ISO 22380

ISO 22380:2018  Security and resilience – Authenticity, integrity and trust for products and documents – General principles for product fraud risk and countermeasures, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018. ISO 22380 is a guidance document that provides principles on how to identify the risks related to various types of product fraud and product fraudsters. The included guidance can be used by any type of organization in order to establish strategic, countermeasures to prevent or reduce any harm from fraudulent attacks.

Scope and contents
ISO 22380 includes the following main clauses: Annex A Examples of profiling, risk assessment and countermeasures Annex B Decision making on security countermeasure investments
 * 1) Scope
 * 2) Normative references
 * 3) Terms and definitions
 * 4) General principles for product fraud risk and countermeasures
 * 4.1 Evaluation of situational context of product fraud
 * 4.2 Classification of intention and motive of product fraud
 * 4.3 Classification of product fraud activities
 * 4.4 Classification of product fraudsters
 * 4.5 Profiling and conducting a risk assessment of product fraud
 * 4.6 Selection and implementation of countermeasures
 * 4.7 Effectiveness assessment of countermeasures

Related standards
ISO 22380 is part a series of documents on Authenticity, integrity and trust for products and documents, including
 * ISO 22381:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for interoperability of product identification and authentication systems
 * ISO 22382:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for the content, security and issuance of excise tax stamps
 * ISO 12931:2012 Performance criteria for authentication solutions used to combat counterfeiting of material goods
 * ISO 16678:2014 Guidelines for interoperable object identification and related authentication systems to deter counterfeiting and illicit trade

History
ISO 22380 was first being developed in ISO/TC 247 Fraud countermeasures and controls under the number ISO 19564. The standard got a new number when ISO/TC 247 was merged into ISO/TC 292 in 2015.