AvISO originally worked with Bromcom in 2019 to assist with the implementation of ISO 27001, once this system was fully integrated, we then worked with Bromcom again in 2020 to implement ISO 9001 and create a fully Integrated Management System across the two standards. When we work on multi-standard projects, we use various consultants who specialise in each Standard, in this project we used one consultant to implement ISO 9001 and another who oversaw the integration of ISO 27001.
“Bromcom already had an information security management system (ISO 27001), so the structure was there. It was an interesting job as most of the work starts with the ISO 9001, then other standards follow. Bromcom fully understood how the implementation process and AvISO work, having previously worked with us and having our platforms already in place. This made the project flow according to the plan and led to a smooth implementation. AvISO was able to coach and mentor the Quality Manager at Bromcom making sure they fully understood how the ISO 9001:2015 standard works and how it can benefit their business. I was extremely happy with the result of the Stage 2 audit as they deserved it after all the hard work that had been put in!”
“The key to the success of this project was the ability to collaborate with Bromcom using the AvISO Integrated Management System (IMS) Toolbox on Microsoft Teams. This provided everyone with a clear project plan and performance dashboard.
The main challenge was to produce a set of internal policies and procedures that clearly documented how Bromcom complied to the applicable ISO 27001 clauses. The IMS Toolbox enabled us to edit documents all at the same time and leave comments for other members of the team. The ability to look up related list information such as interested parties, controls and legal registers with the risk register also reduced duplication of effort.”
Technology such as Teams and SharePoint can really help reduce the work required to achieve certification.