2024 Correct Practice Tests of ISO-IEC-27001-Lead-Auditor Dumps with Practice Exam
Certification Sample Questions of ISO-IEC-27001-Lead-Auditor Dumps With 100% Exam Passing Guarantee
PECB ISO-IEC-27001-Lead-Auditor exam is a rigorous and comprehensive assessment of a candidate's knowledge and skills in leading an ISMS audit team and conducting an audit according to the requirements of ISO/IEC 27001:2013 standard. It is a valuable certification for professionals who wish to advance their careers in information security management and auditing and demonstrate their expertise in the field.
NEW QUESTION # 93
What is the worst possible action that an employee may receive for sharing his or her password or access with others?
- A. Three days suspension from work
- B. Termination
- C. The lowest rating on his or her performance assessment
- D. Forced roll off from the project
Answer: B
Explanation:
The worst possible action that an employee may receive for sharing his or her password or access with others is termination, because this is a serious breach of the organization's information security policy and access control policy. Sharing password or access with others may allow unauthorized users to access sensitive or confidential information, or to perform malicious or fraudulent activities on behalf of the employee. The employee should keep his or her password or access confidential and secure, and should not disclose it to anyone under any circumstances. Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements], Example of an information security policy, Example of an access control policy
NEW QUESTION # 94
An audit finding is the result of the evaluation of the collected audit evidence against audit criteria. Evaluate the following potential formats of audit evidence and select the two that are acceptable.
- A. Statement of facts by the IT manager
- B. Observation of a previously recorded video demonstrating the performance of a hazardous activity
- C. Unsigned hand written changes to test results
- D. Documented information on results of IT audits
- E. Statements by a system engineer that cannot be verified
- F. An audio recording of a dialog between the IT manager and a system engineer
Answer: B,D
Explanation:
According to the ISO/IEC 27001 Lead Auditor exam preparation guide1, audit evidence can be in various formats, such as records, statements of fact, or other information that is relevant and verifiable. Audit evidence can be collected by means of interviews, observation, sampling, testing, or other techniques. However, not all formats of audit evidence are acceptable or reliable. For example, unsigned hand written changes to test results (A) are not verifiable and may indicate tampering or falsification. Statements by a system engineer that cannot be verified (D) are also not reliable and may be biased or inaccurate. An audio recording of a dialog between the IT manager and a system engineer (F) may not be relevant to the audit criteria or may violate the confidentiality or consent of the parties involved. A statement of facts by the IT manager (B) may be relevant and verifiable, but it is not sufficient as audit evidence unless it is supported by other sources of information.
Therefore, the two acceptable formats of audit evidence are documented information on results of IT audits and observation of a previously recorded video demonstrating the performance of a hazardous activity (E), as they are relevant to the audit criteria and can be verified by other means. References: 1:
https://pecb.com/pdf/exam-preparation-guides/pecb-iso-iec-27001-lead-auditor-exam-preparation-guide.pdf (page 9)
NEW QUESTION # 95
You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show a very large number of returned items with causes including mis-addressed labels and, in 15% of company cases, two or more labels for different addresses for the one package. You are interviewing the Shipping Manager (SM).
You: Are items checked before being dispatched?
SH: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.
You: What action is taken when items are returned?
SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.
You raise a nonconformity. Referencing the scenario, which six of the following Appendix A controls would you expect the auditee to have implemented when you conduct the follow-up audit?
- A. 5.11 Return of assets
- B. 5.6 Contact with special interest groups
- C. 7.4 Physical security monitoring
- D. 8.12 Data leakage protection
- E. 7.10 Storage media
- F. 8.3 Information access restriction
- G. 5.32 Intellectual property rights
- H. 6.3 Information security awareness, education, and training
- I. 5.3 Segregation of duties
- J. 5.13 Labelling of information
- K. 6.4 Disciplinary process
Answer: C,D,E,F,H,J
Explanation:
B. 8.12 Data leakage protection. This is true because the auditee should have implemented measures to prevent unauthorized disclosure of sensitive information, such as personal data, medical records, or official documents, that are contained in the parcels. Data leakage protection could include encryption, authentication, access control, logging, and monitoring of data transfers12.
