Nonconformity & Corrective Action For ISO 27001 Requirement 10.1

What is covered under ISO 27001 Clause 10.1? 

Section 10.1 of ISO 27001 concerns the actions your organisation commits to taking when a failure in the compliance of the standard occurs. The standard refers to this as a ‘nonconformity’ and the steps you take to correct this is called a ‘corrective action’.

In the event of a nonconformity, the organisation should ‘take action to control and correct it’, and deal with the consequences of the event. They should then take steps to ensure that it doesn’t happen again. This is done by addressing the cause of the nonconformity.

The corrective action should be assessed and the effectiveness of that action, measured and documented.

Remember, to obtain and maintain ISO 27001 certification, an auditor will expect to see evidence of improvements. It is not a failure to show you are addressing nonconformities, taking corrective actions etc so do make sure that they are visible if appropriate to demonstrate the philosophy of continuous improvement that is required by the standard.

How to demonstrate nonconformities and corrective actions are being addressed

Using software to manage your ISMS will give you access to not just a policy for 10.1, but also the Corrective Actions & Improvement Track which has been built for you to quickly and simply demonstrate and evidence the work being done.  It is customised ready to use immediately and will help you manage the corrective actions and improvements you identify through a standard workflow process. You will be able to assign actions to team members, set due dates, and join-up your ISMS by linking it quickly to other areas, such as a policy or control which may need updating.  

Ready to take action?

Discover how can help you achieve or improve on your ISMS objectives


Need ISO 27001 policies and controls for your ISMS? includes practical policies and controls for your organisation to easily adopt, adapt and add to, giving you up to 77% head start with ISO 27001 documentation. 



Ready to take action?

Discover how can help you achieve or improve on your ISMS objectives

ISMS Online Rating: 5 out of 5
Share This