a holistic and common approach and is not industry or sector specific. This document can be used throughout the life of the organization and can be applied to any activity, internal or external, at all levels.

  • Standard
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    20 pages
    English language
    sale 15% off
ISO
ISO 22313:2020(Main)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice. This document is applicable to organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; d) seek to enhance their resilience through the effective application of the BCMS. The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.

  • Standard
    55 pages
    English language
    sale 15% off
  • Standard
    58 pages
    French language
    sale 15% off
ISO
ISO 22301:2019(Main)
Security and resilience - Business continuity management systems - Requirements

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise. The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity. This document is applicable to all types and sizes of organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; d) seek to enhance their resilience through the effective application of the BCMS. This document can be used to assess an organization's ability to meet its own business continuity needs and obligations.

  • Standard
    21 pages
    English language
    sale 15% off
  • Standard
    21 pages
    English language
    sale 15% off
  • Standard
    22 pages
    French language
    sale 15% off
  • Standard
    22 pages
    French language
    sale 15% off
  • Standard
    22 pages
    French language
    sale 15% off
ISO
ISO/TS 22331:2018(Main)
Security and resilience - Business continuity management systems - Guidelines for business continuity strategy

This document gives guidance for business continuity strategy determination and selection. It is applicable to all organizations regardless of type, size and nature, whether in the private, public or not-for-profit sectors. It is intended for use by those responsible for, or participating in, strategy determination and selection.

  • Technical specification
    25 pages
    English language
    sale 15% off
  • Technical specification
    28 pages
    French language
    sale 15% off
ISO
ISO/TS 22330:2018(Main)
Security and resilience - Business continuity management systems - Guidelines for people aspects of business continuity

This document gives guidelines for the planning and development of policies, strategies and procedures for the preparation and management of people affected by an incident. This includes: - preparation through awareness, analysis of needs, and learning and development; - coping with the immediate effects of the incident (respond); - managing people during the period of disruption (recover); - continuing to support the workforce after returning to business as usual (restore). The management of people relating to civil emergencies or other societal disruption is out of the scope of this document.

  • Technical specification
    38 pages
    English language
    sale 15% off
ISO
ISO 28004-3:2014(Main)
Security management systems for the supply chain - Guidelines for the implementation of ISO 28000 - Part 3: Additional specific guidance for adopting ISO 28000 for use by medium and small businesses (other than marine ports)

ISO 28004-3:2014 has been developed to supplement ISO 28004-1 by providing additional guidance to medium and small businesses (other than marine ports) that wish to adopt ISO 28000. The additional guidance in ISO 28004-3:2014, while amplifying the general guidance provided in the main body of ISO 28004-1, does not conflict with the general guidance, nor does it amend ISO 28000.

  • Standard
    15 pages
    English language
    sale 15% off
  • Standard
    15 pages
    Russian language
    sale 15% off
  • Standard
    18 pages
    Russian language
    sale 15% off
ISO
ISO 28004-4:2014(Main)
Security management systems for the supply chain - Guidelines for the implementation of ISO 28000 - Part 4: Additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective

ISO 28004-4:2014 provides additional guidance for organizations adopting ISO 28000 that also wish to incorporate the Best Practices identified in ISO 28001 as a management objective on their international supply chains. The Best Practices in ISO 28001 both help organizations establish and document levels of security within an international supply chain and facilitate validation in national Authorized Economic Operator (AEO) programmes that are designed in accordance with the World Customs Organization (WCO) Framework of Standards. ISO 28004-4:2014 is not designed as a standalone document. The main body of ISO 28004-1 provides significant guidance pertaining to required inputs, processes, outputs and other elements required by ISO 28000. ISO 28004-4:2014 provides additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective.

  • Standard
    6 pages
    English language
    sale 15% off
  • Standard
    6 pages
    Russian language
    sale 15% off
ISO
ISO 28001:2007(Main)
Security management systems for the supply chain - Best practices for implementing supply chain security, assessments and plans - Requirements and guidance

ISO 28001:2007 provides requirements and guidance for organizations in international supply chains to develop and implement supply chain security processes; establish and document a minimum level of security within a supply chain(s) or segment of a supply chain; assist in meeting the applicable authorized economic operator (AEO) criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes. In addition, ISO 28001:2007 establishes certain documentation requirements that would permit verification. Users of ISO 28001:2007 will define the portion of an international supply chain within which they have established security; conduct security assessments on that portion of the supply chain and develop adequate countermeasures; develop and implement a supply chain security plan; train security personnel in their security related duties.

  • Standard
    27 pages
    English language
    sale 15% off
  • Standard
    35 pages
    Russian language
    sale 15% off
ISO
ISO 28004-1:2007(Main)
Security management systems for the supply chain - Guidelines for the implementation of ISO 28000 - Part 1: General principles

ISO 28004:2007 provides generic advice on the application of ISO 28000:2007, Specification for security management systems for the supply chain. It explains the underlying principles of ISO 28000 and describes the intent, typical inputs, processes and typical outputs for each requirement of ISO 28000. This is to aid the understanding and implementation of ISO 28000. ISO 28004:2007 does not create additional requirements to those specified in ISO 28000, nor does it prescribe mandatory approaches to the implementation of ISO 28000.

  • Standard
    56 pages
    English language
    sale 15% off
  • Standard
    61 pages
    French language
    sale 15% off
  • Standard
    80 pages
    Russian language
    sale 15% off