Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Should nonconformities undergo a documented risk assessment / analysis?

  Quote
Guest
Guest user Created:   Jun 21, 2023 Last commented:   Jun 21, 2023

Should nonconformities undergo a documented risk assessment / analysis?

After purchasing ISO27001 templates and following your training it is not completely clear to me if ISO27001 obligates that nonconformities need to undergo a risk assessment / analysis and that this needs to be documented.

Can you clarify this? Thanks.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 21, 2023

ISO 27001 does not prescribe risk assessment to be performed over identified nonconformities, so a company is not obliged to perform it.

This article will provide you with further explanation about handling non-conformities:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 21, 2023

Jun 21, 2023