Auditing integrated ISO 27001, ISO 20000 and ISO 9001
I have a question regarding the ISO auditing process.
My company is trying to do an integrated ISO management system with ISO27001, ISO20000 and ISO9001. Can each of standards be audited individually or must we implement all first and then go for auditing/certification?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
An integrated management system can be audited/certified against only one of its component standards, so you do not need to implement all standards first and then go for auditing/certification.
Please note that some certification bodies can perform integrated audits (you can ask for this information from your chosen certification body), so you also need to consider that when defining your implementation strategy.
This article will provide you a further explanation about certification audit:
- Which questions will the ISO 27001 certification auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
These materials will also help you regarding certification audit:
- Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
Comment as guest or Sign in
Mar 18, 2021