Handling non-conformities
Assign topic to the user
Answer: According to ISO 27001, clause 10.1 b) 2), causes of nonconformities shall be determined in order to evaluate the need to take action to eliminate them and prevent nonconformities recurrence, or occurrence elsewhere. Considering that, since the outsourced services are affecting your ISMS, a root cause analysis must be performed.
This article will provide you further explanation about handling nonconformities:
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
These materials will also help you regarding handling nonconformities:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
Comment as guest or Sign in
Mar 13, 2018