I actually have one question /clarification based one what I read which confirms that it is possible to get certified for both 9001 and 27001 at the same time. I would like to get clarification on how both projects would be done concurrently and/or together. What are the common activities / interview meetings / deliverables? Can a department interview approach be taken? Is the risk assessment and treatment plan common to both standards or only specific to 27001? How does the certification audit work in this case? What does it take to undertake both projects at the same time ( in terms of additional time and resources)? Do you recommend to work on both 9001 and 27001 certification at the same time?