PECB ISO-IEC-27001 Lead Auditor PECB Certified ISO/IEC 27001 Lead Auditor exam Online Training

PECB ISO-IEC-27001 Lead Auditor Online Training

The questions for ISO-IEC-27001 Lead Auditor were last updated at Feb 21,2025.

Exam Code: ISO-IEC-27001 Lead Auditor
Exam Name: PECB Certified ISO/IEC 27001 Lead Auditor exam
Certification Provider: PECB
Latest update: Feb 21,2025

Question #61

You are performing an ISMS initial certification audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to conduct the closing meeting.

During the final audit team meeting, as an audit team leader, you agree to report 2 minor nonconformities and 1 opportunity for improvement as below:

Select one option of the recommendation to the audit programme manager you are going to advise to the auditee at the closing meeting.

A . Recommend certification immediately
B . Recommend that a full scope re-audit is required within 6 months
C . Recommend that an unannounced audit is carried out at a future date
D . Recommend certification after your approval of the proposed corrective action plan Recommend that the findings can be closed out at a surveillance audit in 1 year
E . Recommend that a partial audit is required within 3 months

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

According to ISO/IEC 17021-1:2015, which specifies the requirements for bodies providing audit and certification of management systems, clause 9.4.9 requires the certification body to make a certification decision based on the information obtained during the audit and any other relevant information1. The certification body should also consider the effectiveness of the corrective actions taken by the auditee to address any nonconformities identified during the audit1. Therefore, when making a recommendation to the audit programme manager, an ISMS auditor should consider the nature and severity of the nonconformities and the proposed corrective actions.

Based on the scenario above, the auditor should recommend certification after their approval of the proposed corrective action plan and recommend that the findings can be closed out at a surveillance audit in 1 year. The auditor should provide the following justification for their recommendation:

Justification: This recommendation is appropriate because it reflects the fact that the auditee has only two minor nonconformities and one opportunity for improvement, which do not indicate a significant or systemic failure of their ISMS. A minor nonconformity is defined as a failure to achieve one or more requirements of ISO/IEC 27001:2022 or a situation which raises significant doubt about the ability of an ISMS process to achieve its intended output, but does not affect its overall effectiveness or conformity2. An opportunity for improvement is defined as a suggestion for improvement beyond what is required by ISO/IEC 27001:20222. Therefore, these findings do not prevent or preclude certification, as long as they are addressed by appropriate corrective actions within a reasonable time frame. The auditor should approve the proposed corrective action plan before recommending certification, to ensure that it is realistic, achievable, and effective. The auditor should also recommend that the findings can be closed out at a surveillance audit in 1 year, to verify that the corrective actions have been implemented and are working as intended.

The other options are not valid recommendations for the audit programme manager, as they are either too lenient or too strict for the given scenario.

For example:

Recommend certification immediately: This option is not valid because it implies that the auditor ignores or accepts the nonconformities, which is contrary to the audit principles and objectives of ISO 19011:20182, which provides guidelines for auditing management systems. It also contradicts the requirement of ISO/IEC 17021-1:20151, which requires the certification body to consider the effectiveness of the corrective actions taken by the auditee before making a certification decision. Recommend that a full scope re-audit is required within 6 months: This option is not valid because it implies that the auditor overreacts or exaggerates the nonconformities, which is contrary to the audit principles and objectives of ISO 19011:20182. It also contradicts the requirement of ISO/IEC 17021-1:20151, which requires the certification body to determine whether a re-audit is necessary based on the nature and extent of nonconformities and other relevant factors. A full scope re-audit is usually reserved for major nonconformities or multiple minor nonconformities that indicate a serious

or widespread failure of an ISMS.

