Based on satisfied clients who have obtained ISO certification, we have devised an approach that will help you achieve ISO 9001:2008 and ISO 27001:2005 certification while implementing a sound and effective Quality or Information Security Management System that will foster continual improvement and customer satisfaction.
Our approach is three fold:
When we start the process, we work with your process or departmental groups through a series of process mapping sessions. Typically, we draft process maps and procedures based on meetings and interviews and go through 2 or 3 review phases before final approval.
In the case of ISO 27001 we will also work with your IT department and all appropriate groups to conduct a risk assessment, evaluate options for treatment and select the ISO 27001 controls necessary to meet ISO 27001 requirements. We will fully assist you in preparing the Statement of Applicability (SOA) and creating the required ISO 27001 and company procedures. All information is posted on your Web QMS.
Once the Web QMS is populated and all necessary ISO 9001 or ISO 27001 documentation requirements have been put in place, we begin the training process. Our approach allows for maximum training of your own Web QMS, where the ISO 9001 or ISO 27001 requirements have already been translated into facts and are more tangible and applicable to your own employees and company processes.