Integrating ISO 9001 and ISO 27001 documentation
Assign topic to the user
Answer: ISO 9001 and ISO 27001 share many similar requirements that allow the use of a single document for both systems (e.g., document control procedure, internal audit etc.). Other required documents defined specifically for each standard, such as security policies and quality plans, can be kept separated without risks to create inconsistencies.
This article will provide you further explanation about integrating management systems:
- How to implement integrated management systems https://advisera.com/articles/how-to-implement-integrated-management-systems/
What if the Quality Management System we intend to integrate with isn't ISO certified?
In case the QMS is not certified, you still can use the shared documentation for your ISMS, since during the ISMS certification audit they also will be audited as if they were developed exclusively for the ISMS.
This article will provide you further explanation about certification audit:
- Which questions will the ISO 27001 certification auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
For information about ISO 27001 and ISO 9001 integration, I suggest you to see these materials:
- Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
- ISO 27001 implementation: How to make it easier using ISO 9001 https://advisera.com/27001academy/webinar/iso-27001-implementation-make-easier-using-iso-9001-free-webinar-demand/
Comment as guest or Sign in
Oct 16, 2018