1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationSupply chain security (SCS) Good practice guide for small and medium sized operatorsPD CEN/TR 16412:2012National forewordThis Published Document is the UK implementation of CEN/T
2、R 16412:2012. The UK participation in its preparation was entrusted by Technical CommitteeOS/1, Obsolescence management, to Panel OS/1/-/4, Supply chain management.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does not purport to i
3、nclude all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2012Published by BSI Standards Limited 2012 ISBN 978 0 580 77945 9 ICS 03.100.10Compliance with a British Standard cannot confer immunity from legal obligations.Thi
4、s Published Document was published under the authority of the Standards Policy and Strategy Committee on 30 September 2012.Amendments issued since publicationDate Text affectedPUBLISHED DOCUMENTPD CEN/TR 16412:2012TECHNICAL REPORT RAPPORT TECHNIQUE TECHNISCHER BERICHT CEN/TR 16412 September 2012 ICS
5、 03.100.10 English Version Supply chain security (SCS) - Good practice guide for small and medium sized operators Scurit de la chane dapprovisionnement - Guide de bonnes pratiques pour les petites et moyennes entreprisesSicherheit von Lieferketten - Handbuch fr bewhrte Praktiken fr kleine und mittle
6、re Unternehmen This Technical Report was approved by CEN on 13 August 2012. It has been drawn up by the Technical Committee CEN/TC 379. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of
7、 Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATIO
8、N EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2012 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TR 16412:2012: EPD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 2 Contents Page Foreword 31 Scope
9、 42 Recommended Supply Chain Security Approach 53 Crime prevention in supply chains 73.1 Introduction 73.2 Cargo theft 73.3 Counterfeit goods 83.4 Terrorism in supply chains .93.5 Sabotage in supply chains 103.6 Cross-border duty and tax fraud . 113.7 Smuggling of prohibited and restricted goods . 1
10、23.8 People smuggling . 133.9 Document fraud 133.10 Bogus companies . 143.11 Cyber crime . 154 Supply chain security regulations and programs . 174.1 Introduction . 174.2 Import Control System (ICS) and Export Control System (ECS) in the EU 174.3 Maritime Security Legislation, ISPS Code in the EU .
11、184.4 Aviation Security Legislation, Air Cargo Supply Chains in the EU . 184.5 European Union Authorized Economic Operator (EU AEO) 194.6 Regulated agent, Known consignor and Account consignor in the EU . 204.7 ISO 28000 Series of Standards on Supply Chain Security Management Systems 214.8 Transport
12、ed Asset Protection Association (TAPA) in Europe . 21PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 3 Foreword This document (CEN/TR 16412:2012) has been prepared by Technical Committee CEN/TC 379 “Supply Chain Security”, the secretariat of which is held by NEN. Supply chains move huge quantities and val
13、ues of products and services between businesses and between businesses and consumers throughout Europe and between Europe and countries in other continents. These movements present enormous opportunities for organized crime and terrorists. The intrusion of crime and terrorist activity has become a m
14、ajor risk in doing business for the majority of operators within the supply chain, i.e.: cargo owners; shippers; forwarders; terminal operators; transporters. PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 4 1 Scope This Technical Report aims to provide Small and Medium sized Enterprises (SMEs) basic kno
15、wledge about how to manage and mitigate the risk of criminal and terrorist activities. This is a shared objective for the private and public sector.1For the private sector, companies have gained experience on measures, which can assist in preventing security breaches from happening, to protect again
16、st supply chain interruption. Also some business standards have been developed identifying measures, which companies can execute in order to obtain labels which certify business operations and reward them with a security quality label. The public sector has developed security legislation which compa
17、nies should either mandatory or voluntary apply into their business operations. This Guide provides an easy-to-read overview on: 1) How SMEs can apply a supply chain security approach to their operations (Clause 2). 2) The main crime types in the supply chain including some measures to fight these c
18、rime types from occurring (Clause 3). 3) Supply chain security legislation and programs, with their respective compliance requirements (Clause 4). 1In the context of this guide, “supply chain security” covers risk management, crime prevention, security procedures and technologies, as well as securit
