CRM Document Management
As it is a small company it would be beneficial to complete most document management within the CRM to enable embedding security in all aspects of service delivery. What is the likely view of auditors of such an approach? This would of course be reflected in the Records Management document.
Assign topic to the user
Your approach for embedding document management into your CRM will be acceptable by the auditor provided you comply with the standard’s requirements (clause 7.5):
- How, and by whom, documents are approved?
- Who needs to access the documents and how do they do that
- How documents are protected
- How documents are changed
- For how long documents are kept and how they are disposed of when do not need anymore
Please note that if it is not possible to use the CRM to comply with all requirements you can still use a combination of CRM and Conformio to achieve compliance.
For further information, see:
- How to manage documents according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2021/06/27/how-to-manage-documents-according-to-iso-27001-and-iso-22301/
Comment as guest or Sign in
Feb 06, 2023