D. 6.3 Information security awareness, education, and training. This is true because the auditee should have ensured that all employees and contractors involved in the shipping process are aware of the information security policies and procedures, and have received appropriate training on how to handle and protect the information assets in their custody. Information security awareness, education, and training could include induction programmes, periodic refreshers, awareness campaigns, e-learning modules, and feedback mechanisms13.
E. 7.10 Storage media. This is true because the auditee should have implemented controls to protect the storage media that contain information assets from unauthorized access, misuse, theft, loss, or damage. Storage media could include paper documents, optical disks, magnetic tapes, flash drives, or hard disks14. Storage media controls could include physical locks, encryption, backup, disposal, or destruction14.
F. 8.3 Information access restriction. This is true because the auditee should have implemented controls to restrict access to information assets based on the principle of least privilege and the need-to-know basis. Information access restriction could include identification, authentication, authorization, accountability, and auditability of users and systems that access information assets15.
I. 7.4 Physical security monitoring. This is true because the auditee should have implemented controls to monitor the physical security of the premises where information assets are stored or processed. Physical security monitoring could include CCTV cameras, alarms, sensors, guards, or patrols16. Physical security monitoring could help detect and deter unauthorized physical access or intrusion attempts16.
J. 5.13 Labelling of information. This is true because the auditee should have implemented controls to label information assets according to their classification level and handling instructions. Labelling of information could include markings, tags, stamps, stickers, or barcodes1 . Labelling of information could help identify and protect information assets from unauthorized disclosure or misuse1 .
References :=
ISO/IEC 27002:2022 Information technology - Security techniques - Code of practice for information security controls ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements ISO/IEC 27003:2022 Information technology - Security techniques - Information security management systems - Guidance ISO/IEC 27004:2022 Information technology - Security techniques - Information security management systems - Monitoring measurement analysis and evaluation ISO/IEC 27005:2022 Information technology - Security techniques - Information security risk management ISO/IEC 27006:2022 Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems
[ISO/IEC 27007:2022 Information technology - Security techniques - Guidelines for information security management systems auditing]
NEW QUESTION # 96
You are an experienced ISMS audit team leader, assisting an auditor in training to write their first audit report.
You want to check the auditor in training's understanding of terminology relating to the contents of an audit report and chose to do this by presenting the following examples.
For each example, you ask the auditor in training what the correct term is that describes the activity Match the activity to the description.
Answer:
Explanation:
Explanation:
1. An auditor using a copy of ISO/IEC 27001:2022 to check that its requirements are met:
Termed: Reviewing audit criteria.
Justification: The auditor is comparing the auditee's information security management system (ISMS) against the established criteria outlined in the ISO/IEC 27001:2022 standard. This activity falls under the use of audit criteria to determine conformity or nonconformity.
2. An auditor's note that the auditee is not adhering to its clear desk policy:
Termed: Identifying an audit finding.
Justification: The auditor has observed a deviation from the auditee's established policy on clear desks. This observation is documented as a potential nonconformity, which requires further investigation and evaluation.
3. An auditor making a decision regarding the auditee's conformity or otherwise to criteria:
Termed: Determining an audit conclusion.
Justification: Based on the collected audit evidence and evaluation against the established criteria, the auditor forms an opinion about the overall compliance of the auditee's ISMS. This opinion is the audit conclusion and is a key element of the audit report.
4. An auditor examining verifiable records relevant to the audit process:
Termed: Collecting audit evidence.
Justification: The auditor is gathering objective and verifiable information to support their findings and conclusions. This information comes from various sources, including documents, records, interviews, and observations.
NEW QUESTION # 97
You are an experienced ISMS audit team leader, talking to an Auditor in training who has been assigned to your audit team. You want to ensure that they understand the importance of the Check stage of the Plan-Do-Check-Act cycle in respect of the operation of the information security management system.
You do this by asking him to select the words that best complete the sentence:
To complete the sentence with the best word(s), click on the blank section you want to complete so that it is highlighted in red, and then click on the applicable text from the options below. Alternatively, you may drag and drop the option to the appropriate blank section.
Answer:
Explanation:
Explanation:
Review is the third stage of the Plan-Do-Check-Act (PDCA) cycle, which is a four-step model for implementing and improving an information security management system (ISMS) according to ISO/IEC
27001:202212. Review involves assessing and measuring the performance of the ISMS against the established policies, objectives, and criteria12.
