A structured approach to integrating audits to create organisational efficiencies: ISO 9001 and ISO 27001 audits

Zoe Hoy, Andrea Foley

Research output: Contribution to journalArticlepeer-review

914 Downloads (Pure)

Abstract

Although some articles have been written about integrated audits, they do not examine combining audits for ISO 9001 (quality management systems) and ISO 27001 (information security management systems). This topic is relevant across a wide spectrum of the Quality Management and research community, not to mention external auditors and staff with operations and information technology responsibilities. Furthermore, it provides insights into the new version of PAS 99 (specification for integrated management systems (IMS)). Quality Management practitioners may not be fully aware of the affordances of an IMS and combining internal audits. However, integrated audits make it possible to achieve efficiencies in the audit process whilst maintaining the benefits gained from audits such as process improvements. Clusters of research propositions were derived from a literature review comprising academic and professional sources and tested within a commercial organisation. The sample comprised internal auditors, auditees and external auditors. The findings and conclusions point to a reduction in audit effort, the number of audits and the audit resource required. A framework for establishing integrated audits is formulated.
Original languageEnglish
Pages (from-to)690-702
Number of pages13
JournalTotal Quality Management and Business Excellence
Volume26
Issue number5-6
Early online date14 Jan 2014
DOIs
Publication statusPublished - 1 May 2015

Keywords

  • auditing
  • integrated audits
  • integrated management systems
  • internal audits
  • ISO 9001
  • ISO 27001
  • management standards
  • PAS 99

Fingerprint

Dive into the research topics of 'A structured approach to integrating audits to create organisational efficiencies: ISO 9001 and ISO 27001 audits'. Together they form a unique fingerprint.

Cite this