Asset to Vulnerability Error
Assign topic to the user
Please note that the Person Responsible for treating a Nonconformity is defined on a case-by-case basis in the Nonconformity register, because for each nonconformity you may have different persons with interest/skill/ authority to solve it. In the Nonconformity register you will be able to add a person responsible for a particular nonconformity.
In the Procedure for Nonconformities and Corrective Actions, you only define in a generic way that a person needs to be in charge of the nonconformity, so the specific person is defined in each nonconformity.
For further information, see:
- Case study: How to solve nonconformities using online ISO 27001 compliance software https://advisera.com/conformio/blog/2020/08/12/case-study-how-to-solve-nonconformities-using-online-iso-27001-compliance-software/
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
Comment as guest or Sign in
Nov 21, 2021