Hello, we would like to certify our company ISO 27001. Since our organization is made up of a mother (holding company) and several subsidiaries, our question is whether certification is possible for all companies at once and what is the procedure. As soon as this question has been clarified, we will tackle the preparation with the help of your template. Thanks for your help in advance.
It is possible to have a single certification for your organization and its subsidiaries, but please note that implementing a certification in multiple geographic locations is a complex, and more expensive, task and you should go for it only if it is really necessary for business strategies and objectives. Instead, you should consider the prioritization of locations and implementing the certification one location at a time. Additionally, with multiple certifications, in case one location has some problem with fulfilling requirements, this will not affect the certification of other sites.
These articles will provide you a further explanation about scope definition: