ISO-IEC-27001 Lead Auditor exam

DRAG DROP Select the words that best complete the sentence: To complete the sentence with the word(s) click on the blank section you want to complete so that it is highlighted in red, and then click on the application text from the options below. Alternatively, you may drag and drop...

A property of Information that has the ability to prove occurrence of a claimed event.A . Electronic chain lettersB . IntegrityC . AvailabilityD . AccessibilityView AnswerAnswer: B Explanation: A property of information that has the ability to prove occurrence of a claimed event is integrity. Integrity is one of the...

DRAG DROP Select the words that best complete the sentence: "The purpose of maintaining regulatory compliance in a management system is to. To complete the sentence with the best word(s), click on the blank section you want to complete so that it is highlighted in red, and then click on...

You are an experienced audit team leader guiding an auditor in training, Your team is currently conducting a third-party surveillance audit of an organisation that stores data on behalf of external clients. The auditor in training has been tasked with reviewing the TECHNOLOGICAL controls listed in the Statement of Applicability...

Which two of the following are examples of audit methods that 'do' involve human interaction?A . Performing an independent review of procedures in preparation for an auditB . Reviewing the auditee's response to an audit findingC . Analysing data by remotely accessing the auditee's serverD . Observing work performed by...

DRAG DROP Select a word from the following options that best completes the sentence: To complete the sentence with the word(s) click on the blank section you want to complete so that it is highlighted in red, and then click on the application text from the options below. Alternatively, you...

During discussions with the individual(s) managing the audit programme of a certification body, the Management System Representative of the client organisation asks for a specific auditor for the certification audit. Select two of the following options for how the individual(s) managing the audit programme should respond.A . Advise the Management...

The following are purposes of Information Security, except:A . Ensure Business ContinuityB . Minimize Business RiskC . Increase Business AssetsD . Maximize Return on InvestmentView AnswerAnswer: C Explanation: The following are purposes of information security, except increasing business assets. Increasing business assets is not a purpose of information security, as...

During a third-party certification audit, you are presented with a list of issues by an auditee. Which four of the following constitute 'internal' issues in the context of a management system to ISO 27001:2022?A . Higher labour costs as a result of an aging populationB . A rise in interest...

In acceptable use of Information Assets, which is the best practice? A. Access to information and communication systems are provided for business purpose only B. Interfering with or denying service to any user other than the employee's host C. Playing any computer games during office hours D. Accessing phone or...