NQA ANNEX SL COMPARISON TOOL

ISO 9001 ISO 14001 ISO 45001 ISO 50001 ISO 27001 ISO 20000-1 ISO 22301 ISO 55001
4 CONTEXT OF THE ORGANISATION
Understanding the organization Understanding the organization Understanding the organization Understanding the organization Understanding the organization Understanding the organization Understanding the organization Understanding the organization
4.1
and its context and its context and its context and its context and its context and its context and its context and its context
Understanding the needs and Understanding the needs and Understanding the needs and Understanding the needs and Understanding the needs and Understanding the needs and Understanding the needs and
Understanding the needs and
4.2 expectations of interested expectations of interested expectations of workers and expectations of interested expectations of interested expectations of interested expectations of interested
expectations of stakeholders
parties parties interested parties parties parties parties parties
4.2.1 General
Legal and regulatory
4.2.2
requirements
Determining the scope of the Determining the scope of Determining the scope of
Determining the scope of the Determining the scope of the Determining the scope of the Determining the scope of the Determining the scope of the
4.3 environmental management the information security the business continuity
quality management system OH&S management system energy management system service management system asset management system
system management system management system
4.3.1 General
Scope of the business
4.3.2
continuity management system
Quality management system Environmental management Information security Business continuity
4.4 OH&S management system Energy management system Service management system Asset management system
and its processes system management system management system
5 LEADERSHIP
5.1 Leadership and commitment Leadership and commitment Leadership and commitment Leadership and commitment Leadership and commitment Leadership and commitment Leadership and commitment Leadership and commitment
5.1.1 General
5.1.2 Customer Focus
5.2 Policy Environmental policy OH&S policy Energy policy Policy Policy Policy Policy
Establishing the service Establishing the business
5.2.1 Establishing the quality policy
management policy continuity policy
Communicating the quality Communicating the service Communicating the business
5.2.2
policy management policy continuity policy
Organisational roles, Organisational roles, Organisational roles, Organisational roles, Organisational roles, Organisational roles, Roles, responsibilities and Organisational roles,
5.3
responsibilities and authorities responsibilities and authorities responsibilities and authorities responsibilities and authorities responsibilities and authorities responsibilities and authorities authorities responsibilities and authorities
Consultation and participation
5.4
of workers
6 PLANNING
Actions to address risks and
Actions to address risks and Actions to address risks and Actions to address risks and Actions to address risks and Actions to address risks and Actions to address risks and Actions to address risks and
6.1 opportunities for the asset
opportunities opportunities opportunities opportunities opportunities opportunities opportunities
management system
Determining risks and
6.1.1 General General General
opportunities
Hazard identification and
Information security risk Addressing risks and
6.1.2 Environmental aspects assessment of risks and
assesment opportunities
opportunities
Determination of legal
Information security risk
6.1.3 Compliance obligations requirements and other
treatment
requirements
6.1.4 Planning action Planning action
Service management
Quality objectives and how to Environmental objectives and OH&S objectives and planning Objectives, energy targets and Information security objectives Business continuity objectives Asset management objectives
6.2 objectives and planning to
achieve them planning to achieve them to achieve them planning to achieve them and planning to achieve them and planning to achieve them and planning to achieve them
achieve them
Establishing the business
6.2.1 Environmental objectives OH&S objectives Establish objectives
continuity objectives
Planning actions to achieve Planning to achieve OH&S Determining business
6.2.2 Plan to achieve objectives
environmental objectives objectives continuity objectives
Plan the service management
6.3 Planning of changes Energy review
system
6.4 Energy performance indicators
6.5 Energy baseline
Planning for collection of
6.6
energy data
7 SUPPORT
7.1 Resources Resources Resources Resources Resources Resources Resources Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
Environment for the operation
7.1.4
of processes
Monitoring and measuring
7.1.5
resources
7.1.5.1 General
7.1.5.2 Measurement traceability
7.1.6 Organisational knowledge
7.2 Competence Competence Competence Competence Competence Competence Competence Competence
7.3 Awareness Awareness Awareness Awareness Awareness Awareness Awareness Awareness
7.4 Communication Communication Communication Communication Communication Communication Communication Communication
7.4.1 General General
7.4.2 Internal communication Internal communication
7.4.3 External communication External communication
