Annex L – Good for ISO standards and for management system design

Annex L (originally SL) is the common backbone to ISO management system standards. It aspires to make implementing and maintaining multiple certifications easier through shared applicability. For example, if you have Management Review procedures in place for ISO 9001, then adding on review for ISO 27001 or 22301 is simplified as the mechanics already exist. …

Be confident about ISO standard requirements

Perusing LinkedIn groups, it strikes me that people overthink ISO requirements. As a result, they lack confidence in their own management system. Project this to an auditor at your peril. As an example, I’ve just contributed to a conversation where the poster was unsure about an ISO 27001 Annex A control. The regulation of cryptographic …

Compliance matrix for ISO standards

Standards are lengthy. A lot to remember. Maintaining a matrix of the standard and how your management system complies is a simple way to capture, check, recall and, when required, convey this detail. Matrices needn’t be complex. Four columns are enough, spanning the Clause, Intent, How and Notes. In my Confluence solutions, there’s the added …