Integrating ISO 9001 and ISO 27001
Assign topic to the user
So we can be 100% certain we have completed every single document within the 9001 necessary for the auditors, can you please provide a specific list of 9001 documents that have not been covered in 27001, that we need to complete.
Answer:
Mandatory documents for ISO 9001 which do not exist on ISO 27001 Toolkit are:
- Scope of the QMS (clause 4.3)
- Quality policy (clause 5.2)
- Quality objectives (clause 6.2)
- Criteria for evaluation and selection of suppliers (clause 8.4.1)
As for mandatory records:
- Monitoring and measuring equipment calibration records* (clause 7.1.5.1)
- Product/service requirements review records (clause 8.2.3.2)
- Record about design and development outputs review* (clause 8.3.2)
- Records about design and development i nputs* (clause 8.3.3)
- Records of design and development controls* (clause 8.3.4)
- Records of design and development outputs *(clause 8.3.5)
- Design and development changes records* (clause 8.3.6)
- Characteristics of product to be produced and service to be provided (clause 8.5.1)
- Records about customer property (clause 8.5.3)
- Production/service provision change control records (clause 8.5.6)
- Record of conformity of product/service with acceptance criteria (clause 8.6)
- Record of nonconforming outputs (clause 8.7.2)
- Monitoring and measurement results (clause 9.1.1)
Please note that records marked with * are only mandatory in cases when the relevant clause is not excluded.
This article will provide you additional information:
- Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
Comment as guest or Sign in
Feb 22, 2019