7.5 Documented information Documented information Documented information Documented information Documented information Documented information Documented information Information requirements
7.5.1 General General General General General General
Creating and updating
7.5.2 Creating and updating Creating and updating Creating and updating Creating and updating Creating and updating
documented information
Control of documented Control of documented Control of documented Control of documented Control of documented Control of documented
7.5.3
information information information information information information
Service management system
7.5.4
documented information
7.6 Documented Information
8 OPERATION
Operational planning Operational planning Operational planning Operational planning Operational planning Operational planning Operational planning Operational planning
8.1
and control and control and control and control and control and control and control and control
8.1.1 General
Eliminating hazards and
8.1.2
reducing OH&S risks
8.1.3 Management of change
8.1.4 Procurement
Requirements for products and Emergency preparedness and Emergency preparedness and Information security risk Business impact analysis and
8.2 Design Service portfolio Management of change
services response response assessment risk assessment
8.2.1 Customer communication Service delivery General
Determining the requirements
8.2.2 Plan the services Business impact analysis
for products and services
Review of the requirements for Control of parties involved in
8.2.3 Risk assessment
products and services the service lifecycle
Changes to requirements for Service catalogue
8.2.4
products and services management
8.2.5 Asset management
8.2.6 Configuration management
Design and development of Information security risk Business continuity strategies
8.3 Procurement Relationship and agreement Outsourcing
products and services treatment and solutions
8.3.1 General General General
Design and development Business relationship Identification of strategies and
8.3.2
planning management solutions
Design and development Selection of strategies and
8.3.3 Service level management
inputs solutions
Design and development
8.3.4 Supplier management Resource requirements
controls
Design and development
8.3.5 Implementation of solutions
outputs
Design and development
8.3.6
changes
Control of externally provided
Business continuity plans and
8.4 processes, products and Supply and demand
procedures
services
Budgeting and accounting for
8.4.1 General General
services
8.4.2 Type and extent of control Demand management Response structure
Information for external
8.4.3 Capacity management Warning and communication
providers
8.4.4 Business continuity plans
8.4.5 Recovery
Production and service Service design, build and
8.5 Exercise programme
provision transition
Control of production and
8.5.1 Change management
service provision
8.5.2 Identification and traceabaility Service design and transition
Property belonging to Release and deployment
8.5.3
customers or external providers management
8.5.4 Preservation
8.5.5 Post-delivery activities
8.5.6 Control of changes
Evaluation of business
Release of products and
8.6 Resolution and fulfillment continuity documentation and
services
capabilities
8.6.1 Incident management
8.6.2 Service request management
8.6.3 Problem management
Control of non-conforming
8.7 Service assurance
outputs
Service availability
8.7.1
management
8.7.2 Service continuity management
Information security
8.7.3
management
9 PERFORMANCE EVALUATION
Monitoring, measurement,
Monitoring, measurement,
Monitoring, measurement, Monitoring, measurement, analysis and evaluation of Monitoring, measurement, Monitoring, measurement, Monitoring, measurement, Monitoring, measurement,
9.1 analysis and performance
analysis and evaluation analysis and evaluation energy performance and the analysis and evaluation analysis and evaluation analysis and evaluation analysis and evaluation
evaluation
EnMS
9.1.1 General General General General
Evaluation of compliance with
9.1.2 Customer satisfaction Evaluation of compliance Evaluation of compliance legal requirements and other
requirements
9.1.3 Analysis and evaluation
9.2 Internal audit Internal audit Internal audit Internal audit Internal audit Internal audit Internal audit Internal audit
9.2.1 General General General
9.2.2 Internal audit programme Internal audit programme Audit programme(s)
9.3 Management review Management review Management review Management review Management review Management review Management review Management review
9.3.1 General General
9.3.2 Management review inputs Management review inputs
9.3.3 Management review outputs Management review outputs
9.4 Service reporting
10 IMPROVEMENT
Nonconformity and corrective Nonconformity and corrective Nonconformity and corrective Nonconformity and corrective Nonconformity and corrective
10.1 General General General
action action action action action
Nonconformity and corrective Nonconformity and corrective Incident, nonconformity and
10.2 Continual improvement Continual improvement Continual improvement Continual improvement Continual improvement
action action corrective action
10.3 Continual improvement Continual improvement Continual improvement

NQA, Warwick House, Houghton Hall Park, Houghton Regis, Dunstable, Bedfordshire LU5 5ZX, United Kingdom T: 0800 052 2424 E: info@nqa.com @nqaglobal www.nqa.com