Our company (let's say Company X) is part of a Group (Let's say Group G). Our IT department is taken from the organisation structure of our company and added to organisation structure of Group G. Upto now, IT was managing the Information Systems, Network etc just for our company. However, they will be giving service to all the other companies under Group G, including us. There are some issues I am not sure how to handle, any help/suggestion would be greatly appreciated.
- Does IT Department become a supplier for us considering ISO9001?
- Are we to add IT process to our exclusion clause?
- Considering information management and the security, are we to reference these processes as outsourced processes?