What should the correct answers be?

DRAG DROP You have just completed a scheduled information security audit of your organisation when the IT Manager approaches you and asks for your assistance in the revision of the company's risk management process. He is attempting to update the current documentation to make it easier for other managers to...

April 4, 2025 No Comments READ MORE +

Which two of the following statements are true?

Which two of the following statements are true?A . The role of a certification body auditor involves evaluating the organisation's processes for ensuring compliance with their legal requirementsB . Curing a third-party audit, the auditor evaluates how the organisation ensures that 4 6 made aware of changes to the legal...

April 3, 2025 No Comments READ MORE +

Which of the following is not a type of Information Security attack?

Which of the following is not a type of Information Security attack?A . Legal IncidentsB . Vehicular IncidentsC . Technical VulnerabilitiesD . Privacy IncidentsView AnswerAnswer: B Explanation: Vehicular incidents are not a type of information security attack. A vehicular incident is an event that involves a vehicle or its driver...

April 1, 2025 No Comments READ MORE +

Which four of the following should she answer 'that is true'?

You are an experienced ISMS audit team leader. During the conducting of a third-party surveillance audit, you decide to test your auditee's knowledge of ISO/IEC 27001's risk management requirements. You ask her a series of questions to which the answer is either 'that is true' or 'that is false'. Which...

March 31, 2025 No Comments READ MORE +

You are performing an ISMS initial certification audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to conduct the closing meeting.

You are performing an ISMS initial certification audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to conduct the closing meeting. During the final audit team meeting, as an audit team leader, you agree to report 2 minor nonconformities and 1...

March 31, 2025 No Comments READ MORE +

Which two issues are audit objectives?

Objectives, criteria, and scope are critical features of a third-party ISMS audit. Which two issues are audit objectives?A . Evaluate customer processes and functionsB . Assess conformity with ISO/IEC 27001 requirementsC . Fulfil the audit planD . Confirm sites operating the ISMSE . Determine the scope of the ISMSF ....

March 29, 2025 No Comments READ MORE +

Which four of the following are appropriate responses?

You are an experienced ISMS audit team leader guiding an auditor in training. Your team has just completed a third-party surveillance audit of a mobile telecom provider. The auditor in training asks you how you intend to prepare for the Closing meeting. Which four of the following are appropriate responses?A...

March 26, 2025 No Comments READ MORE +

Which two of the following statements are true?

Which two of the following statements are true?A . The benefits of implementing an ISMS primarily result from a reduction in information security risksB . The benefit of certifying an ISMS is to obtain contracts from governmental institutionsC . The purpose of an ISMS is to apply a risk management...

March 24, 2025 No Comments READ MORE +

You: Are items checked before being dispatched?

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show...

March 22, 2025 No Comments READ MORE +

During a Stage 1 audit opening meeting, the Management System Representative (MSR) asks to extend the audit scope to include a new site overseas which they have expanded into since the certification application was made.

During a Stage 1 audit opening meeting, the Management System Representative (MSR) asks to extend the audit scope to include a new site overseas which they have expanded into since the certification application was made. Select two options for how the auditor should respond. A. Advise the MSR that an...

March 21, 2025 No Comments READ MORE +