Scoping – consideration of internal/ external issues, as well as interested parties
Leadership – support from top management regarding resources,
communication, and aligning the management system’s objectives with those of the organization’s overall business objectives Human resources support – confirmation of adequate support for the implementation and ongoing maintenance of the management systems Document management – documentation process and procedure for management system documentation Internal audit – confirmation that an independent and objective review of the management system is performed Measurement and monitoring – confirmation that the operations of the management system is monitored Management review – evidence that relevant management personnel reviews the ongoing performance, continued suitability, adequacy, and effectiveness of the management system Continual improvement – ongoing and forward-thinking effort to improve overall management system
ISO 9001
Objective: To maintain the expected quality standards in the organization
Does not require a Statement of Applicability
ISO 27001
Objective: To provide requirements for establishing, implementing, maintaining
and continuously improving ISMS Utilizes controls from ISO 27002 to support its ISMS