Who are allowed to access highly confidential files?

ISO-IEC-27001 Lead Auditor V2 0 Comments

Who are allowed to access highly confidential files?

A. Employees with a business need-to-know

B. Contractors with a business need-to-know

C. Employees with signed NDA have a business need-to-know

D. Non-employees designated with approved access and have signed NDA

Answer: A

Explanation:

According to ISO/IEC 27001:2022, clause 8.2.1, the organization shall ensure that access to information and information processing facilities is limited to authorized users based on the access control policy and in accordance with the business requirements of access control2. Therefore, only employees with a business need-to-know are allowed to access highly confidential files, and not contractors, non-employees or employees with signed NDA.

Reference: ISO/IEC 27001:2022 Lead Auditor (Information Security Management Systems) | CQI | IRCA

Latest ISO-IEC-27001 Lead Auditor Dumps Valid Version with 100 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download ISO-IEC-27001 Lead Auditor PDF     ISO-IEC-27001 Lead Auditor Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments