There's a big misunderstanding among some auditors, compliance managers, and those who implement management systems. They often don't grasp the full concept of ISO management system standards. They tend to focus on or audit only a part of the system, usually an area they're familiar with due to their training and past work.
In a recent discussion on an auditor forum, I noticed that some auditors simply don't see the entire system. That's why they don't audit it as a whole.
It's important for your company to be certified against ISO management system standards like ISO 9001 (for quality management), ISO 14001, ISO 45001, and ISO 27001. This ensures your company's management system is working well, mature, or at least improving.
If there are gaps or weaknesses in your company's management processes, a mature management system has ways to identify these issues. As an ISO auditor, it's crucial to see the entire system. This helps assure the company that the system can correct itself, stay stable, and continue developing.