Lajvar Created: Jul 08, 2022 Last commented: Jul 11, 2022

Corrective actions and nonconformities

How could the nonconformities found in the internal audit exposed in the corrective actions affect the external audit? What happens is that in the organization where I am, they are afraid that we will find majors or minors nonconformities, because they think that the external audit will be based on these results so they prefer just use nonconformities in general and do not use major or minor non conformities in the form.

Tags: corrective action

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jul 11, 2022

Nonconformities found in the internal audit only will become a problem in the external audit if they are not solved as planned (i.e., actions related to them are not performed or are delayed without proper justification), or if there is a recurrence of the same nonconformity (this may mean that the root causes were not eliminated). In case they are solved as planned and there are no recurrences they will not mean a problem in the external audit.

Please note that ISO 27001 does not require non-conformities in internal audits to be classified. Normally non-conformities are classified during surveillance/certification audits.

For further information, see:

Major vs. minor nonconformities in the certification audit https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jul 07, 2022

Jul 11, 2022

Expert Advice Community