Take the ISO 27001 course exam and get the
EU GDPR course exam for free
LIMITED-TIME OFFER – ENDS SEPTEMBER 29, 2022

Expert Advice Community

Guest

NonConformities and Potential Imrovements

  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

NonConformities and Potential Imrovements

Hello, We are now in the course of updating our ISMS documents to comply with the new version of ISO 27001:2013, and I need a help regarding the corrective action procedure: In our current procedure, we are managing both non conformities and potential improvements, and according to the new version, the potential non confromity and preventive action are no more required, so how can we manage the potential improvements raised by employees or raised during the internal audit for example?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
DejanK Jan 12, 2016
The 2013 revision of ISO 27001 does not restrict you from using potential improvements in your procedures - therefore, if this system works fine in your company, you should leave it as it is.
Quote
0 0
Guest
Guest post Jan 12, 2016
CAn I keep the procedure as it is "ISMS Corrective and preventive action procedure", whch handle both corrective and preventive actions, even if it's no more required by the standard?
Quote
0 0
Guest
AntonioS Jan 12, 2016
Yes, you can do it! Although as you know, preventive actions are not mandatory in the new version (ISO 27001:2013)
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics