Corrective actions and nonconformities
Assign topic to the user
Nonconformities found in the internal audit only will become a problem in the external audit if they are not solved as planned (i.e., actions related to them are not performed or are delayed without proper justification), or if there is a recurrence of the same nonconformity (this may mean that the root causes were not eliminated). In case they are solved as planned and there are no recurrences they will not mean a problem in the external audit.
Please note that ISO 27001 does not require non-conformities in internal audits to be classified. Normally non-conformities are classified during surveillance/certification audits.
For further information, see:
- Major vs. minor nonconformities in the certification audit https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/
Comment as guest or Sign in
Jul 11, 2022