Assess is the verb that describes the action of reviewing the ISMS. Assess means to evaluate, analyze, or measure something in a systematic and objective manner3. Assessing the ISMS involves collecting and verifying audit evidence, identifying strengths and weaknesses, and determining the degree of conformity or nonconformity12.
Regular is the adjective that describes the frequency or interval of reviewing the ISMS. Regular means occurring or done at fixed or uniform intervals4. Reviewing the ISMS at regular intervals means conducting internal audits and management reviews periodically, such as annually, quarterly, or monthly, depending on the needs and risks of the organization12.
Suitability is one of the attributes that describes the quality or outcome of reviewing the ISMS. Suitability means being appropriate or fitting for a particular purpose, person, or situation5. Reviewing the ISMS for suitability means ensuring that it is aligned with the organization's strategic direction, business objectives, and information security requirements12.
References :=
ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements ISO/IEC 27003:2022 Information technology - Security techniques - Information security management systems - Guidance Assess | Definition of Assess by Merriam-Webster Regular | Definition of Regular by Merriam-Webster Suitability | Definition of Suitability by Merriam-Webster
NEW QUESTION # 98
Stages of Information
- A. creation, use, disposition, maintenance, evolution
- B. creation, distribution, use, maintenance, disposition
- C. creation, distribution, maintenance, disposition, use
- D. creation, evolution, maintenance, use, disposition
Answer: B
Explanation:
The stages of information are creation, distribution, use, maintenance, and disposition. These are the phases that information goes through during its lifecycle, from the moment it is generated to the moment it is destroyed or archived. Each stage of information has different security requirements and risks, and should be managed accordingly. Creation, evolution, maintenance, use, and disposition are not the correct stages of information, as evolution is not a distinct stage, but a process that can occur in any stage. Creation, use, disposition, maintenance, and evolution are not the correct stages of information, as they are not in the right order. Creation, distribution, maintenance, disposition, and use are not the correct stages of information, as they are not in the right order. Reference: : CQI & IRCA ISO 27001:2022 Lead Auditor Course Handbook, page 32. : [ISO/IEC 27001 LEAD AUDITOR - PECB], page 12.
NEW QUESTION # 99
During a third-party certification audit you are presented with a list of issues by an auditee. Which four of the following constitute 'external' issues in the context of a management system to ISO/IEC 27001:2022?
- A. A rise in interest rates in response to high inflation
- B. Poor levels of staff competence as a result of cuts in training expenditure
- C. Poor morale as a result of staff holidays being reduced
- D. A fall in productivity linked to outdated production equipment
- E. Increased absenteeism as a result of poor management
- F. Higher labour costs as a result of an aging population
- G. A reduction in grants as a result of a change in government policy
- H. Inability to source raw materials due to government sanctions
Answer: A,F,G,H
Explanation:
According to ISO/IEC 27001:2022, which specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS), clause 4.1 requires an organization to determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcomes of its ISMS2. External issues are those that originate from outside the organization, such as legal, regulatory, cultural, social, political, economic, natural and competitive factors2. Internal issues are those that originate from within the organization, such as governance, structure, roles and responsibilities, policies, objectives, culture, capabilities, resources and information systems2. Therefore, based on this definition, four examples of external issues in the context of a management system to ISO/IEC 27001:2022 are a rise in interest rates in response to high inflation (which affects the economic environment of the organization), a reduction in grants as a result of a change in government policy (which affects the political and legal environment of the organization), higher labour costs as a result of an aging population (which affects the social and demographic environment of the organization), and inability to source raw materials due to government sanctions (which affects the trade and supply environment of the organization)2. The other options are examples of internal issues, as they originate from within the organization or its activities. For example, poor levels of staff competence as a result of cuts in training expenditure (which affects the capabilities and resources of the organization), increased absenteeism as a result of poor management (which affects the culture and performance of the organization), poor morale as a result of staff holidays being reduced (which affects the motivation and satisfaction of the organization's personnel), and a fall in productivity linked to outdated production equipment (which affects the efficiency and quality of the organization's processes)2. References: ISO/IEC 27001:2022 - Information technology - Security techniques - Information security management systems - Requirements
NEW QUESTION # 100
Review the following statements and determine which two are false:
- A. Conducting a technology check in advance of a virtual audit can improve the effectiveness and efficiency of the audit
- B. The selection of onsite, virtual or combination audits should take into consideration historical performance and previous audit results
- C. Due to confidentiality and security concerns, screen sharing during a virtual audit is one method by which the audit team can review the auditee's documentation
- D. The number of days assigned to a third-party audit is determined by the auditee's availability
- E. Auditors approved for conducting onsite audits do not require additional training for virtual audits, as there are no significant differences in the skillset required
- F. During a virtual audit, auditees participating in interviews are strongly recommended to keep their webcam enabled
Answer: D,E
Explanation:
The number of days assigned to a third-party audit is not determined by the auditee's availability, but by the audit program, which considers the audit scope, objectives, criteria, risks, and resources12. The auditee's availability is only one factor that affects the audit planning and scheduling, but not the audit duration3.
