ISO-IEC-27001 Lead Auditor V2

Objectives, criteria, and scope are critical features of a third-party ISMS audit. Which two issues are audit objectives?A . Evaluate customer processes and functionsB . Assess conformity with ISO/IEC 27001 requirementsC . Fulfil the audit planD . Confirm sites operating the ISMSE . Determine the scope of the ISMSF ....

You are an experienced ISMS audit team leader guiding an auditor in training. Your team has just completed a third-party surveillance audit of a mobile telecom provider. The auditor in training asks you how you intend to prepare for the Closing meeting. Which four of the following are appropriate responses?A...

Which two of the following statements are true?A . The benefits of implementing an ISMS primarily result from a reduction in information security risksB . The benefit of certifying an ISMS is to obtain contracts from governmental institutionsC . The purpose of an ISMS is to apply a risk management...

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show...

During a Stage 1 audit opening meeting, the Management System Representative (MSR) asks to extend the audit scope to include a new site overseas which they have expanded into since the certification application was made. Select two options for how the auditor should respond. A. Advise the MSR that an...

You are performing an ISO 27001 ISMS surveillance audit at a residential nursing home, ABC Healthcare Services. ABC uses a healthcare mobile app designed and maintained by a supplier, WeCare, to monitor residents' well-being. During the audit, you learn that 90% erf the residents' family members regularly receive medical device...

You are carrying out your first third-party ISMS surveillance audit as an Audit Team Leader. You are presently in the auditee's data centre with another member of your audit team. Your colleague seems unsure as to the difference between an information security event and an information security incident. You attempt...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident management process. The IT Security Manager presents the information security incident management procedure and explains that the process is based on...

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name: Email ID: Password: DOB: Kindly contact the...

Which two of the following are examples of audit methods that 'do not' involve human interaction?A . Conducting an interview using a teleconferencing platformB . Performing a review of auditees procedures in preparation for an auditC . Reviewing the auditee's response to an audit findingD . Analysing data by remotely...