Guest
NonConformities and Potential Imrovements
Hello,
We are now in the course of updating our ISMS documents to comply with the new version of ISO 27001:2013, and I need a help regarding the corrective action procedure:
In our current procedure, we are managing both non conformities and potential improvements, and according to the new version, the potential non confromity and preventive action are no more required, so how can we manage the potential improvements raised by employees or raised during the internal audit for example?
Assign topic to the user
The 2013 revision of ISO 27001 does not restrict you from using potential improvements in your procedures - therefore, if this system works fine in your company, you should leave it as it is.
Guest
Guest post
Jan 12, 2016
CAn I keep the procedure as it is "ISMS Corrective and preventive action procedure", whch handle both corrective and preventive actions, even if it's no more required by the standard?
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016