Implementation of Controls as per SOA for Stage 2 Audit

Dean Bell

Dean Bell

Registered
#1
#1
Looking for some guidance or feedback based on previous experience regarding the implementation of controls under ISO27001 Annex A.

There are 114 controls here, which need to be considered with respect to their inclusion or exclusion on the SOA as a result of the risk assessment and treatment process.

So here's my question, during a Stage 2 audit, is it typically expected by the CB auditor that all controls have been implemented (as captured on the SOA)? Or is it sufficient to be able to simply demonstrate that a risk assessment and treatment process has been documented and implemented, even with the controls only partially implemented?

I'd imagine that the full implementation of controls for many organisations could take a very long time, so it would be common to undergo a certification audit having addressed the highest risk (therefore highest priority) risks.

Thanks in anticipation. I've implemented many HSEQ management systems through to certification over the years, but this is my first ISMS.
 
Download Free White Paper
Elsmar Forum Sponsor
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
H Regarding confusion of the validity of the European implementation of IEC standards Other Medical Device Related Standards 1
J Implementation, establishment and certification of IATF 16949. IATF 16949 - Automotive Quality Systems Standard 6
J UKCA direct marking implementation UK Medical Device Regulations 0
J0anne QMS Implementation Iran ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
O Quality Management System Implementation framework and Gap analysis checklist Manufacturing and Related Processes 7
Pmarszal BS EN 20417:2021 - Implementation Timeline Aligned With MDR? Other ISO and International Standards and European Regulations 1
L UDI implementation in Saudi Arabi (KSA) Other Medical Device Regulations World-Wide 1
B ISO13485 Risk managment implementation for suppliers ISO 14971 - Medical Device Risk Management 2
P ISO 20400:2017 Sustainable Procurement Implementation Sustainability, Green Initiatives and Ecology 0
R ISO 27001 implementation IEC 27001 - Information Security Management Systems (ISMS) 3
R MEDDEV 2.12-1 rev 8 (Vigilance guidelines) still applicable with the MDR implementation? EU Medical Device Regulations 1
S Implementation of QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T SOC2 preparation and trainings for implementation team Other ISO and International Standards and European Regulations 2
SABRINA DJILALI SAIAH Implementation of the ISAS-MEDIA 9001 standard in a TV channel ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
S Sequence of ISO 9001:2015 Implementation Steps ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
S ISO9001:2015 Implementation / update plan template ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
M ISO14971:2019 - Verification of implementation and effectiveness of risk control ISO 14971 - Medical Device Risk Management 14
S ISO 9001 implementation in a Gold exporting business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
K Implementation 2013/59/Euratom CE Marking (Conformité Européene) / CB Scheme 7
C Implementation ISO 9001: 2015 ? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
S Practical Implementation of ISO 14971 ISO 14971 - Medical Device Risk Management 6
G Issues/Roadblocks with APQP implementation APQP and PPAP 10
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
N ERP Software Implementation Manufacturing and Related Processes 3
C New to Site - Request Help with API Q2 Implementation Oil and Gas Industry Standards and Regulations 9
F Will the EU postpone 2017/745 MDR Implementation - COVID-19 Impact Medical Device and FDA Regulations and Standards News 11
J MDD to MDR transition - Time required for the implementation of the MDR EU Medical Device Regulations 7
L AS9146 Implementation and Compliance AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
J Looking for a template SOP for UDI implementation for EU Medical Devices EU Medical Device Regulations 2
G Defining performance metrics for DFMA implementation Design and Development of Products and Processes 2
Cats Clause Design and implementation of process audits as defined within IATF 16949 IATF 16949 - Automotive Quality Systems Standard 2
B ISO 9001 Implementation Time Frame ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
M UDI transition period and implementation EU Medical Device Regulations 6
G Strategy for IEC62304 implementation half way into the software development process IEC 62304 - Medical Device Software Life Cycle Processes 9
M Informational EU – EMA revised guidance – Questions & Answers on Implementation of the Medical Devices and In Vitro Diagnostic Medical Devices Regulations ((EU) 201 Medical Device and FDA Regulations and Standards News 2
R ISO 13485 QMS Implementation Training ISO 13485:2016 - Medical Device Quality Management Systems 7
D Preventive Maintenance Implementation 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
Emran.mi Measurement system analysis - Can you help me about implementation MSA for CMM device Manufacturing and Related Processes 2
K China UDI Implementation for October 1st 2019 China Medical Device Regulations 4
R ISO 13485 QMS sequence of implementation ISO 13485:2016 - Medical Device Quality Management Systems 4
M Informational From RAPS – EU MDR/IVDR: US Raises ‘Serious Concerns,’ Urges 3-Year Implementation Delay Medical Device and FDA Regulations and Standards News 3
M Informational TGA – European implementation of Medical Device and IVD Regulations – Implications for Australia Medical Device and FDA Regulations and Standards News 0
M Informational Medtech Europe presentation – – Industry Perspective on the Implementation Status of the MDR/IVDR Medical Device and FDA Regulations and Standards News 0
M Informational EU – Employment, Social Policy, Health and Consumer Affairs Council Public session (Health) – AOB – medical devices Implementation of the regulation o Medical Device and FDA Regulations and Standards News 0
M Informational EU – Medical devices: Implementation of Regulation (EU) 2017/745 on medical devices (MDR) – Information from the Irish and German delegations Medical Device and FDA Regulations and Standards News 0
M Informational Medtech Europe – Open letter to the European Commission on the implementation and readiness status of the new Medical Device Regulation (MDR) Medical Device and FDA Regulations and Standards News 0
M Informational Publication of Draft Health Canada Implementation Guidance for the International Medical Device Regulators Forum Table of Contents Format Medical Device and FDA Regulations and Standards News 0
A New Supplier implementation - PPAP vs APQP APQP and PPAP 9
M Startup Company - Implementation of ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 19
D AS9100D implementation question AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9

Similar threads

Top Bottom