ISO-IEC-27001 Lead Auditor exam

During an opening meeting of a Stage 2 audit, the Managing Director of the client organisation invites the audit team to view a new company video lasting 45 minutes. Which two of the following responses should the audit team leader make?A . Advise the Managing Director that the audit team...

You ask the IT Manager why the organisation still uses the mobile app while personal data encryption and pseudonymisation tests failed. Also, whether the Service Manager is authorised to approve the test. The IT Manager explains the test results should be approved by him according to the software security management...

You are an ISMS auditor conducting a third-party surveillance audit of a telecom's provider. You are in the equipment staging room where network switches are pre-programmed before being despatched to clients. You note that recently there has been a significant increase in the number of switches failing their initial configuration...

During a follow-up audit, you notice that a nonconformity identified for completion before the follow-up audit is still outstanding. Which four of the following actions should you take? A. Report the failure to address the corrective action for the outstanding nonconformity to the organisation's top management B. Immediately raise an...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security of the business continuity management process. During the audit, you learned that the organisation activated one of the business continuity plans (BCPs)...

You are an experienced ISMS auditor conducting a third-party surveillance audit at an organisation which offers ICT reclamation services. ICT equipment which companies no longer require is processed by the organisation. It Is either recommissioned and reused or is securely destroyed. You notice two servers on a bench in the...

A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:A . Say "hi" and offer coffeeB . Call the receptionist and inform about the visitorC . Greet and ask him what is his businessD . Escort him to his destinationView AnswerAnswer: A...

Which six of the following actions are the individual(s) managing the audit programme responsible for?A . Selecting the audit teamB . Retaining documented information of the audit resultsC . Defining the objectives, scope and criteria for an individual auditD . Defining the plan of an individual auditE . Establishing the...

You are the person responsible for managing the audit programme and deciding the size and composition of the audit team for a specific audit. Select the two factors that should be considered.A . The audit scope and criteriaB . Customer relationshipsC . The overall competence of the audit team needed...

You are performing an ISMS audit at a nursing home where residents always wear an electronic wristband for monitoring their location, heartbeat, and blood pressure. The wristband automatically uploads this data to a cloud server for healthcare monitoring and analysis by staff. You now wish to verify that the information...