CroftSpurr Management Solutions

Supporting standards

Beyond the core four.

The standards and guidance below regularly appear in our engagements. Not all of them are independently certifiable — and that distinction matters.

Management system standards

Certifiable systems.

  • ISO/IEC 27701Privacy information management — extension to ISO/IEC 27001.
  • ISO/IEC 20000-1IT service management.

Supporting guidance & frameworks

Useful — but not certifiable on their own.

  • ISO 31000Enterprise risk management — guidance, not certifiable.
  • ISO/IEC 23894 - Artificial Intelligence — Guidance on Risk ManagementAI risk management — guidance.
  • ISO/IEC 42005AI system impact assessment — guidance.
  • ISO/IEC 38507Governance implications of AI — guidance.
  • ISO 9004Sustained organisational success — guidance.
  • ISO 19011Guidelines for auditing management systems.

CroftSpurr will confirm the appropriate combination of standards and guidance after understanding the organisation’s objectives.

Not sure which combination suits you?

A short conversation usually answers it.

Book a Strategic ConsultationTell us what you’re working towards
Talk to CroftSpurr