Expert Advice Community

Guest

Audit findings

  Quote
Guest
Guest user Created:   Nov 23, 2021 Last commented:   Nov 23, 2021

Audit findings

Hi Dejan , what is your view if an auditor gives me findings for not securely control employee's records. However, my ISMS scope does not cover employees record to be protected. ISMS scope is to protect information gather/process in procurement system. Appreciate if you could give your professional view.
0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

Expert
Rhand Leal Nov 23, 2021

Without specific information about the findings’ statements and the context of your organization, it is not possible to provide a more proper answer.

Even though your ISMS scope is focused on procurement system, you will still need to have employee records related to e.g. training (these are mandatory ISMS records), and you will need to protect those records as well.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 23, 2021

Nov 23, 2021

Suggested Topics

Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

2005 revision deadline

Guest user Created:   Feb 03, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISMS audit fidings