Course Overview

This five-day intensive course enables participants to develop the necessary expertise to audit a Supply Chain Security Management System (SCSMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills  to proficiently plan and perform internal and external audits in compliance with ISO 19011 the certification process according to ISO 17021. Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to conduct efficiently an audit.

Who should attend?

  • Internal auditors
  • Auditors wanting to perform and lead Supply Chain Security Management System (SCSMS)  certification audits
  • Project managers or consultants wanting to master the Supply Chain Security Management System audit process
  • Persons responsible for the supply chain security or conformity in an organization
  • Members of a supply chain security team
  • Expert advisors in supply chain security
  • Technical experts wanting to prepare for an supply chain security audit function

Learning objectives

  • To acquiring the expertise to perform an ISO 28000 internal audit following ISO 19011 guidelines
  • To acquiring the expertise to perform an ISO 28000 certification audit following ISO 19011 guidelines and ISO 17021, ISO 28003 specifications
  • To acquiring the necessary expertise  to manage a SCSMS audit team
  • To understanding the operation of an ISO 28000 conformant Supply Chain Security Management System
  • To understand the relationship between a Supply Chain Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To improve the ability to analyze the internal and external environment of an organization, risk assessment and audit decision-making in the context of a SCSMS

Course Agenda

Day 1: Introduction to Supply Chain Security Management System (SCSMS) concepts as required by ISO 28000
  • Presentation of the standards ISO 28000 family of standards and the regulatory and legal framework related to supply chain security
  • Fundamental principles of Supply chain security
  • ISO 28000 certification process
  • Supply Chain Security Management System (SCSMS)
  • Detailed presentation of the clauses of ISO 28000
Day 2: Planning and Initiating an ISO 28000 audit
  • Fundamental audit concepts and principles
  • Audit approach based on evidence and on risk
  • Preparation of an ISO 28000 certification audit
  • SCSMS documentation audit
  • Conducting an opening meeting
Day 3: Conducting an ISO 28000 audit
  • Communication during the audit
  • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
  • Audit test plans
  • Formulation of audit findings
  • Documenting nonconformities
Day 4: Concluding and ensuring the follow-up of an ISO 28000 audit
  • Audit documentation
  • Quality review
  • Conducting a closing meeting and conclusion of an ISO 28000 audit
  • Evaluation of corrective action plans
  • ISO 28000 surveillance audit
  • ISO 28000 internal audit management program
Day 5: Certification Exam


ISO 28000 Foundation Certification or basic knowledge of ISO 28000 and ISO 28001 is recommended

Educational approach

  • This training is based on both theory and practice:
    • Sessions of lectures illustrated with examples based on real cases
    • Practical exercises based on a full case study including role playing and narrative presentation
    • Review exercises to assist the exam preparation
    • Practice test similar to the certification exam
  • To benefit from the practical exercises, the number of training participants is limited

Search Course

Managing Operational Incidents

January 30,2023 / 0 Comments

Implementing Risk and Resilience

January 30,2023 / 0 Comments

Resilient Culture

January 27,2023 / 0 Comments