New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

ISO-IEC-27001-Lead-Auditor Exam Dumps - PECB ISO 27001 Questions and Answers

Page: 1 / 20
Questions 4

An auditor of organisation A performs an audit of supplier B. Which two of the following actions is likely to represent a breach of confidentiality by the auditor after having identified findings in B's information security management system?

Options:

A.

Shares the findings with other relevant managers in A

B.

Shares the findings with B's Information Security Manager

C.

Shares the findings with A's supplier evaluation team

D.

Shares the findings with B's other customers

E.

Shares the findings with B's certification body

F.

Shares the findings with other relevant managers in B

Buy Now
Questions 5

AppFolk, a software development company, is seeking certification against ISO/IEC 27001. In the initial phases of the external audit, the certification body in discussion with the company excluded the marketing division from the audit scope, although they stated in their ISMS scope that the whole company is included. Is this acceptable?

Options:

A.

Yes, audit and ISMS scope do not necessarily need to be the same

B.

No, divisions that are not critical for the industrial sector in which the auditee operates can be excluded from the audit scope

C.

No, audit scope should reflect all of the organization’s divisions covered by the ISMS

Buy Now
Questions 6

The following are the guidelines to protect your password, except: 

Options:

A.

Don't use the same password for various company system security access

B.

Do not share passwords with anyone

C.

For easy recall, use the same password for company and personal accounts

D.

Change a temporary password on first log-on

Buy Now
Questions 7

After analyzing the audit conclusions, Company X decided to accept the risk related to one of the detected nonconformities. They claimed that no corrective action was necessary; however, their decision was not documented. Is this acceptable?

Options:

A.

Yes, the auditee's management can decide to accept the risk instead of implementing corrective actions and documenting such decision is not necessary

B.

No, the decision of the auditee to accept the risk instead of implementing corrective actions should be justified and documented

C.

No, the auditee must implement corrective actions for all the observations documented during the audit

Buy Now
Page: 1 / 20
Exam Name: PECB Certified ISO/IEC 27001 2022 Lead Auditor exam
Last Update: Dec 22, 2024
Questions: 289
ISO-IEC-27001-Lead-Auditor pdf

ISO-IEC-27001-Lead-Auditor PDF

$25.5  $84.99
ISO-IEC-27001-Lead-Auditor Engine

ISO-IEC-27001-Lead-Auditor Testing Engine

$28.5  $94.99
ISO-IEC-27001-Lead-Auditor PDF + Engine

ISO-IEC-27001-Lead-Auditor PDF + Testing Engine

$40.5  $134.99