Auditors approved for conducting onsite audits do require additional training for virtual audits, as there are significant differences in the skillset required. Virtual audits pose different challenges and opportunities than onsite audits, such as communication, technology, security, and evidence collection4 . Auditors need to be familiar with the tools and techniques for conducting remote audits, as well as the ethical and professional behavior expected in a virtual environment . References:
* PECB Candidate Handbook - ISO 27001 Lead Auditor, page 18
* ISO 19011:2018, Guidelines for auditing management systems, clause 5.3.2
* ISO 19011:2018, Guidelines for auditing management systems, clause 6.3.1
* Deloitte - Conducting a Virtual Internal Audit, page 1
* [A Guide to Conducting Effective and Efficient Remote Audits], page 1
* [ISO 19011:2018, Guidelines for auditing management systems], clause 7.2.3
* [Remote Auditing Best Practices & Checklist for Regulatory Compliance], page 1
NEW QUESTION # 101
Select the words that best complete the sentence:
To complete the sentence with the word(s) click on the blank section you want to complete so that it is highlighted in red, and then click on the application text from the options below. Alternatively, you may drag and drop the option to the appropriate blank section.
Answer:
Explanation:
Explanation:
competence of the audit team and decision made by the certification body According to ISO/IEC 17021-1, which specifies the requirements for bodies providing audit and certification of management systems, an accredited certification means that the certification body has been evaluated by an accreditation body against recognized standards to demonstrate its competence, impartiality and performance capability1. Therefore, an accredited certification assures the competence of the audit team that conducts the audit in accordance with ISO 19011 and ISO/IEC 27001:2022, and the decision made by the certification body that grants or maintains the certification based on the audit evidence and findings2. References: ISO/IEC
17021-1:2015 - Conformity assessment - Requirements for bodies providing audit and certification of management systems - Part 1: Requirements, ISO/IEC 27001:2022 Lead Auditor (Information Security Management Systems) | CQI | IRCA
NEW QUESTION # 102
How is the purpose of information security policy best described?
- A. An information security policy provides direction and support to the management regarding information security.
- B. An information security policy makes the security plan concrete by providing it with the necessary details.
- C. An information security policy provides insight into threats and the possible consequences.
- D. An information security policy documents the analysis of risks and the search for countermeasures.
Answer: A
NEW QUESTION # 103
What type of measure involves the stopping of possible consequences of security incidents?
- A. Repressive
- B. Detective
- C. Corrective
- D. Preventive
Answer: A
Explanation:
A repressive measure is a type of measure that involves the stopping of possible consequences of security incidents. A security incident is an event that compromises the confidentiality, integrity, or availability of information assets3. A repressive measure is a measure that aims to prevent or reduce the harm caused by a security incident after it has occurred. Examples of repressive measures include blocking malicious IP addresses, revoking user access rights, isolating infected systems, or restoring data from backups4. Repressive measures are different from preventive measures, which are measures that aim to avoid or reduce the likelihood of a security incident before it occurs. Examples of preventive measures include installing antivirus software, enforcing password policies, encrypting sensitive data, or conducting security awareness training4. Therefore, the correct answer is C. Reference: ISO/IEC 27000:2022, clause 3.25; Lepide.
NEW QUESTION # 104
What controls can you do to protect sensitive data in your computer when you go out for lunch?
