Expert Advice Community

Guest

Should nonconformities undergo a documented risk assessment / analysis?

  Quote
Guest
Guest user Created:   Jun 21, 2023 Last commented:   Jun 21, 2023

Should nonconformities undergo a documented risk assessment / analysis?

After purchasing ISO27001 templates and following your training it is not completely clear to me if ISO27001 obligates that nonconformities need to undergo a risk assessment / analysis and that this needs to be documented.

Can you clarify this? Thanks.

0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT

Document the results of the risk management process.

ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT

Document the results of the risk management process.

Expert
Rhand Leal Jun 21, 2023

ISO 27001 does not prescribe risk assessment to be performed over identified nonconformities, so a company is not obliged to perform it.

This article will provide you with further explanation about handling non-conformities:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 21, 2023

Jun 21, 2023