2nd ICAI 2022

International Conference on Automotive Industry 2022

Mladá Boleslav, Czech Republic

B.2 Step one – Consideration of the security threat scenarios B.3 Step two – Classification of consequences B.4 Step three – Classification of likelihood of security incidents B.5 Step four – Security incident scoring B.6 Step five – Development of countermeasures B.7 Step six – Implementation of countermeasures B.8 Step seven – Evaluation of countermeasures B.9 Step eight – Repetition of the process B.10 Continuation of the process ANNEX C Guidance for obtaining advice and

1 1

certification C.1 General C.2 Demonstrating conformance with ISO 28001 by audit C.3 Certification of ISO 28001 by third party certification bodies Bibliography Source: Authors preparation according to ISO 28001:2007

Table 1 shows that when implementing, maintaining and improving supply chain security management systems according to the standard ISO 28001:2007, it is necessary to satisfy 69 ÷ 71 requirements, to present 9 ÷ 10 documented information. In addition to Annexes A, B and C, the number of explanatory notes is 17 and there are 2 in Annex B. Numeric intervals are given by required or unrequired items of the customer or other interested party This information is also contained in the data file for building the model of the given management systems. 3. Problem Solution Of course, solving the problem of management systems using visual management is mainly in visual form. The explanations for the individual pictures are more or less complementary. In this form, it is not possible to fully present the dynamics of the model. We will try to give a concise presentation in 2D view. In Figure 5 there is shown the central node of the created model “Standard ISO 28001: 20017 SMS-SC”, this node is connected by means of links to the main clauses of the standard (blue rounded rectangles) from 0 INTRODUCTION to Bibliography. The 4 FIELD OF APPLICATION and 5 SUPPLY CHAIN SECURITY PROCESS clauses are subject to the PDCA (orange diamond shape with multicolour circle) cycle. The relevant standard is ISO 20858 is included on the left. In Figure 6 there is illustrated the final model of the management systems according to ISO 28001 with all nodes that present clauses, subclauses, mandatory requirements

165