Integrating ISO 20000 and ISO 27001
Assign topic to the user
Answer: Both ISO 20000 an ISO 27001 standards do not prescribe how to build the documentation, so you can elaborate your ISO 27001 documentation as you proposed (putting inside the ISO 27001 documents, where appropriate, the references to the ISO 20000 ones or parts of the ISO 20000 documents).
But before you do that you should consider if keeping separated documents wouldn't require more effort than using an integrated document (generally integrated documents are more useful and require less effort).
These articles will provide you f urther explanation about documentation and integration:
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/
- How to implement ISO 27001 and ISO 20000 together https://advisera.com/27001academy/blog/2015/03/16/how-to-implement-iso-27001-and-iso-20000-together/
These materials will also help you regarding ISO 27001 and ISO 20000 integration:
- How to integrate ISO 27001 and ISO 20000 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-integrate-iso-27001-and-iso-20000-free-webinar-on-demand/
- ISO 27001 vs. ISO 20000 matrix https://info.advisera.com/27001academy/free-download/iso-27001-vs-iso-20000-matrix
Comment as guest or Sign in
May 15, 2018