This logic, which was explained using a quality management system as an example, can be applied to virtually all other management systems, regardless of whether they are sustainability management, energy management, risk management, or information security management. At its core, it is always about the same thing: Plan activities, execute, review metrics, and systematically improve.
You could put it another way: Once you have understood the core of a management system, you have understood 70 to 80 percent of all management systems. At ISO, this is called “High-Level Structure”.
In order to make management systems more accessible, especially for small and medium-sized companies, the organization has agreed to give its management systems basically the same structure. This makes it much easier for a company that has introduced a quality management system in accordance with ISO 9001:2015, for example, to introduce another one on the subject of sustainability, energy management, or information security.
To ensure that these management systems do not coexist, there is the concept of an integrated management system.