International Organization for Secure Commerce

Frequently Asked Questions

The IOSC was started by a group of professionals in El Paso, Texas who have a passion and interest in commerce security. These people had been involved in several of the early government and industry programs involving cross-border supply chain security. Included in this group are some of the early adopters and pioneers in such programs as CIP, C-TPAT, STEP, and FAST. A need was seen for an organization that could take supply chain security, specifically as it relates to border operations, and expand and refine the concept into a business improvement process. At the same time there were no broadly applicable secure commerce standards, few high-quality education programs available addressing the area of commerce security, and no certification available to provide professional recognition for those working in the field. Thus the International Organization for Secure Commerce was born.

The International Organization for Secure Commerce currently receives funds from two sources; membership dues and professional service fees. Membership dues are collected at the time an IOSC member joins the organization or renews a membership. Professional fees are collected when an IOSC examiner performs and audit or when an IOSC instructor teaches a class. Currently, IOSC auditors and instructors receive 90% of the collected fees, and the IOSC retains 10%. It is anticipated that the IOSC may apply for grants to help support the delivery of our education programs.

It is safe to say that CBP is generally cautiously supportive of anyone contributing to the security of the international supply chain. That being said, the IOSC has no official support from or connection with U S Customs and Border Protection.

Lean Security is the IOSC methodology for perfomring a risk assessment in the context of a compmahys business objectives, regulatory environment and security goals. It helps to avoid un-needed security spending while providing cost/benefit and failure mode analysis to support your security program.

	Frequently Asked Questions
	Listed below are some of the questions commonly asked about IOSC operations, programs and personnel. If you do not find an answer here, please feel free to contact us. We can be reached at (915) 544-2034, or check our contact information page.
Quick Links Overview Secure Commerce ProtocolsT Frequently Asked Questions Statement of mission, vision and values Board of Directors Bylaws

			1. Who started the IOSC and why? 2. How is the IOSC funded? 3. Who gets the money from the IOSC? 4. Are you competing with BASC? 5. What is the difference between the IOSC and BASC? 6. Is the IOSC supported by CBP? 7. Who teaches the IOSC classes? 8. Can my company be a member of the IOSC? 9. Where and when are classes available? 10. What is Lean SecurityT? 11. Where did the Secure Commerce ProtocolsT come from? 12. What is the purpose of the individual certification program? 13. What is the difference between supply chain security and secure commerce?


	1. Who started the IOSC and why?
			The IOSC was started by a group of professionals in El Paso, Texas who have a passion and interest in commerce security. These people had been involved in several of the early government and industry programs involving cross-border supply chain security. Included in this group are some of the early adopters and pioneers in such programs as CIP, C-TPAT, STEP, and FAST. A need was seen for an organization that could take supply chain security, specifically as it relates to border operations, and expand and refine the concept into a business improvement process. At the same time there were no broadly applicable secure commerce standards, few high-quality education programs available addressing the area of commerce security, and no certification available to provide professional recognition for those working in the field. Thus the International Organization for Secure Commerce was born.
	2. How is the IOSC funded?
			The International Organization for Secure Commerce currently receives funds from two sources; membership dues and professional service fees. Membership dues are collected at the time an IOSC member joins the organization or renews a membership. Professional fees are collected when an IOSC examiner performs and audit or when an IOSC instructor teaches a class. Currently, IOSC auditors and instructors receive 90% of the collected fees, and the IOSC retains 10%. It is anticipated that the IOSC may apply for grants to help support the delivery of our education programs.
	3. Who gets the money from the IOSC?
			The short answer is 'nobody, the money stays in the organization'. Because the IOSC is incorporated in the State of Texas pursuant to the Texas Non-Profit Corporation Act, none of the revenue or profits from the organization can be distributed to the founders or board members. Board members are not compensated for their service on the board. All revenue is used for IOSC operations. It is anticipated that any operational surplus will be used to fund scholarships to support education in the field of secure commerce.
	4. Are you competing with BASC?
			The IOSC is not intended to compete with BASC. Each organization serves a different purpose and provides different member benefits. We support the aims and goals of BASC and believe the two organizations are complimentary.
		5. What is the difference between the IOSC and BASC?
			While the IOSC and BASC are both interested in secure global supply chains, preventing smuggling and terrorism, and developing supply chain security standards, there are some key differences between the two organizations: BASC is an organization of member companies, whereas the IOSC is an organization of individuals. Our members are professionals, regulatory personnel and students dedicated to secure commerce. IOSC facility audits are conducted with no requirement for membership. The audit must be done by a third party with a Certified Secure Commerce Examiner certification, and any costs are strictly to compensate the auditor(s) for their time. If a facility passes the audit they may request certification by paying a $50 filing fee and submitting an application. A unique aspect of the IOSC philosophy is that the security process used for supply chain security should actually be applied to the entire business cycle. The term secure commerce is intended to reflect our view of secure business practices as a business improvement process, impacting and providing measurable benefits to all areas of an organization. This whole system approach is reflected in our standards, the Secure Commerce Protocols, which cover not only the supply chain but such areas as disaster planning, information systems, continuity of operations, and security/compliance program management. Finally, the IOSC focuses much of its effort on individual education and certification. We beleive that by educating professionals in secure business practices, and offering a certification program to recognize acheivement, we can have a significant and positive impact on the security of organizations and communities around the world.
	6. Is the IOSC supported by CBP?
			It is safe to say that CBP is generally cautiously supportive of anyone contributing to the security of the international supply chain. That being said, the IOSC has no official support from or connection with U S Customs and Border Protection.
	7. Who teaches the IOSC classes?
			IOSC classes are currently taught by members of our board of directors. In most cases these are the same secure commerce professionals that helped develop the standards and course materials. IOSC trainers must be certified in both the subject matter and as instructors. Over the long run we hope to certify many more instructors to increase the availability of our training.

