Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

9001 & 27001

Dear Dejan if acompany have already 9001, should I add any comment in to quality policy anything about 27001? and which documents will be related? by the way I already read your great article about 9001 and 27001 but some subject still vague for me. Thank you for your great support

0 0

Assign topic to the user

Select user

Guest

Guest post Jan 12, 2016

asan addition If we already had ISO 9001:2008 and ISO 27001:2005 can we combine between quality policy and information security in a single document ?

Quote

0 0

Guest

DejanK Jan 12, 2016

Hi Gokhan,

Although ISO 9001 and ISO 27001 are very compatible, I wouldn't add information security elements in your Quality Policy.

These documents you can use for both standards, you don't have to write them twice:

Document control procedure
Internal audit procedure
Procedure for corrective action
Procedure for preventive action (although this is not required in ISO 27001 2013 revision)

In documents which you use for both QMS and ISMS, you should mention the reference to both ISO 9001 and ISO 27001.

By the way, you can also see this webinar for detailed explanation: ISO 27001 implementation: How to make it easier using ISO 9001

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community

9001 & 27001

9001 & 27001

Assign topic to the user

Comment as guest or Sign in

Suggested Topics

Management review

Policy Version Control

How to write a proposal for ISO 27001& 9001 and Partnership