A structured approach to integrating audits to create organisational efficiencies: ISO 9001 and ISO 27001 audits

Although some articles have been written about integrated audits, they do not examine combining audits for ISO 9001 (quality management systems) and ISO 27001 (information security management systems). This topic is relevant across a wide spectrum of the Quality Management and research community, not to mention external auditors and staff with operations and information technology responsibilities. Furthermore, it provides insights into the new version of PAS 99 (specification for integrated management systems (IMS)). Quality Management practitioners may not be fully aware of the affordances of an IMS and combining internal audits. However, integrated audits make it possible to achieve efficiencies in the audit process whilst maintaining the benefits gained from audits such as process improvements. Clusters of research propositions were derived from a literature review comprising academic and professional sources and tested within a commercial organisation. The sample comprised internal auditors, auditees and external auditors. The findings and conclusions point to a reduction in audit effort, the number of audits and the audit resource required. A framework for establishing integrated audits is formulated.

[1]  日本規格協会 環境マネジメントシステム : 要求事項及び利用の手引 = Environmental management systems : requirements with guidance for use , 2002 .

[2]  S. Zeng,et al.  An empirical examination of benefits from implementing integrated management systems (IMS) , 2011 .

[3]  B. Tomic,et al.  An empirical examination of the impact of quality tools application on business performance: Evidence from Serbia , 2013 .

[4]  C. Searcy,et al.  Integrating Sustainable Development into Existing Management Systems , 2007 .

[5]  Frank M. Gryna,et al.  Juran's Quality Planning and Analysis for Enterprise Quality , 2005 .

[6]  Karel Skokan Technological and Economic Development of Economy , 2011 .

[7]  Gilberto Santos,et al.  Conception of a flexible integrator and lean model for integrated management systems , 2014 .

[8]  Jennifer L. Kraus,et al.  Auditing integrated management systems: Considerations and practice tips , 2008 .

[9]  P. López-Fresno,et al.  Implementation of an integrated management system in an airline: a case study , 2010 .

[10]  Harm-Jan Steenhuis,et al.  Process embedded design of integrated management systems , 2008 .

[11]  Mark Pagell,et al.  An examination of strategies employed for the integration of management systems , 2009 .

[12]  Marie Dolores Integrated management systems , 2016 .

[13]  Martí Casadesús,et al.  How integrated are environmental, quality and other standardized management systems? An empirical study ☆ , 2009 .

[14]  Shalini Singh An integrative approach to management systems and business excellence , 2011 .

[15]  Martí Casadesús,et al.  Synergies in standardized management systems: some empirical evidence , 2011 .

[16]  Anne Marsden,et al.  International Organization for Standardization , 2014 .

[17]  Martí Casadesús,et al.  Is implementing multiple management system standards a hindrance to innovation? , 2012 .

[18]  Adolfas Kaziliūnas Problems of auditing using quality management systems for sustainable development of organizations , 2008 .

[19]  Tine Herreborg Jørgensen,et al.  Integrated management systems , 2004 .

[20]  Stefano Biazzo,et al.  From ISO quality standards to an integrated management system: an implementation process in SME , 2013 .

[21]  Metin Celik Establishing an Integrated Process Management System (IPMS) in ship management companies , 2009, Expert Syst. Appl..

[22]  Ibrahim A. Al-Darrab,et al.  Status of implementation of safety, quality and environmental management systems in Saudi Arabian industries , 2013 .

[23]  Nahla Ben Amor,et al.  A New Process-Based Approach for Implementing an Integrated Management System: Quality, Security, Environment , 2009 .

[24]  Martí Casadesús,et al.  Implementing integrated management systems in chemical firms , 2013 .

[25]  Martí Casadesús,et al.  EMPIRICAL ANALYSIS OF INTEGRATION WITHIN THE STANDARDS-BASED INTEGRATED MANAGEMENT SYSTEMS , 2010 .

[26]  Martí Casadesús,et al.  An empirical study on the integration of management system audits , 2010 .

[27]  Philipp Klempt,et al.  Security excellence from a total quality management approach , 2011 .

[28]  Dwen-Ren Tsai,et al.  Integrated installing ISO 9000 and ISO 27000 management systems on an organization , 2009, 43rd Annual 2009 International Carnahan Conference on Security Technology.

[29]  Alan Griffith,et al.  Better environmental performance : a framework for integrated management systems (IMS) , 2009 .

[30]  Rebecca J. Whitener The integrated auditor , 1992 .