Skip to content

A structured approach to integrating audits to create organisational efficiencies: ISO 9001 and ISO 27001 audits

Research output: Contribution to journalArticlepeer-review

Although some articles have been written about integrated audits, they do not examine combining audits for ISO 9001 (quality management systems) and ISO 27001 (information security management systems). This topic is relevant across a wide spectrum of the Quality Management and research community, not to mention external auditors and staff with operations and information technology responsibilities. Furthermore, it provides insights into the new version of PAS 99 (specification for integrated management systems (IMS)). Quality Management practitioners may not be fully aware of the affordances of an IMS and combining internal audits. However, integrated audits make it possible to achieve efficiencies in the audit process whilst maintaining the benefits gained from audits such as process improvements. Clusters of research propositions were derived from a literature review comprising academic and professional sources and tested within a commercial organisation. The sample comprised internal auditors, auditees and external auditors. The findings and conclusions point to a reduction in audit effort, the number of audits and the audit resource required. A framework for establishing integrated audits is formulated.
Original languageEnglish
Pages (from-to)690-702
Number of pages13
JournalTotal Quality Management and Business Excellence
Volume26
Issue number5-6
Early online date14 Jan 2014
DOIs
Publication statusPublished - 1 May 2015

Documents

Related information

Relations Get citation (various referencing formats)

ID: 627888