Recommend that an unannounced audit is carried out at a future date: This option is not valid because it implies that the auditor distrusts or doubts the auditee’s commitment or capability to implement corrective actions, which is contrary to the audit principles and objectives of ISO 19011:20182. It also contradicts the requirement of ISO/IEC 17021-1:20151, which requires the certification body to conduct unannounced audits only under certain conditions, such as when there are indications of serious problems with an ISMS or when required by sector-specific schemes. Recommend that a partial audit is required within 3 months: This option is not valid because it implies that the auditor imposes or prescribes a specific time frame or scope for verifying corrective actions, which is contrary to the audit principles and objectives of ISO 19011:20182. It also contradicts the requirement of ISO/IEC 17021-1:20151, which requires the certification body to determine whether a partial audit is necessary based on the nature and extent of nonconformities and other relevant factors. A partial audit may be appropriate for minor nonconformities, but the time frame and scope should be agreed upon with the auditee and based on the proposed corrective action plan.

Reference: ISO/IEC 17021-1:2015 – Conformity assessment C Requirements for bodies providing audit

and certification of management systems C Part 1: Requirements, ISO 19011:2018 – Guidelines for auditing management systems

Question #62

You are an ISMS audit team leader tasked with conducting a follow-up audit at a client’s data centre. Following two days on-site you conclude that of the original 12 minor and 1 major nonconformities that prompted the follow-up audit, only 1 minor nonconformity still remains outstanding. Select four options for the actions you could take.

A . Book another follow-up audit on-site to review the one outstanding minor nonconformity once it has been cleared
B . Recommend that the outstanding minor nonconformity is dealt with at the next surveillance audit
C . Advise the auditee that you will arrange an online audit to deal with the outstanding nonconformity
D . Note the progress made but hold the audit open until all corrective action has been cleared
E . Agree with the auditee/audit client how the remaining nonconformity will be cleared, by when, and how its clearance will be verified
F . Advise the individual managing the audit programme of any decision taken regarding the outstanding nonconformity
G . Recommend suspension of the organisation’s certification as they have failed to implement the agreed corrections and corrective actions within the agreed timescale
H . Close the follow-up audit as the organisation has demonstrated it is committed to clearing the nonconformities raised

Reveal Solution Hide Solution

Correct Answer: B, E, F, H
B, E, F, H

Explanation:

According to ISO 19011:2018, which provides guidelines for auditing management systems, clause 6.7 requires the audit team leader to conduct a follow-up audit to verify the implementation and effectiveness of the corrective actions taken by the auditee in response to the nonconformities identified during a previous audit1. The follow-up audit should be conducted in accordance with the same principles and processes as the initial audit, and should result in a conclusion on the status of the nonconformities and any remaining issues1. Therefore, when conducting a follow-up audit, an ISMS auditor should consider the following actions:

Recommend that the outstanding minor nonconformity is dealt with at the next surveillance audit: This action is appropriate because it reflects the fact that the auditee has cleared most of the nonconformities, including the major one, and only one minor nonconformity remains outstanding. A minor nonconformity is defined as a failure to achieve one or more requirements of ISO/IEC 27001:2022 or a situation which raises significant doubt about the ability of an ISMS process to achieve its intended output, but does not affect its overall effectiveness or conformity2. Therefore, this finding does not prevent or preclude the continuation of certification, as long as it is addressed by appropriate corrective actions within a reasonable time frame. The auditor should recommend that the outstanding minor nonconformity is dealt with at the next surveillance audit, which is a regular audit conducted by the certification body to confirm the ongoing conformity and effectiveness of an ISMS3.

Agree with the auditee/audit client how the remaining nonconformity will be cleared, by when, and how its clearance will be verified: This action is appropriate because it reflects the fact that the auditee has demonstrated commitment and capability to implement corrective actions for the nonconformities identified during the previous audit. The auditor should agree with the auditee/audit client on a realistic, achievable, and effective corrective action plan for the remaining nonconformity, including a clear deadline and verification method. The auditor should also document this agreement in the follow-up audit report1.

Advise the individual managing the audit programme of any decision taken regarding the outstanding nonconformity: This action is appropriate because it reflects the fact that the auditor has followed a systematic and consistent approach to conducting and reporting the follow-up audit. The auditor should advise the individual managing the audit programme of any decision taken regarding the outstanding nonconformity, such as recommending its closure at the next surveillance audit or agreeing on a corrective action plan with the auditee/audit client. The auditor should also provide sufficient information and evidence to support their decision1.

