Submitting CAPA for NC on opportunities for Improvement
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I’m assuming that the opportunity for improvement came from the auditor.
Considering that, first is important to note that Opportunities for Improvement are recommendations of the auditor, and never will be a Non-Conformity.
By pointing an Opportunity for Improvement, the auditor only wants the organization to take a look at a situation to evaluate if it is worthy to take action to achieve suggested benefits. If the organization decides to take no action, there will be no problem at all.
Considering that, an organization may or may not submit an Action Plan for an Opportunity for Improvement. Please note that I used the term Action Plan because Preventive Action is not required by ISO 27001, so the term Corrective and Preventive Action (CAPA) would not be appropriate for this situation.
Comment as guest or Sign in
Oct 18, 2021