Root cause analysis on ISO 27001
Assign topic to the user
Answer: Root cause analysis is a mandatory requirement for ISO 27001:2013, as defined in clause 10.1 b) 1). This clause requires a nonconformity to be evaluated to identify the need to implement actions to eliminate root causes to prevent recurrence, or occurrence elsewhere, of the same nonconformity.
This article will provide you further explanation about handling non conformities:
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
These materials will also help you regarding handling non conformities:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 30, 2017