Incorporating ISMS scope and policy into QMS
Assign topic to the user
Answer:
Yes, the best way to maintain both quality and information security management systems is to create integrated management system that will fulfill requirements of both ISO 9001 and ISO 27001. Besides information security policy and the scope there are a lot of common requirements of both standards. There are clauses 7, 9 and 10 of ISO 27001:2013 and ISO 9001:2015 with practically the same requirements so they can be addressed at the same time.
For more information, see: Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
Comment as guest or Sign in
Jul 08, 2016
 
            
