ISO 9001, Risk Based Thinking, and Cybersecurity: A Case Study

ISO 9001, Risk Based Thinking, and Cybersecurity:  A Case Study

This case study relates to two companies after an acquisition. The first company, Aardvark, acquired Cheap and Easy Supply (CES). These two companies formed a new company called ACES. After the acquisition, they wanted to standardize their processes across both of the previous companies sites. Standardization proved to be more difficult than first anticipated.

Before the acquisition, CES had a home-grown system called E-Plan to manage the factory. It was perfectly suited for everything CES needed it for but it would be tough for it to handle Aardvark’s processes.  Further complicating things, only two people knew the inner workings of  E-Plan, as the developer of E-Plan had retired. While E-Plan had worked fine for CES, this information made it seem that using E-Plan for ACES may not be the best choice.

Read More