Expert Advice Community

Guest

Corrective actions

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Corrective actions

 
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

Question 1:

Conducting individual internal audits

The following must be documented as internal audit results:

• Internal Audit Report – it must be sent to [job title]

• possible corrective actions must be documented in the Corrective Action Form, as required by the Procedure for Corrective Action

I think, main responsibilities of auditor is  looking for nonconformities, no propose corrective action, it is  responsibilities of audited

Question 2:

When evaluating the effectiveness and adequacy of this document, the following criteria need to be considered:

• number of corrective actions identified during the audit

• number of corrective actions identified during the certification audit conducted after the internal audit

My opinion, number of corrective actions is function of professional maturity audited peoples,not process efficiency

 

Answer 1:

Corrective actions can be identified by the organization but also by an external auditor in an internal audit, it is very common (most of reports of the auditors include corrective actions) and there is no clause in the ISO 27001 prohibiting an auditor to identify and propose corrective actions.

Answer 2:

I agree with you, but the number of corrective actions is related to the document, not to the process of Internal Audit.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Lajvar Created:   Jun 14, 2021 ISO 27001 & 22301
Replies: 1
0 0

Corrective Actions Procedure

Guest user Created:   Apr 24, 2020 ISO 27001 & 22301
Replies: 1
0 0

Corrective actions