LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Corrective action process

  Quote
Guest
Guest user Created:   Mar 23, 2017 Last commented:   Mar 23, 2017

Corrective action process

Am looking at the corrective action process.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 23, 2017

1 - Is it an expectation that anyone within the organisation can complete a corrective action form? Or should it be directed through a central location e.g. the service desk for them to complete?

Answer: the standard only requires that corrective actions are performed when needed after a nonconformity is encountered. How to handle a corrective action is an organization decision, and both approaches you mentioned are valid ones. You only have to ensure that people who handle a corrective action are properly trained in doing so and that results of any corrective action are retained as documented information .

2 - Would it be appropriate to post the form on our intranet and direct all our people to it for them to complete and then submit the form?

Answer: In terms of the standard this point is indifferent (this is another "how" situation, and the standard only defined "what" must be done), but for an organization's operational purposes this is a good idea, because it makes easier to find the form.

3 - Presumably this is to evidence continual improvement?

Answer: Yes. Together with evidences of implemented opportunities for improvement, documented information about corrective actions are evidences that the management system is being improved over the time.

This article will provide you further explanation about Corrective action process:
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/

These materials will also help you regarding Corrective action process:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free Tutorial: How to Write ISO 27001 Procedure for Corrective Action https://advisera.com/27001academy/tutorial/free-tutorial-how-to-write-iso-27001-procedure-for-corrective-action/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 23, 2017

Mar 23, 2017