ISO/TS 22386:2024

Technical
Specification
ISO/TS 22386
First edition
Security and resilience —
2024-10
Authenticity, integrity and trust
for products and documents —
Guidelines for brand protection and
enforcement procedures
Sécurité et résilience — Authenticité, intégrité et confiance
pour les produits et les documents — Lignes directrices pour la
protection des marques et les procédures de mise en application
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 General terms related to brand protection .1
3.2 Terms related to organization and individuals .2
3.3 Terms related to enforcement.3
3.4 Terms related to case management and intelligence .4
3.5 List of abbreviated terms .4
4 Foundation of brand protection — IP portfolio . 4
5 O bjectives for brand protection activities . 5
5.1 Set the goals .5
5.2 Common challenges .6
5.3 Prioritization and integration .6
5.4 Return on investment (ROI) considerations .7
5.5 Measurement of key performance indicators (KPI).7
5.6 Managing risks .8
6 Building a brand protection team . 8
6.1 Team expertise .8
6.2 Members roles .9
6.3 External resources and partners .9
7 Brand protection strategy setup .10
7.1 Company alignment .10
7.2 Interrelation aspects .10
7.2.1 Sales department .10
7.2.2 Product manager .10
7.2.3 IP department .11
7.2.4 Marketing department .11
7.2.5 Information security department .11
7.2.6 Other aspects .11
8 Proactive actions and enforcement .11
8.1 Proactive actions .11
8.2 Enforcement actions . 12
8.3 Product identification features and secure label and packaging . 13
9 Case management .13
9.1 Case related information, evidence, and samples . 13
9.2 Functions and adoption of case management system . 13
9.2.1 General . 13
9.2.2 Structured data . 13
9.2.3 Case hub . 13
9.2.4 Data security .14
9.2.5 Access control .14
9.2.6 Intelligence .14
9.2.7 Workflow .14
9.2.8 Statistics and report .14
9.3 Data and systems interconnection .14
10 Data analytics and business intelligence . .15
10.1 Data science in brand protection . 15
10.2 Use of intelligence for planning and processes . 15

iii
Bibliography . 17

iv
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 292, Security and resilience.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

v
Introduction
The value of brands to a brand owner is both intangible and tangible. Brands are built as part of the
intellectual property rights (IPR) of the brand owner and enhance its related innovations. Brand reputation
relies on the brand owner’s investment and often leads to brand equity, including consumer trust and
confidence.
In recent years, counterfeiting activities have become increasingly aggressive, causing harm to brands.
Besides damages to a brand owner’s intangible and tangible assets, such activities also pose a threat
to the global economy and critical infrastructure assets, while endangering consumer health and safety.
Those responsible for counterfeiting products are solely seeking self-benefit, which means that they are
likely to provide poor working conditions, use child labou
...