New Podcast: Integration of an ISO 27001 into an existing ISO 9001 QMS

Howard and Jim chat about the integration of an ISO 27001 into an existing ISO 9001 QMS.

Points discussed include:

  • ISO 9001 Quality Management Standard is the most prevalent in the world. It’s been around since 1987 and there are over 2 million certificates worldwide in over 170 countries.
  • Best Practice would be to integrate ISO 27001 into your existing ISO 9001 system (or any other Harmonized Standard system) instead of having two separate systems.
  • Start off by reviewing Clause 4 and make any necessary tweaks such as the ‘Interested Party’ section.
  • Follow up by reviewing  the other clauses , 5 though 10, to determine the sections that may need some additional IS related information.
  • Whatever method you’re using to determine risks in quality, you can definitely start with that for information security risks.
  • Create your Statement of Applicability from Annex A.

Listen Now

On Our Next Episode

In the next episode of the ISO Review Podcast, Jim will discuss Root Cause Analysis Considerations for your ISO 27001 Information Security Management System.