When the organisation is certified with ISO9001 and 27001, and have all the required policies in place. Now that we are in a pandemic what are the documentation changes we need to make in order to accommodate changes like work from home, health and safety etc.
The first thing you need to do is review the organizational context, identify which internal or external issues have changed and after that review the risk assessment, to identify if new risks have arisen or if current risks have changed, so you can perform required adjustments.
Specifically for ISO 27001, you will need to update the Statement of Applicability and the Risk Treatment Plan.
ISO 9001 documents to be updated will vary according to the results of risk assessment.
This article will provide you a further explanation about SoA: