What action should be taken if an auditee does not respond to the auditor's follow-up?

Prepare for the PECB Certified ISO/IEC 27001 Lead Auditor Exam with our comprehensive quiz. Test your knowledge with multiple-choice questions and detailed explanations. Get exam-ready!

When an auditee does not respond to the auditor's follow-up, it is essential to document the lack of response. This documentation serves multiple purposes. It provides a record of the auditor's attempts to engage with the auditee, demonstrating due diligence on the auditor's part. Additionally, documenting the lack of response is crucial for understanding the context of the audit findings and any subsequent actions that may be warranted.

The absence of a response can indicate various issues, such as a potential lack of engagement or challenges within the auditee's management system. By thoroughly documenting this situation, the auditor notifies relevant stakeholders of the auditee's non-compliance or failure to address findings, which can have implications for the audit's outcomes or recommendations for future audits. It may also assist in maintaining transparency and accountability within the auditing process.

In contrast, considering the audit successful without a response, scheduling new audits as a first step, or imposing immediate penalties do not address the core issue of non-response and could undermine the integrity and effectiveness of the audit process. Proper documentation, however, ensures that the audit trail is complete, and it can guide future actions, whether that means additional follow-ups, escalations, or risk assessments related to the auditee's operations.

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy