ISO-IEC-27001 Lead Auditor exam

Which one of the following options best describes the main purpose of a Stage 1 third-party audit?A . To introduce the audit team to the clientB . To learn about the organisation's procurementC . To determine redness for a stage 2 auditD . To check for legal compliance by the...

The following are the guidelines to protect your password, except:A . Don't use the same password for various company system security accessB . Do not share passwords with anyoneC . For easy recall, use the same password for company and personal accountsD . Change a temporary password on first log-onView...

The data center at which you work is currently seeking ISO/IEC27001:2022 certification. In preparation for your initial certification visit a number of internal audits have been carried out by a colleague working at another data centre within your Group. They secured their ISO/IEC 27001:2022 certificate earlier in the year. You...

DRAG DROP You have just completed a scheduled information security audit of your organisation when the IT Manager approaches you and asks for your assistance in the revision of the company's risk management process. He is attempting to update the current documentation to make it easier for other managers to...

Which two of the following statements are true?A . The role of a certification body auditor involves evaluating the organisation's processes for ensuring compliance with their legal requirementsB . Curing a third-party audit, the auditor evaluates how the organisation ensures that 4 6 made aware of changes to the legal...

Which of the following is not a type of Information Security attack?A . Legal IncidentsB . Vehicular IncidentsC . Technical VulnerabilitiesD . Privacy IncidentsView AnswerAnswer: B Explanation: Vehicular incidents are not a type of information security attack. A vehicular incident is an event that involves a vehicle or its driver...

You are an experienced ISMS audit team leader. During the conducting of a third-party surveillance audit, you decide to test your auditee's knowledge of ISO/IEC 27001's risk management requirements. You ask her a series of questions to which the answer is either 'that is true' or 'that is false'. Which...

You are performing an ISMS initial certification audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to conduct the closing meeting. During the final audit team meeting, as an audit team leader, you agree to report 2 minor nonconformities and 1...

Objectives, criteria, and scope are critical features of a third-party ISMS audit. Which two issues are audit objectives?A . Evaluate customer processes and functionsB . Assess conformity with ISO/IEC 27001 requirementsC . Fulfil the audit planD . Confirm sites operating the ISMSE . Determine the scope of the ISMSF ....

You are an experienced ISMS audit team leader guiding an auditor in training. Your team has just completed a third-party surveillance audit of a mobile telecom provider. The auditor in training asks you how you intend to prepare for the Closing meeting. Which four of the following are appropriate responses?A...