Expert Advice Community

Home / ISO 27001 & 22301 / Root cause for identified non-conformities

Guest

Root cause for identified non-conformities

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 25, 2018 Last commented:   Jan 25, 2018

Root cause for identified non-conformities

ISO 27001 & 22301
Just wanted to know about what someone needs to provide as root cause for the identified non conformities And mainly corrective action details.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic Jan 25, 2018

Answer: Root cause is the main reason why a non-conformity has happened - for example, if you have an employee who didn't perform backup according to Backup policy, a root cause could be that there was no training that explained to employees how this needs to be done.

Such root causes should be documented in the Corrective action form.

These materials will also help you regarding root cause analysis:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your
Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course
https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 24, 2018

Jan 24, 2018

Suggested Topics
Guest user Created:   Jul 20, 2023 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 and minor non-conformities
Guest user Created:   Jun 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

Non-conformities
Guest user Created:   Feb 18, 2021 ISO 27001 & 22301
Replies: 1
0 0

Internal Audit Report - numbering non-conformities