19、y regulations and programs. The overview and examples in this book are based on recent academic work and interviews with experts in the field, including CEN SCS Feasibility Study (2010); EU FP7-LOGSEC Roadmap (2011) and interviews with CEN TC/379 experts. PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 5
20、2 Recommended Supply Chain Security Approach How to integrate supply chain security into your business? Various ways are possible and being explored by companies. Existing guidelines and best practices often refer to the exploitation of risk management approaches. However, the practical application
21、of these approaches is often difficult to understand and apply in practice for SMEs. Hence, in this guide a concrete step-by-step approach is explained, with examples of practical security measures to mitigate specific crime risks, and to comply with specific security regulations and standards. In t
22、his guide, the following six steps are recommended2: FIRST, define the context for your supply chain, crime prevention and security management activities. The major questions being: Which business are you in, and how “security sensitive” is it? Which geographies and transport modes are included? Who
23、 are the customers, suppliers, insurance providers, governmental agencies and other key stakeholders your supply chain operates with? As an outcome, you create the context before moving on to the next considerations. 2There is no guarantee that a certain security measure brings a sustainable, positi
24、ve outcome. PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 6 SECOND, perform a threat and vulnerability analysis, when it comes to actual criminal and terrorist threats in your supply chain. 3The major questions being: Where are the risks of failing today, i.e. where are the gaps calling for enhanced sec
25、urity? Which crime types are of particularly high risk in your supply chain? Use statistical sources, if available, while carrying out such risk assessments. What are the realized and/or potential consequences of one or more crime incidents? THIRD, consider regulatory and program aspects.4The major
26、questions being: Which regulations are required for you to operate successfully in your defined business environment, and which programs could support achieving your business objectives? What do your customers expect from you? What about your suppliers? Have your insurance providers established any
27、requirements? What about relevant governmental authorities, including customs and police? FOURTH, create an overarching security plan for your company and/or supply chain, where you consider a variety of security management aspects, taking into consideration the outcomes of your business context; th
28、reat and vulnerability; as well as security program and regulatory aspects analysis (steps one, two and three above). The aspects you should take into consideration are: Physical security (facilities, vehicles, containers, shipments etc.); Data security (in particular systems with supply chain data)
29、; Human resources security (including selection, training, and exit procedures); - Business partner security (including selection, and auditing); and Process control and monitoring of deviations. FIFTH, choose the combination of concrete security measures investments in technologies, procurement of
30、services, in-house solutions and so forth and implement them into practice. Embed security procedures and technologies as much as feasible into daily operations, as part of your overall supply chain, logistics, and transport management functions. SIXTH, monitor and measure the security performance a
31、nd feedback to the planning cycle. Take corrective actions. Increase security at weak spots, and reduce in the areas where overinvestment has taken place. Pay attention to the dynamics and changing situations when it comes to criminal focus areas and “criminal portfolios”; technical and operational
32、improvements - both licit and illicit aspects - and legislative requirements, and consequences, both for the licit and illicit actors. 3Clause 2 helps to increase understanding the types of threats one could be subject to and do something about. 4Clause 3 provides an overview of key regulation and p
33、rograms. PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 7 3 Crime prevention in supply chains 3.1 Introduction Ten relevant crime types have been chosen fallen under the following five categories: 1) Property theft: Cargo theft; Intellectual property violations. 2) Targeted damage: Terrorism; Sabotage. 3
34、) Cross-border duty and tax fraud 4) Illegitimate transporting / importing and/or exporting: Smuggling of prohibited and restricted goods; People smuggling. Crime facilitation: Document forgery; Bogus companies; Cyber crime.For each crime type, the issue (What are the main characteristics and what a