Close the follow-up audit as the organisation has demonstrated it is committed to clearing the nonconformities raised: This action is appropriate because it reflects the fact that the organisation has achieved satisfactory results in the follow-up audit. The auditor should close the follow-up audit as the organisation has demonstrated it is committed to clearing the nonconformities raised by implementing effective corrective actions for most of them and agreeing on a plan for the remaining one. The auditor should also communicate the follow-up audit conclusion to the auditee/audit client and other relevant parties1.

Question #63

You are an experienced ISMS audit team leader guiding an auditor in training. Your team has just completed a third-party surveillance audit of a mobile telecom provider. The auditor in training asks you how you intend to prepare for the Closing meeting.

Which four of the following are appropriate responses?

A . I will advise the auditee that the purpose of the closing meeting is for the audit team to communicate our findings. It is not an opportunity for the auditee to challenge the findings
B . I will instruct my audit team to wait outside the auditee’s offices so we can leave as quickly as possible after the closing meeting. This saves our time and the client’s time too
C . It is not necessary to prepare for the closing meeting. Once you have carried out as many audits as
I have you already know what needs to be discussed
D . I will schedule a closing meeting with the auditee’s representatives at which the audit conclusions will be presented
E . I will contact head office to ensure our invoice has been paid, If not, I will cancel the closing meeting and temporarily withhold the audit report
F . I will discuss any follow-up required with my audit team
G . I will review and, as appropriate, approve my teams audit conclusions
H . I will review the audit evidence and the audit findings with the rest of the team

Reveal Solution Hide Solution

Correct Answer: ADFH
ADFH

Explanation:

According to ISO 19011:2018, which provides guidelines for auditing management systems, clause 6.6 requires the audit team leader to conduct a closing meeting with the auditee’s representatives at the end of the audit to present the audit conclusions and any findings1. The closing meeting should also provide an opportunity for the auditee to ask questions, clarify issues, acknowledge the findings, and comment on the audit process1.

Therefore, when preparing for the closing meeting, an ISMS auditor should consider the following actions:

I will advise the auditee that the purpose of the closing meeting is for the audit team to communicate our findings. It is not an opportunity for the auditee to challenge these: This action is appropriate because it reflects the fact that the auditor has followed a systematic and consistent approach to collecting and evaluating audit evidence and reaching audit conclusions. The auditor should advise the auditee that the purpose of the closing meeting is for the audit team to communicate their findings, which are based on objective evidence and professional judgement. The auditor should also explain that it is not an opportunity for the auditee to challenge these findings, as they have already been discussed and confirmed during the audit. However, the auditor should also invite the auditee to ask questions, clarify issues, acknowledge the findings, and comment on the audit process1.

I will schedule a closing meeting with the auditee’s representatives at which the audit conclusions will be presented: This action is appropriate because it reflects the fact that the auditor has followed a planned and agreed audit programme and schedule. The auditor should schedule a closing meeting with the auditee’s representatives at which the audit conclusions will be presented, in accordance with clause 6.6 of ISO 19011:20181. The auditor should also ensure that the closing meeting is attended by those responsible for managing or implementing the ISMS, as well as any other relevant parties1.

I will discuss any follow-up required with my audit team: This action is appropriate because it reflects the fact that the auditor has followed a risk-based approach to determining and reporting any follow-up actions required by the auditee or the certification body. The auditor should discuss any follow-up required with their audit team, such as verifying corrective actions for nonconformities or conducting a subsequent audit1. The auditor should also document any follow-up actions in the audit report1. I will review and, as appropriate, approve my teams audit conclusions: This action is appropriate because it reflects the fact that the auditor has followed a rigorous and professional process to reaching and reporting audit conclusions. The auditor should review and, as appropriate, approve their teams audit conclusions, which are based on objective evidence and professional judgement. The auditor should also ensure that their teams audit conclusions are consistent with the audit objectives and scope, and reflect the overall performance and conformity of the ISMS1.

