Guest user Created: Oct 07, 2018 Last commented: Oct 07, 2018

Integrated implementation

1 - I have a few questions regarding the planning phase of implementing ISO 27001. I was wondering if you have any suggestions on how to integrate the ISO 27001 standard with an existing quality management system? Do you have any examples of how this has been done before?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Oct 07, 2018

Answer: For information about ISO 27001 and ISO 9001 integration, I suggest you to see these materials:
- Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
- ISO 27001 implementation: How to make it easier using ISO 9001 [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001-implementation-make-easier-using-iso-9001-free-webinar-demand/

2 - Additionally, can you tell me what would trigger a re-audit by an ISO auditor? After our initial audit and certification, do we need to be re-audited every time we update to a new version of a document that is part of the ISMS?

Answer: As part of the certification process, the certification body plans surveillance audits to b e performed periodically after a successful certification audit (normally they are performed annually), so there is no need to perform a re-audit every time the ISMS is updated. Another event that may trigger an additional audit is if the certification body receives a complaint from an organization's customer reporting a significant failure on the organization's ISMS.

For more information see:
- Surveillance visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 07, 2018

Expert Advice Community