Integrated Management System
We have several experiences of implementing more than one standard.
Here are some of our experiences
- ISO 27001 and ISO 20000 for an Internet Service Provider
- ISO 27001, ISO 20000, and ISO 9001 for an access control and biometric provider
- ISO 27001 and 22301 for a Telecom provider covering 3 locations
- ISO 27001 and ISO 22301 for a card service provider, which was PCI – DSS
- ISO 20000 for an existing ISO 27001 certified government organisation
- SOC 2 for an ISO 27001 organisation
- HIPAA for an ISO 27001 organisation
- COBIT for ISO 27001, ISO 22301 and ISO 20000 certified Bank
- SOC 1/COSO for ISO 27001 certified knowledge process outsourcing service provider
- Integration of SOC1/COSO and ISO 27001 for three organizations in the same location with different support functions
In each of these assignments we helped organisation start with business objectives followed by a statement of controls/applicability that helps determine alignment of objectives to controls.
If you are looking for integration, with existing systems and/or wish to go for one or more standards together, kindly contact us, and we can share how we will design a better process.