Elsmar Cove Quality DiscussionsCombining (aka "Bridging") ISO 9001:2008 and ISO 20000The Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
UL - Underwriters Laboratories - Health Sciences
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Combining (aka "Bridging") ISO 9001:2008 and ISO 20000
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links

Courtesy Quick Links

Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services

International Quality Services

Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum

Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining

Ajit Basrur
Claritas Consulting, LLC

International Standards Bodies - World Wide Standards Bodies

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology

Some Related Topic Tags
information technology (it), iso 20000 - it service management, iso 9001 - quality management systems, multiple standards in a company
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #1  
Old 18th April 2012, 09:35 AM

Total Posts: 22
Please Help! Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

Can anyone please help me? Over two years ago I implemented a system at work that led us to be certified to ISO 9001:2008. We have now merged with another company who are very heavily interwined with ITIL. I want to ensure that the work we have put in is not lost in the ITIL world. I am desperate to understand the bridging standard of ISO 20000 between these two differing worlds. Does anyone have an overview of this that you could provide me with so that I can approach my boss with what we have to what we would need. I am aware that there are 16 processes in this Standard that are linked to ITIL but that is the totality of my knowledge.

Any help would be much appreciated.


Sponsored Links
  Post Number #2  
Old 19th April 2012, 03:42 AM
Stijloor's Avatar

Total Posts: 15,244
Re: Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

A Quick Bump!

Can someone help Sue with this?

Thank you very much!!

  Post Number #3  
Old 9th May 2012, 06:04 AM

Total Posts: 82
Re: Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

Interesting question. I work in an IT services company that has done some implementation of ITIL processes, is certified to 9001, and considered 20000 certification so I can offer some thoughts.

In a sense 20000 is the IT service management oriented and detailed version of more general quality management standard and 9001 QMS system, and in another sense it is ITIL processes condensed into a management system, as you've stated. In other different senses it is not those things. You will probably want to review what 20000 and ITIL are before you decide to head towards an implementation. Obviously you would need to be working in an IT service management company to even consider that (although 20k moved away from "IT" towards general "SM" in wording, but that's still what it is).

If the company you have merged with ohas nly implemented a limited number of ITIL processes (eg. incident, problem, change management) then piling on the rest in a hurry is probably not going to work, regardless of why you try to. If there isn't a very clear and convincing business case for ITSM certification then no matter what processes are implemented it may not make sense. Aside from explicit customer demands and marketing edge system certification could assure through third party review that the individual processes function as a somewhat integrated system employing some degree of services provision best practices, of course, but that is the theory and the actual practice could differ.

The normal training starting point for ITIL, as you are no doubt aware, is taking an ITIL Foundation class. Even aside from doing that you could do an internet search and turn up materials that cover the same scope, perhaps just not as well tailored for passing the current version training course test. On-line research of ITSM and ITIL processes is a bit thinner than it would seem it should be. Most of what looks like a substantial resource is either an attempt that was dropped at some point or marketing for related services. General background texts that would get you through the introduction are plentiful but when it comes to implementation these would probably seem a bit too general, as almost all courses and references might even until well into the process.

It can get lost in the maze of different information and perspectives but it does make sense to implement some basic parts of a set of different related ITIL processes. "Service management" is the natural starting point in terms of how the theory flows but incident and change management are natural beginnings in terms of what gets implemented, a result of where most of the natural demand is. There is a lot more to that world but much of it depends on what makes sense based on your company's requirements.
Thanks to john.b for your informative Post and/or Attachment!
  Post Number #4  
Old 21st April 2017, 11:27 AM

Total Posts: 11
Re: Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

Kind of related to this, but I could not find my exact question answered elsewhere. We are in the process of working towards ISO 9001 certification. At the same time, our Technology department is working towards ISO 27001. Can I/should I exclude the Technology part from our ISO 9001 scope? That is the only area where the design and development requirement would apply - as all other manufacturing is done based on specifications defined by our customers.

I'd appreciate any guidance recommendations here as I am just trying to keep up with all of the 9001 requirements and now trying to juggle the 27001 info while learning.
  Post Number #5  
Old 21st April 2017, 11:45 AM

Total Posts: 273
Re: Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

In Reply to Parent Post by Jadey52803 View Post

I'd appreciate any guidance recommendations here as I am just trying to keep up with all of the 9001 requirements and now trying to juggle the 27001 info while learning.
I was a 9001 auditor and reviewed 27001, was thinking of going there for a while. I did a combined stage 2 audit combined with a 27001 on one occasion.

The Annex SL makes the process easier. Figure out the things you do (your processes), figure out what requirements (9001, 27001, internal) should be fulfilled by which processes (matrix?) and check to see how compliant you are (internal audit). Document what's not there (non conformance reports), and adjust the processes (corrective action).

There is no magic other than to work with the tools 9001 and 27001 provide, and to make them work in a matter that is right for your organization (0.1 of both standards).
  Post Number #6  
Old 25th April 2017, 01:02 AM

Total Posts: 82
Re: Combining (aka "Bridging") ISO 9001:2008 and ISO 20000

Keep in mind that you have some flexibility, so what people offer as advise would be just that, their opinion. There isn't likely to be right answers out there, maybe just better and worse answers.

You want to start with the reason for implementing these systems, the function you want them to cover. That should provide some input as to what the scope should or shouldn't be.

With more details I could give a more complete answer, but it seems like overlap between the systems is a good thing, not a problem. You can use parts of 27001 that relate to 9001 as coverage for your 9001 system. With them serving different functions, quality versus information security, the overlap will be limited, but all the same I'd expect there to be some. Even if the same types of things are going on but the scope is different using standard procedures, standard document control, an internal audit process, etc. is going to make them work well together rather than to be a problem.

It would seem a shame to implement two different ISO systems covering overlapping scope and not integrate them to some extent, to not do the same things twice. All that aside, it may well make sense to limit scope to put that IT related services range out of scope of the system if it's not something you see as necessary to control in terms of quality.

It sounds like there could be a problem related to interpreting design and development, since you seem to be describing external design, but development would be a different thing. That's not what you asked about though, and again working from information fragments it's hard to extrapolate into details.

27001 isn't as complicated as it seems, although it makes sense to me to see the system in terms of levels, of doing different things at a higher organization level (more related to policy and general process) and then at lower level (more related to specific security controls), with a general process like risk assessment spanning the entire range. Here is a reference designed to work as a content starting point that might work to help explain it:


Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >


Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off

Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
What does "conformance matrix" means in terms of ISO 9001:2008? Lincole ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 23rd August 2014 01:00 AM
"Post-Delivery" & "Warranty" - ISO 9001:2008 Clause 7.2.1 & 7.5.1 leetimothyj ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 24th June 2009 05:18 PM
ISO 9001:2008 - How does an organization demonstrate "sustain success"? vijaysonawane General Auditing Discussions 14 25th January 2009 02:08 AM
ISO 9001:2008 Addressing the "Notes" in my quality Manual silentrunning ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9 28th December 2008 11:55 AM
What differentiates a "bridging transformer" from an ordinary "isolation transformer" Graeme General Measurement Device and Calibration Topics 5 8th February 2005 10:38 PM

The time now is 11:05 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.

Misc. Internal Links

NOTE: This forum uses "Cookies"