Integrating ISO27001, ISO20000 and ISO9001
Trust you are well. My company is looking to implement an integrated management system with ISO27001, ISO20000 and ISO9001. We already have begun ISO27001 using the toolkit purchased from Advisera.
How do I begin integrating the other two ISO standards?
Is there a procedure that I can follow?
Can some of the ISO27001 mandatory documents be used for the other standards?
Assign topic to the user
ISO 27001, ISO 20000, and ISO 9001 share some common requirements that can be fulfilled by the same documents with minor adjustments, like document control procedure, internal audit, and management review. For requirements specific to each standard you will need to develop specific documents.
There is no specific procedure for such integration, but broadly speaking you can follow the steps to implement ISO 27001 and use the following material to identify when common requirements can be integrated:
- ISO 27001 vs. ISO 9001 matrix (PDF) https://info.advisera.com/9001academy/free-download/iso-9001-2015-vs-iso-27001-2013-matrix
- ISO 27001 vs. ISO 20000 matrix (PDF) https://info.advisera.com/27001academy/free-download/iso-27001-vs-iso-20000-matrix
For further information, see:
- Using ISO 9001 for implementing ISO 27001 https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
- How to implement ISO 27001 and ISO 20000 together https://advisera.com/27001academy/blog/2015/03/16/how-to-implement-iso-27001-and-iso-20000-together/
- How to integrate ISO 27001 and ISO 20000 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-integrate-iso-27001-and-iso-20000-free-webinar-on-demand/
Comment as guest or Sign in
Nov 05, 2020