- A. You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity
- B. You activate your favorite screen-saver
- C. You turn off the monitor
- D. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".
Answer: D
Explanation:
You should lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer", because this is the most effective way to protect sensitive data in your computer when you go out for lunch. By locking your computer, you are preventing unauthorized access to your computer and its contents, as well as complying with the organization's access control policy and information security policy. Locking your computer requires a password or a biometric authentication to unlock it, which adds a layer of security to your data. The other options are not sufficient or reliable, as they do not prevent someone from accessing your computer or viewing your screen. Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements, How to lock your PC
NEW QUESTION # 105
You are an ISMS auditor conducting a third-party surveillance audit of a telecom's provider. You are in the equipment staging room where network switches are pre-programmed before being despatched to clients. You note that recently there has been a significant increase in the number of switches failing their initial configuration test and being returned for reprogramming.
You ask the Chief Tester why and she says, 'It's a result of the recent ISMS upgrade'. Before the upgrade each technician had their own hard copy work instructions. Now, the eight members of my team have to share two laptops to access the clients' configuration instructions online. These delays put pressure on the technicians, resulting in more mistakes being made'.
Based solely on the information above, which clause of ISO to raise a nonconformity against' Select one.
- A. Clause 7.2 - Competence
- B. Clause 7.3 - Awareness
- C. Clause 7.4 - Communication
- D. Clause 10.2 - Nonconformity and corrective action
- E. Clause 8.1 - Operational planning and control
- F. Clause 7.5 - Documented information
Answer: E
Explanation:
Explanation
According to ISO/IEC 27001:2022, which specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS), clause 8.1 requires an organization to plan, implement and control its processes needed to meet ISMS requirements2. This includes determining what needs to be done, how it will be done, who will do it, when it will be done, what resources are required, how performance will be evaluated, etc2. Therefore, if an ISMS auditor conducting a third-party surveillance audit of a telecom's provider notes that there has been a significant increase in the number of switches failing their initial configuration test and being returned for reprogramming due to a recent ISMS upgrade that reduced access to work instructions, this indicates a nonconformity against clause 8.1 of ISO/IEC 27001:2022. The organization has failed to plan and control its operational processes effectively to ensure information security and quality2. The other options are not correct clauses to raise a nonconformity against based solely on this information. For example, clause 7.5 deals with documented information required by ISMS or determined by an organization as necessary for its effectiveness2, but it does not specify how many copies or formats of work instructions should be available; clause 10.2 deals with nonconformity and corrective action as a response to an identified problem or incident2, but it does not address how to prevent or avoid such problems or incidents in operational processes; clause 7.3 deals with awareness of ISMS policy, objectives, roles and responsibilities among persons doing work under an organization's control2, but it does not relate to how work instructions are accessed or followed; clause 7.2 deals with competence of persons doing work under an organization's control that affects its ISMS performance2, but it does not imply that lack of competence is caused by insufficient work instructions; clause
7.4 deals with communication about ISMS among internal and external interested parties2, but it does not cover how operational information is communicated within an organization. References: ISO/IEC 27001:2022
- Information technology - Security techniques - Information security management systems - Requirements
NEW QUESTION # 106
A key audit process is the way auditors gather information and determine the findings' characteristics. Put the actions listed in the correct order to complete this process. The last one has been done for you.
Answer:
Explanation:
Explanation
* Determine source of information
* Collect by means of appropriate sampling
* Reviewing
* Audit evidence
* Evaluating against audit criteria
* Audit findings
* Audit conclusions
The reviewing step involves checking the accuracy, completeness, and relevance of the collected information.
The audit evidence step involves documenting the information in a verifiable and traceable manner. The evaluating against audit criteria step involves comparing the audit evidence with the requirements of the ISO
27001 standard and the organization's own policies and objectives. The audit findings step involves identifying any nonconformities, weaknesses, or opportunities for improvement in the ISMS. The audit conclusions step involves summarizing the audit results and providing recommendations for corrective actions or enhancements.
NEW QUESTION # 107
How does the use of new technologies such as big data impact auditing?
