Maintaining two risk registers for ISO 9001 and ISO 27001
is it mandatory to maintain two risk register for ISO 9001 an ISO 27001 respectively?
Assign topic to the user
No, it is not mandatory to maintain two risk registers for ISO 9001 and ISO 27001 respectively. Please check this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ - there is no mandatory requirement in ISO 9001:2015 to keep a risk register. So, it is up to you to design the approach that best suits your organization, one common or two separate risk register.
You can find more information below:
- How to address risks and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
- About risks, you can see this free webinar on-demand - How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Comment as guest or Sign in
Dec 25, 2020