ISO 9001 / Maintaining two risk registers for ISO 9001 and ISO 27001
is it mandatory to maintain two risk register for ISO 9001 an ISO 27001 respectively?
Please select user.
ISO 9001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
No, it is not mandatory to maintain two risk registers for ISO 9001 and ISO 27001 respectively. Please check this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ - there is no mandatory requirement in ISO 9001:2015 to keep a risk register. So, it is up to you to design the approach that best suits your organization, one common or two separate risk register.
You can find more information below:
HTML tags are not allowed