35、re the typical products / sectors involved?), scope of the problem (Why is it a problem?) and actions to take (How to mitigate the risks?) are being elaborated on. 3.2 Cargo theft Cargo theft can be defined as “.any theft of shipment committed during its (surface) transportation or within a warehous
36、e.”5. This covers straightforward theft, hijacking, robbery, fraudulent pick-up, and load diversions, etc.6. The value of a single load can be anything from a few thousand to few dozen million Euros. On the other hand, in case of getting caught, cargo crimes often result only in minor legal punishme
37、nt. Valuable commodities, which have high demand on the after-market and are easily transportable, are quick to sell and particularly vulnerable for cargo theft7. These commodities include consumer electronics, cigarettes, food, alcohol, brand apparels, precious metals and prescription drugs. Cargo
38、crime incidents can occur in any part of a supply chain, but truck stops and unsecured parking lots are the most vulnerable spots in the chain (NICB 2010). In addition to the high financial losses estimated to be over 8 billion Euros in Europe in 2009 8, the human suffering caused by threats and vio
39、lence involved in cargo theft is huge.9From the private sector perspective, cargo theft is commonly considered the most frequent crime threat in supply chains today. All operators can be usual victims of cargo theft. Manufacturers face material shortages due to theft incidents, resulting in producti
40、on downtime, missed deliveries and lost sales10. For the logistics sector, cargo theft causes liability and insurance problems, lower customer satisfaction and so on. For the public sector, cargo theft is a cost 5Cargo Theft Report. Applying the Brakes to Road. Cargo Crime in Europe. Public version
41、excluding Appendix D (Europol Restricted). The Hague, 2009. Editorial note: term ”surface” is used instead of ”road”. 6Cargo theft is being perceived as an attractive, high reward, low risk criminal industry FIA 2001, Contraband, Organized Crime and the Threat to the Transportation and Supply Chain
42、Function 7Felson and Clarke, 1997, Opportunity makes thief 8http:/ 9IRU 2006 Attacks on Drivers of International Heavy Goods Vehicles 10Anderson, Bill (2007), Securing the Supply Chain Prevent Cargo Theft, Security, Vol. 44, N5, pp. 56-58 PD CEN/TR 16412:2012CEN/TR 16412:2012 (E) 8 and reputation fa
43、ctor for the police and the legal system. It can be dangerous for consumers, who unknowingly or knowingly buy stolen goods. As yet, fighting cargo crime has not traditionally been a high priority concern for policymakers11. Measures to mitigate the risk of theft relate to Physical security measures
44、for buildings, parking areas, and vehicles are key. Selecting low-risk routes, avoiding unnecessary stops, and not picking up unknown people into trucks are good policies. Careful selection and training of personnel and supply chain partners, as well as conducting audits of security capabilities of
45、the logistics service providers normally helps to mitigate the risks. (Hidden) tracking devices among the cargo as well as tracking devices in the vehicle and even vehicle immobilization systems can help to recover the stolen items. 12 Training of warehouse workers and drivers can also be a useful r
46、ecovery measure. Further reading on how to reduce cargo theft in the supply chainW IRU Road Transportation Security Guidelines 2005, which is available at http:/www.iru.org/en_guidelines-goods TAPA FSR 2011 and TAPA TSR 2008, which are available at http:/ 3.3 Counterfeit goods Counterfeiting can be
47、defined as“the illegal reproduction or imitation of products, given that this illegality is the result of a violation of any type of intellectual property rights”13. Counterfeits products are mostly transported to affluent markets via legitimate supply chains, whereby the production of the counterfe
48、its often takes place at the upstream of an otherwise legitimate supply chain. Counterfeiting trade can bring huge profits, while there is a low risk of being caught and moderate punishment in case of being caught. In some countries, the public perception is that counterfeiting can be socially accep
49、table. Advances in technology increasingly give counterfeiters the tools to copy.14It has been estimated that since early 1990s, global trade in counterfeits has increased eight times faster than legitimate trade. Todays global markets for counterfeit products account for 5 % - 7 % of world trade15. In a worst-case scenario, counterfeit products can cause serious damage to human health and safety
