ISO-IEC-27001 Lead Auditor V2

You are performing an ISO 27001 ISMS surveillance audit at a residential nursing home, ABC Healthcare Services. ABC uses a healthcare mobile app designed and maintained by a supplier, WeCare, to monitor residents' well-being. During the audit, you learn that 90% erf the residents' family members regularly receive medical device...

You are carrying out your first third-party ISMS surveillance audit as an Audit Team Leader. You are presently in the auditee's data centre with another member of your audit team. Your colleague seems unsure as to the difference between an information security event and an information security incident. You attempt...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident management process. The IT Security Manager presents the information security incident management procedure and explains that the process is based on...

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name: Email ID: Password: DOB: Kindly contact the...

Which two of the following are examples of audit methods that 'do not' involve human interaction?A . Conducting an interview using a teleconferencing platformB . Performing a review of auditees procedures in preparation for an auditC . Reviewing the auditee's response to an audit findingD . Analysing data by remotely...

Which three of the following phrases are objectives' in relation to an audit?A . International StandardB . Identify opportunities for improvementC . Confirm the scope of the management systemD . Management policyE . Complete audit on timeF . Regulatory requirementsView AnswerAnswer: B, C, F Explanation: According to ISO 19011:2018, which...

CEO sends a mail giving his views on the status of the company and the company’s future strategy and the CEO's vision and the employee's part in it. The mail should be classified asA . Internal MailB . Public MailC . Confidential MailD . Restricted MailView AnswerAnswer: A Explanation: The...

Which one of the following options is the definition of an interested party?A . A third party can appeal to an organisation when it perceives itself to be affected by a decision or activityB . A person or organisation that can affect, be affected by or perceive itself to be...

DRAG DROP In regard to generating an audit finding, select the words that best complete the following sentence. To complete the sentence with the best word(s), click on the blank section you want to complete so that it Is highlighted in red, and then click on the applicable text from...

After completing Stage 1 and in preparation for a Stage 2 initial certification audit, the auditee informs the audit team leader that they wish to extend the audit scope to include two additional sites that have recently been acquired by the organisation. Considering this information, what action would you expect...