RM-09—ISMS Corrective Action Plans

>Control Description

Management prepares a Corrective Action Plan (CAP) to manage the resolution of nonconformities identified in independent audits.

Theme

Process

Type

Corrective

Policy/Standard

Risk Management Standard

>Implementation Guidance

1. Ensure that there is an audit finding document generated following an external, independent audit and used as a basis for implementing necessary improvements and corrective actions.

>Testing Procedure

1. Inspect audit finding document prepared after external, independent audit. 2. For a sample of findings, examine evidence of resolution or a plan of action for audit findings.

>Audit Artifacts

E-RM-15

E-RM-16

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

ISO 270014

FedRAMP Rev 51

TX-RAMP1

Ask AI

ISO 27001
4

FedRAMP Rev 5
1

TX-RAMP
1