Implementation of the ISO 27001

1 - For instance, would it be sufficient for us to adjust certain procedures we already have because of this? Besides creating new ones that are required of course.

ISO 27001 and ISO 13485 share some common requirements, and procedures related to them can be integrated into single documents with minor adjustments, like document control, internal audit, and management review.

2 - Is integrating ISO 27001 into our Quality Management System possible?

ISO 27001 and ISO 13485 share some common requirements, it is perfectly possible to integrate them.

For further information, see:

• How to implement integrated management systems https://advisera.com/articles/how-to-implement-integrated-management-systems/
• Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/ (the general concept applies to ISO 13485)

3 - Does a gap analysis exist between ISO 13485 and ISO 27001 and if so, has it already been made?

A direct gap analysis is not available, but you can use these references to have this information:

• Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/
• ISO 27001 vs. ISO 9001 matrix (PDF) https://info.advisera.com/9001academy/free-download/iso-9001-2015-vs-iso-27001-2013-matrix

4 - Is this kind of information also addressed extensively in your toolkit?

I'm assuming you are referring to information related to integration.

Considering that, common demand is for integration between ISO 27001 and ISO 22301, and this is the information provided in the toolkit.

However, by buying the toolkit you will have our support, through questions sent to our experts, or by means of online meetings, where you can solve your doubts related to this and other related issues.