- A. It causes significant disruptions, for example, introducing data that is too large or complex for processing by traditional database management tools
- B. It presents new challenges, for example, combining structured and unstructured data
- C. It enhances the audit quality by enabling auditors to collect higher quality audit evidence
Answer: B
Explanation:
The use of new technologies such as big data presents new challenges in auditing, particularly the issue of combining structured and unstructured data. Big data environments often include diverse data sets that auditors need to understand and interpret, which requires new skills and approaches to ensure effective and comprehensive audit coverage.
References: ISO/IEC 27001:2013 Standards and supplementary literature on the impact of technology on auditing practices
NEW QUESTION # 108
You are performing an ISMS audit at a residential nursing home called ABC that provides healthcare services.
You find all nursing home residents wear an electronic wristband for monitoring their location, heartbeat, and blood pressure always. You learned that he electronic wristband automatically uploads all data to the artificial intelligence (AI) cloud server for healthcare monitoring and analysis by healthcare staff.
To verify the scope of ISMS, you interview the management system representative (MSR) who explains that the ISMS scope covers an outsourced data center.
Select four options for the clauses and/or controls of ISO/IEC 27001:2022 that are directly relevant to the verification of the scope of the ISMS.
- A. Clause 4.1 Understanding the organization and its context
- B. Control 6.3 Information security awareness, education, and training
- C. Clause 4.2 Understanding the needs and expectations of interested parties
- D. Clause 4.3 Determining the scope of the information security management system
- E. Clause 5.2 Policy
- F. Control 5.3 Legal, statutory, regulatory and contractual requirements
- G. Control 7.6 Working in secure areas
- H. Control 5.3 Organizational roles, responsibilites and authorities
Answer: A,C,D,E
Explanation:
* B. This clause requires the organisation to determine the interested parties that are relevant to the ISMS, and the requirements of these interested parties12. This clause is relevant to the verification of the scope of the ISMS because it helps the organisation to identify the stakeholders that have an influence or an
* interest in the information security of the organisation, such as customers, suppliers, regulators, employees, etc. The organisation should also consider the needs and expectations of these interested parties when defining the scope of the ISMS, and ensure that they are met and communicated.
* E. This clause requires the organisation to establish an information security policy that provides the framework for setting the information security objectives and guiding the information security activities13. This clause is relevant to the verification of the scope of the ISMS because it helps the organisation to define the direction and principles of the ISMS, and to align them with the strategic goals and context of the organisation. The information security policy should also be consistent with the scope of the ISMS, and should be communicated and understood within the organisation and by relevant interested parties.
* F. This clause requires the organisation to determine the internal and external issues that are relevant to the purpose and the context of the organisation, and that affect its ability to achieve the intended outcomes of the ISMS14. This clause is relevant to the verification of the scope of the ISMS because it helps the organisation to understand the factors and conditions that influence the information security of the organisation, such as the legal, technological, social, economic, environmental, etc. The organisation should also monitor and review these issues, and consider them when defining the scope of the ISMS.
* H. This clause requires the organisation to determine the boundaries and applicability of the ISMS to establish its scope15. This clause is relevant to the verification of the scope of the ISMS because it helps the organisation to describe the information and processes that are included in the ISMS, and to document the scope in a clear and concise manner. The organisation should also consider the issues, requirements, and interfaces identified in clauses 4.1, 4.2, and 4.3 when determining the scope of the ISMS, and ensure that the scope is appropriate to the nature and scale of the organisation.
References:
1: PECB Candidate Handbook - ISO 27001 Lead Auditor, page 17 2: ISO/IEC 27001:2022 - Information technology - Security techniques - Information security management systems - Requirements, clause
4.2 3: ISO/IEC 27001:2022 - Information technology - Security techniques - Information security management systems - Requirements, clause 5.2 4: ISO/IEC 27001:2022 - Information technology - Security techniques - Information security management systems - Requirements, clause 4.1 5: ISO/IEC
27001:2022 - Information technology - Security techniques - Information security management systems - Requirements, clause 4.3
NEW QUESTION # 109
......
ISO-IEC-27001-Lead-Auditor Sample Practice Exam Questions 2024 Updated Verified: https://www.actual4test.com/ISO-IEC-27001-Lead-Auditor_examcollection.html
Pass Key features of ISO-IEC-27001-Lead-Auditor Course with Updated 280 Questions: https://drive.google.com/open?id=1iv0Y18way8pWKRNSINpUkpQkYV7BIvtW