- All Exams Instant Download
You are an experienced ISMS audit team leader guiding an auditor in training. You are testing her understanding of follow-up audits by asking her a series of questions to which the answer is either "true* or 'false'.
You are an experienced ISMS audit team leader guiding an auditor in training. You are testing her understanding of follow-up audits by asking her a series of questions to which the answer is either "true* or 'false'. Which four of the following questions should the answer be true"'A . A...
You are performing an ISMS audit at a residential nursing home railed ABC that provides healthcare services. The next step in your audit plan is to verify the effectiveness of the continual improvement process. During the audit, you learned most of the residents' family members (90%) receive WeCare medical device promotional advertisements through email and SMS once a week via ABC's healthcare mobile app. All of them do not agree on the use of the collected personal data (or marketing or any other purposes than nursing and medical care on the signed service agreement with ABC. They have very strong reason to believe that ABC is leaking residents' and family members' personal information to a non-relevant third party and they have filed complaints.
You are performing an ISMS audit at a residential nursing home railed ABC that provides healthcare services. The next step in your audit plan is to verify the effectiveness of the continual improvement process. During the audit, you learned most of the residents' family members (90%) receive WeCare medical device...
You are preparing the audit findings. Select two options that are correct.
You are preparing the audit findings. Select two options that are correct. A. There is an opportunity for improvement (OFI). The iLiirmation security incident training effectiveness can be improved. This is relevant to clause 7.2 and control A.6.3. B. There is no nonconformance. The information security weaknesses, events, and incidents...
You are an experienced ISMS audit team leader providing instruction to an auditor in training. They are unclear in their understanding of risk processes and ask you to provide them with an example of each of the processes detailed below
DRAG DROP You are an experienced ISMS audit team leader providing instruction to an auditor in training. They are unclear in their understanding of risk processes and ask you to provide them with an example of each of the processes detailed below. Match each of the descriptions provided to one...
Which one of the following statements best describes the purpose of conducting a document review?
Which one of the following statements best describes the purpose of conducting a document review?A . To reveal whether the documented management system is nonconforming with audit criteria and to gather evidence to support the audit reportB . To decide about the conformity of the documented management system with audit...
In the context of a third-party certification audit, confidentiality is an issue in an audit programme.
In the context of a third-party certification audit, confidentiality is an issue in an audit programme. Select two options which correctly state the function of confidentiality in an auditA . Auditors are forced by regulatory requirements to maintain confidentiality in an auditB . Observers in an audit team cannot access...
Which one of the following options describes the main purpose of a Stage 1 audit?
Which one of the following options describes the main purpose of a Stage 1 audit?A . To determine readiness for Stage 2B . To check for legal compliance by the organisationC . To get to know the organisationD . To compile the audit planView AnswerAnswer: A Explanation: The main purpose...
Which three of the following work documents are not required for audit planning by an auditor conducting a certification audit?
Which three of the following work documents are not required for audit planning by an auditor conducting a certification audit?A . An audit planB . A sample planC . An organisation's financial statementD . A checklistE . A career history of the IT managerF . A list of external providersView...
What is the difference between a restricted and confidential document?
What is the difference between a restricted and confidential document? A. Restricted - to be shared among an authorized group Confidential - to be shared among named individuals B. Restricted - to be shared among named individuals Confidential - to be shared among an authorized group C. Restricted - to...
You are an experienced ISMS audit team leader, talking to an Auditor in training who has been assigned to your audit team. You want to ensure that they understand the importance of the Check stage of the Plan-Do-Check-Act cycle in respect of the operation of the information security management system
DRAG DROP You are an experienced ISMS audit team leader, talking to an Auditor in training who has been assigned to your audit team. You want to ensure that they understand the importance of the Check stage of the Plan-Do-Check-Act cycle in respect of the operation of the information security...
