From the course: ISO 27001:2022-Compliant Cybersecurity: Getting Started
Join today to access over 23,200 courses taught by industry experts.
Nonconformity, corrective actions, and continual improvement (Clauses 10.1 and 10.2)
From the course: ISO 27001:2022-Compliant Cybersecurity: Getting Started
Nonconformity, corrective actions, and continual improvement (Clauses 10.1 and 10.2)
- [Instructor] No matter how well you build your information security management system or ISMS, there will always be room for improvement. In this video, we'll look at clause 10 of ISO 27001, which is the improvement clause. Clause 10.1 is called nonconformity and corrective action. First, it's important to understand what a nonconformity is. When it comes to ISO 27001, nonconformities tend to fall into two categories, the failure of your organization to implement and maintain one or more ISMS requirements, or a situation which would raise significant doubt that your ISMS can meet the information security policy and security objectives of your organization. For instance, if your organization doesn't have a written incident management procedure, which is a document required by ISO 27001 that would be a nonconformity. In other words, that alone means your organization doesn't comply with ISO 27001, and even if your…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.