SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Audit findings

Guest

Audit findings

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Nov 23, 2021 Last commented:   Nov 23, 2021

Audit findings

ISO 27001 & 22301
Hi Dejan , what is your view if an auditor gives me findings for not securely control employee's records. However, my ISMS scope does not cover employees record to be protected. ISMS scope is to protect information gather/process in procurement system. Appreciate if you could give your professional view.
0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.
Expert
Rhand Leal Nov 23, 2021

Without specific information about the findings’ statements and the context of your organization, it is not possible to provide a more proper answer.

Even though your ISMS scope is focused on procurement system, you will still need to have employee records related to e.g. training (these are mandatory ISMS records), and you will need to protect those records as well.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 23, 2021

Nov 23, 2021

Suggested Topics
Guest user Created:   Jun 09, 2020 ISO 27001 & 22301
Replies: 1
0 0

Recording ISMS Internal Audit Findings
Guest user Created:   Oct 10, 2023 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Auditor Course Question
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

2005 revision deadline