Question #64

You are an experienced ISMS audit team leader guiding an auditor in training. You are testing her understanding of follow-up audits by asking her a series of questions to which the answer is either "true* or ‘false’.

Which four of the following questions should the answer be true"’

A . A follow-up audit may be carried out where nonconformities are major
B . A follow-up audit may be carried out where nonconformities are minor
C . The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified
D . The outcome of a follow-up audit could lower a major nonconformity to minor status
E . The outcome of a follow-up audit could be a recommendabon to suspend the client’s certification
F . The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client
G . A follow-up audit is required in all instances where nonconformities have been identified
H . A follow-up audit is required only in instances where a major nonconformity has been identified

Reveal Solution Hide Solution

Correct Answer: A, B, C, F
A, B, C, F

Explanation:

A follow-up audit may be carried out where nonconformities are major. This is true because a major nonconformity is a situation that raises significant doubt about the ability of the organization’s management system to achieve its intended results, and therefore requires immediate corrective action. A follow-up audit is necessary to verify the effectiveness of the corrective action and the conformity of the management system12.

A follow-up audit may be carried out where nonconformities are minor. This is true because a minor nonconformity is a situation that does not affect the capability of the management system to achieve its intended results, but represents a deviation from the specified requirements. A follow-up audit may be conducted to check the implementation of the corrective action and the improvement of the management system12.

The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified. This is true because the top management is responsible for ensuring the effectiveness and continual improvement of the management system, and the audit team leader is accountable for the audit process and the audit conclusions. The follow-up audit report should provide them with objective evidence of the status of the nonconformities and the corrective actions taken by the auditee13.

The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client. This is true because the individual managing the audit programme is responsible for planning, implementing, monitoring and reviewing the audit activities, and the audit client is the organization or person requesting an audit. The follow-up audit report should inform them of the results of the follow-up audit and any changes in the certification status of the auditee13.

Reference: =

ISO 19011:2022 Guidelines for auditing management systems

ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements

ISO/IEC 17021-1:2022 Conformity assessment ― Requirements for bodies providing audit and certification of management systems ― Part 1: Requirements

Question #65

DRAG DROP

As the ISMS audit team leader, you are conducting a second-party audit of an international logistics company on behalf of an online retailer. During the audit, one of your team members reports a nonconformity relating to control 5.18 (Access rights) of Appendix A of ISO/IEC 27001:2022. She found evidence that removing the server access protocols of 20 people who left in the last 3 months took up to 1 week whereas the policy required removing access within 24 hours of their departure.

Complete the sentence with the best word(s), dick on the blank section you want to complete so that it is highlighted in red, and then click on the applicable text from the options below. Alternatively, you may drag and drop the option to the appropriate blank section.

Reveal Solution Hide Solution

Question #66

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show a very large number of returned items with causes including mis-addressed labels and, in 15% of company cases, two or more labels for different addresses for the one package. You are interviewing the Shipping Manager (SM).

You: Are items checked before being dispatched?

SH: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process. You: What action is taken when items are returned?

SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.

You raise a nonconformity. Referencing the scenario, which six of the following Appendix A controls would you expect the auditee to have implemented when you conduct the follow-up audit?

A . 5.11 Return of assets
B . 8.12 Data leakage protection
C . 5.3 Segregation of duties
D . 6.3 Information security awareness, education, and training
E . 7.10 Storage media
F . 8.3 Information access restriction
G . 5.6 Contact with special interest groups
H . 6.4 Disciplinary process
I . 7.4 Physical security monitoring
J . 5.13 Labelling of information
K . 5.32 Intellectual property rights

Reveal Solution Hide Solution

Correct Answer: BDEFIJ
BDEFIJ

Explanation:

B. 8.12 Data leakage protection. This is true because the auditee should have implemented measures to prevent unauthorized disclosure of sensitive information, such as personal data, medical records, or official documents, that are contained in the parcels. Data leakage protection could include encryption, authentication, access control, logging, and monitoring of data transfers12. D. 6.3 Information security awareness, education, and training. This is true because the auditee should have ensured that all employees and contractors involved in the shipping process are aware of the information security policies and procedures, and have received appropriate training on how to handle and protect the information assets in their custody. Information security awareness, education, and training could include induction programmes, periodic refreshers, awareness campaigns, e-learning modules, and feedback mechanisms13.

