ISO-IEC-27001 Lead Auditor V2

Which two of the following phrases are 'objectives' in relation to a first-party audit?A . Apply international standardsB . Prepare the audit report for the certification bodyC . Confirm the scope of the management system is accurateD . Complete the audit on timeE . Apply Regulatory requirementsF . Update the...

Which two of the following phrases would apply to 'check' in the Plan-Do-Check-Act cycle for a business process?A . Making improvementsB . Managing changesC . Verifying trainingD . Resetting objectivesE . Updating the Information Security PolicyF . Auditing processesView AnswerAnswer: CF Explanation: The two phrases that would apply to ‘check’...

DRAG DROP As the ISMS audit team leader, you are conducting a second-party audit of an international logistics company on behalf of an online retailer. During the audit, one of your team members reports a nonconformity relating to control 5.18 (Access rights) of Appendix A of ISO/IEC 27001:2022. She found...

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show...

DRAG DROP Please match the roles to the following descriptions: To complete the table click on the blank section you want to complete so that it is highlighted in red, and then click on the applicable test from the options below. Alternatively, you may drag and drop each option to...

You are an experienced ISMS audit team leader providing guidance to an ISMS auditor in training. They have been asked to carry out an assessment of external providers and have prepared a checklist containing the following activities. They have asked you to review their checklist to confirm that the actions...

You are carrying out your first third-party ISMS surveillance audit as an Audit Team Leader. You are presently in the auditee's data centre with another member of your audit team. You are currently in a large room that is subdivided into several smaller rooms, each of which has a numeric...

Who are allowed to access highly confidential files? A. Employees with a business need-to-know B. Contractors with a business need-to-know C. Employees with signed NDA have a business need-to-know D. Non-employees designated with approved access and have signed NDAView AnswerAnswer: A Explanation: According to ISO/IEC 27001:2022, clause 8.2.1, the organization...

DRAG DROP You are an experienced ISMS audit team leader. An auditor in training has approached you to ask you to clarify the different types of audits she may be required to undertake. Match the following audit types to the descriptions. To complete the table click on the blank section...

What is we do in ACT - From PDCA cycleA . Take actions to continually monitor process performanceB . Take actions to continually improve process performanceC . Take actions to continually monitor process performanceD . Take actions to continually improve people performanceView AnswerAnswer: B Explanation: In the Act phase of...