	8. Can my company be a member of the IOSC?
			No, the IOSC has no corporate members. Membership is available only to individuals. However, a company may become a Certified Secure Commerce Facility through the audit and application process for facility certification. Companies may also choose to schedule on-site secure commerce training for their employees, and may receive a discount for for full training programs.
	9. Where and when are classes available?
			The IOSC commerce security classes are currently being offered through the University of Texas at El Paso department of Professional and Continuing Education. Classes start September 27th and will be offered regularly. Costs range from $80 to $350, with discounts for IOSC members. Classes are also soon to be offered through the El Paso Community College. EPCC is the fastest growing community college in the country, and we are very excited about our partnership with them. Class costs has yet to be determined. IOSC education courses can also be delivered on-site, virtually anywhere. Our instructors can put together a series of our standard modules that results in your staff receiving the training they need along with a professional certification. Onsite training costs are $600 per day plus expenses. Contact the IOSC at (915) 544-2034 for more information.
	10. What is Lean SecurityT?
			Lean Security is the IOSC methodology for perfomring a risk assessment in the context of a compmahys business objectives, regulatory environment and security goals. It helps to avoid un-needed security spending while providing cost/benefit and failure mode analysis to support your security program.
	11. Where did the Secure Commerce ProtocolsT come from?
			The Secure Commerce Protocols were written by Andrew Neal. They were developed by looking at the best-practices actually employed by leading manufacturers and transportation companies. These practices were then combined with the current standards, techniques and methodologies being employed in other fields. Disciplines such as information security, disaster planning and recovery, quality assurance, finance and law enforcement are among those that influenced the standards. The result was reviewed by the IOSC Board of Directors, which has well over 100 years of combined experience in manufacturing, transportation and international trade, to verify that the standards meet or exceed the minimums required for regulatory compliance. Ongoing review and update of the Secure Commerce Protocols is one of the primary goals of the IOSC.
	12. What is the purpose of the individual certification program?
			The individual certification program is an idea developed by the IOSC to recognize people working in secure commerce that have made the committment necessary to develop their training, skills and professional experience. Many professions have some kind of certification or recognition program. The IOSC aims to provide an internationally recognized certification program for the secure commerce field.
	13. What is the difference between supply chain security and secure commerce?
			The differences in supply chain security and secure commerce are in program scope and approach. Secure commerce considers the supply chain to be dependant on the rest of the business process, so a secure supply chain requires that the entire business cycle be included in the security program. Secure commerce also requires that the term security be applied not just to criminal or terrorist threats, but also to other types of threat such as natural disaster, social unrest, and utility or data disruptions.