E. 7.10 Storage media. This is true because the auditee should have implemented controls to protect the storage media that contain information assets from unauthorized access, misuse, theft, loss, or damage. Storage media could include paper documents, optical disks, magnetic tapes, flash drives, or hard disks14. Storage media controls could include physical locks, encryption, backup, disposal, or destruction14.

F. 8.3 Information access restriction. This is true because the auditee should have implemented controls to restrict access to information assets based on the principle of least privilege and the need-to-know basis. Information access restriction could include identification, authentication, authorization, accountability, and auditability of users and systems that access information assets15. I. 7.4 Physical security monitoring. This is true because the auditee should have implemented controls to monitor the physical security of the premises where information assets are stored or processed. Physical security monitoring could include CCTV cameras, alarms, sensors, guards, or patrols16. Physical security monitoring could help detect and deter unauthorized physical access or intrusion attempts16.

J. 5.13 Labelling of information. This is true because the auditee should have implemented controls to label information assets according to their classification level and handling instructions. Labelling of information could include markings, tags, stamps, stickers, or barcodes1. Labelling of information could help identify and protect information assets from unauthorized disclosure or misuse1.

Reference: =

ISO/IEC 27002:2022 Information technology ― Security techniques ― Code of practice for information security controls

ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements

ISO/IEC 27003:2022 Information technology ― Security techniques ― Information security management systems ― Guidance

ISO/IEC 27004:2022 Information technology ― Security techniques ― Information security management systems ― Monitoring measurement analysis and evaluation

ISO/IEC 27005:2022 Information technology ― Security techniques ― Information security risk management

ISO/IEC 27006:2022 Information technology ― Security techniques ― Requirements for bodies providing audit and certification of information security management systems

[ISO/IEC 27007:2022 Information technology ― Security techniques ― Guidelines for information security management systems auditing]

Question #67

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show a very large number of returned items with causes including misaddressed labels and, in 15% of cases, two or more labels for different addresses for the one package. You are interviewing the Shipping Manager (SM).

You: Are items checked before being dispatched?

SM: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.

You: What action is taken when items are returned?

SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.

You raise a nonconformity against ISO 27001:2022 based on the lack of control of the labelling process.

At the closing meeting, the Shipping Manager issues an apology to you that his comments may have been misunderstood. He says that he did not realise that there is a background IT process that automatically checks that the right label goes onto the right parcel otherwise the parcel is ejected at labelling. He asks that you withdraw your nonconformity.

Select three options of the correct responses that you as the audit team leader would make to the request of the Shipping Manager.

A . Advise the Shipping Manager that his request will be included in the audit report
B . Advise management that the new information provided will be discussed when the auditors have more time
C . Inform the Shipping Manager that the nonconformity is minor and should be quickly corrected
D . Ask the audit team members to state what they think should happen
E . Inform him of your understanding and withdraw the nonconformity
F . Thank the Shipping Manager for his honesty but advise that withdrawing the nonconformity is not the right way to proceed
G . Advise the Shipping Manager that the nonconformity must stand since the evidence obtained for it was dear
H . Indicate that the nonconformity is evidence of a deeper system failure that needs to be rectified

Reveal Solution Hide Solution

Question #68

Which two of the following statements are true?

A . The benefits of implementing an ISMS primarily result from a reduction in information security risks
B . The benefit of certifying an ISMS is to obtain contracts from governmental institutions
C . The purpose of an ISMS is to apply a risk management process for preserving information security
D . The purpose of an ISMS is to demonstrate compliance with regulatory requirements

Reveal Solution Hide Solution

Question #69

DRAG DROP

The following options are key actions involved in a first-party audit.

