Minor nonconformity
Definition
A single lapse or gap that does not indicate systemic failure. The organisation must provide a corrective action plan and close the finding before the next audit. Repeated minor nonconformities in the same area can be upgraded to major.
Related terms
- Accreditation body (AB)
- A national body that assesses and formally recognises the competence of certification bodies. Notable examples: UKAS (UK), DAkkS (Germany), COFRAC (France), NABCB...
- Certification body (CB)
- An independent third-party organisation accredited to audit and certify that an ISMS conforms to ISO 27001. Examples include BSI, Bureau Veritas, DNV,...
- Major nonconformity
- A finding that indicates the ISMS is absent in a required area or has failed systemically. Must be resolved with verified evidence...
- Stage 1 audit
- The documentation review phase of the initial certification audit. The auditor checks that the ISMS documentation exists, the scope is defined, the...
- Stage 2 audit
- The on-site certification audit. The auditor tests whether controls described in the documentation are implemented and operating effectively. A Stage 2 pass...
Explained in
- ISO/IEC 27001 Certification and Surveillance AuditsA single lapse or gap that does not indicate systemic failure. The organisation must provide a corrective action plan and close the finding before the next aud...