Unlock the potential of ISO 27001 and SCS 9001

by Chad Kymal,Mike Regan published on October 04, 2024

Watch the webinar recording to compare the ISO 27001 and SCS 9001 cybersecurity standards. Discover how SCS 9001 can enhance your organization and its supply chain, and learn about the streamlined process for getting certified in both standards with a single audit. Uncover the efficiencies and benefits of implementing ISO 27001 and SCS 9001 simultaneously.

ISO/IEC 27001 is a globally recognized Information Security Management System (ISMS) standard, often hailed as the gold standard in cybersecurity, applicable across industries for comprehensive cybersecurity and privacy protection.

Tailored specifically for the Information and Communications Technology (ICT) industry, SCS 9001 is the first standard offering a thorough, measurable, and certifiable framework for supply chain security. It drives continuous improvement, providing value to network operators, developers, and product manufacturers. SCS 9001 integrates content from ISO 27001, CMMC, NIST, and other leading cybersecurity frameworks.

As highlighted in the webinar, by adopting SCS 9001, you inherently implement ISO 27001. While SCS 9001 encompasses nearly all ISO 27001 controls, it extends beyond with elements like Zero Trust Architecture, Counterfeit Parts Mitigation Policy, threat and risk analysis, and secure development practices.

Speaker

Mike Regan

Mike Regan leads the activities of the Telecommunication Industry Association’s (TIA) QuEST Forum with a focus on business performance improvement standards and associated activities. Prior to joining TIA, Mike completed a successful 30+ year career as a senior engineering leader. He has led large development organizations delivering complex communications and networking products deployed in the business-critical production networks of premier public service providers, global cloud platforms, large enterprises and customer engagement centers. His diverse experience spans from being a founding team and early-stage member of multiple VC-backed start-up companies up to billion-dollar enterprises. His responsibilities have included all aspects of product development: strategy and roadmap, technology assessment, architecture, development, maintenance, quality assurance, test automation, DevSecOps, systems integration, compliance, security, project management, product management, tooling, operations, technical publications, and vendor / partner management. Mike leverages his personal experiences in progressing the initiatives of the TIA QuEST Forum by working with industry participants, network operators and government agencies in the development and adoption of new standards for the Information and Communications Technology industry with a focus on product quality, software development, cyber-security and supply chain security. Mike holds a B.S.E.E. from Northeastern University, Boston.

Chad Kymal

Chad Kymal is the CTO and Founder of Omnex Inc. He is the author of seven books and more than 100 papers including several on integrated management systems. Chad is currently on the writing committees for several standards including TC 22/ SC 32/WG 8 for ISO 26262 (Functional Safety), ISO/TC 176 for ISO 9001:2015 (Quality Management), ISO/TC 207 for ISO 14001:2015 (Environmental Management), and PC283 for ISO 45001 (Health and Safety Management Systems). He founded and was the CEO of an Automotive registrar for over 10 years and is familiar with conducting audits, being witnessed for audits, and also evaluating auditors and assessors. He authored and teaches a course for 3rd Party Auditors for Automotive Registrars on behalf of International Automotive Certification Bodies Association (IACBA). This course explains how 3rd Party Auditors audit IATF 16949 in an environment that includes ASPICE, Functional Safety and Product Cybersecurity. He is currently rolling out the course to global 3rd Party Auditors for IATF 16949. Chad has spent over 20 years in system, hardware and software development in various capacities. He assesses and works in automotive system, hardware and software for Agile, ASPICE, and Functional Safety ISO 26262. Chad is also currently an intacsTM certified Principal Assessor for Automotive SPICE.