Many organizations have made the strategic decision to obtain certification to more than one management system standard. Several clients that we serve have requested a course to assist in developing their internal audit programs to address the requirements of more than one management system. This 2 day course was designed to assist those organizations who have or are seeking certification to ISO 9001 Quality Management System Requirements, and ISO 27001 Information Security Management.
The course will introduce students to the concept of management system standards and the common threads found in the three standards. It will also introduce the student to the concept of auditing as found in ISO 19011 Guidelines for auditing management systems. The course will include an overview of the requirements for all of these standards. It will start with auditing concepts and the process approach. The first system examined will be an overview of ISO 9001 followed by exercises designed to reinforce auditing concepts and the ISO 9001 requirements. These modules will take up about half of the class.
An overview of ISO 27001 will follow. The class will be given exercises based on real scenarios that could be addressed by either standard. Class work is hands on and the class is broken up into audit teams who work together to assess evidence and develop audit findings. The class emphasizes the Plan, Do, Check, Act cycle found in all ISO management system standards as well as using the process approach in auditing.
Students will be required to bring copies of the ISO 9001 and the ISO 27001 Standards. The class is hands on and fast moving. Students are urged to read the standards before attending class. It should be emphasized that this class is an overview designed to help clients get off to a good start with their internal audit programs and/or provide basic training for new auditors who must deal with multiple standards.
It has been our privilege to work with and recognize the success of so many dedicated, hard working companies and individuals since our founding in 1991. It has been our and our clients' commitment to people, management systems, and delivering value that has made us all successful.
Since its start, SRI has been actively involved in the development of standards and their application in industry. We continue to be involved today in shaping the value of ISO registration for all companies worldwide. When you work with SRI, we bring a world of experience and expertise to work for you.