Corrective action plan for audit observation for clause 8.1 of ISO 22301
Good Morning
There is a External Audit observation (Minor Non conformance) for clause 8.1 of ISO22301 with following statement:
There was no objective evidence of process plans identifying the process criteria and the controls implemented in accordance with the criteria.
What is a corrective action plan for this audit observation. How to close this minor non conformity (Any new document/procedure required) ??? Your prompt guidance/help on this matter is appreciated
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
It is not clear to which processes this nonconformity refers to - if this refers to e.g. business impact analysis, then you need to have a methodology document for performing business impact analysis; if this is about risk assessment, then you need to have a risk assessment methodology, etc.
Here you can see the templates for the mentioned documents:
- Business impact analysis methodology https://advisera.com/27001academy/documentation/business-impact-analysis-methodology/
- Risk assessment methodology https://advisera.com/27001academy/documentation/Risk-Assessment-and-Risk-Treatment-Methodology/
You can get all the required documents for ISO 22301 implementation in this ISO 22301 Documentation Toolkit: https://advisera.com/27001academy/iso22301-documentation-toolkit/
Comment as guest or Sign in
Dec 28, 2020