Bear in mind that it is not a "standard" and you can't be "certified" against it - you will need to refer to every standard you wish to comply with. I would not worry too much if you can't get hold of a copy. For example, it persists with the suggestion that "preventive action" is a single process (as questioned at length elsewhere in the Cove):
"... preventive... action: a process shall be established to define requirements for:
a) reviewing ... potential nonconformities...;
b) determining the causes of ... potential nonconformities;
c) evaluating the need for action to ensure that nonconformities do not occur;".
If you have ISO9001, I would use that as a basic guide, with a bit of risk management thrown in - or better still, define how you run the business first, and then refer to external compliance requirements...