Order the stages to show the sequence in which the actions should take place.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

The correct order of the stages is:

Prepare the audit checklist

Gather objective evidence

Review audit evidence

Document findings

Audit preparation: This stage involves defining the audit objectives, scope, criteria, and plan. The auditor also prepares the audit checklist, which is a list of questions or topics that will be covered during the audit. The audit checklist helps the auditor to ensure that all relevant aspects of the ISMS are addressed and that the audit evidence is collected in a systematic and consistent manner12. Audit execution: This stage involves conducting the audit activities, such as opening meeting, interviews, observations, document review, and closing meeting. The auditor gathers objective evidence, which is any information that supports the audit findings and conclusions. Objective evidence can be qualitative or quantitative, and can be obtained from various sources, such as records, statements, physical objects, or observations123.

Audit reporting: This stage involves reviewing the audit evidence, evaluating the audit findings, and documenting the audit results. The auditor reviews the audit evidence to determine whether it is sufficient, reliable, and relevant to support the audit findings. The auditor evaluates the audit findings to determine the degree of conformity or nonconformity of the ISMS with the audit criteria. The auditor documents the audit results in an audit report, which is a formal record of the audit process and outcomes. The audit report typically includes the following elements123:

An introduction clarifying the scope, objectives, timing and extent of the work performed An executive summary indicating the key findings, a brief analysis and a conclusion

The intended report recipients and, where appropriate, guidelines on classification and circulation Detailed findings and analysis

Recommendations for improvement, where applicable

A statement of conformity or nonconformity with the audit criteria

Any limitations or exclusions of the audit scope or evidence

Any deviations from the audit plan or procedures

Any unresolved issues or disagreements between the auditor and the auditee A list of references, abbreviations, and definitions used in the report

A list of appendices, such as audit plan, audit checklist, audit evidence, audit team members, etc. Audit follow-up: This stage involves verifying the implementation and effectiveness of the corrective actions taken by the auditee to address the audit findings. The auditor monitors the progress and completion of the corrective actions, and evaluates their impact on the ISMS performance and conformity. The auditor may conduct a follow-up audit to verify the corrective actions on-site, or may rely on other methods, such as document review, remote interviews, or self-assessment by the auditee. The auditor documents the follow-up results and updates the audit report accordingly123.

Reference: PECB Candidate Handbook ISO 27001 Lead Auditor, pages 19-25 ISO 19011:2018 – Guidelines for auditing management systems The ISO 27001 audit process | ISMS.online

Question #70

Which two of the following phrases would apply to "plan" in relation to the Plan-Do-Check-Act cycle for a business process?

A . Retaining documentation
B . Retaining documentation
C . Organising changes
D . Setting objectives
E . Training staff
F . Providing ICT assets

Reveal Solution Hide Solution

Previous Questions Next Questions

PECB ISO-IEC-27001 Lead Auditor PECB Certified ISO/IEC 27001 Lead Auditor exam Online Training

PECB ISO-IEC-27001 Lead Auditor PECB Certified ISO/IEC 27001 Lead Auditor exam Online Training

PECB ISO-IEC-27001 Lead Auditor Online Training

The questions for ISO-IEC-27001 Lead Auditor were last updated at Feb 21,2025.

Latest ISO-IEC-27001 Lead Auditor Dumps Valid Version with 100 Q&As

Related Posts

PECB ISO-IEC-27001 Lead Implementer PECB Certified ISO/IEC 27001 Lead Implementer exam Online Training

PECB ISO-9001 Lead Auditor QMS ISO 9001:2015 Lead Auditor Online Training

PECB ISO-IEC 20000 Foundation ISO/IEC 20000 Foundation Exam Online Training

PECB Lead Cybersecurity Manager ISO/IEC 27032 Lead Cybersecurity Manager Online Training

PECB ISO-45001 Lead Auditor PECB Certified ISO 45001 Lead Auditor Exam Online Training

PECB ISO-22301 Lead Implementer ISO 22301 Lead Implementer Certification Exam Online Training

PECB ISO-22301 Lead Auditor PECB Certified ISO 22301 Lead Auditor Exam Online Training