ISO-IEC-27001-LEAD-AUDITOR · Question #175
ISO-IEC-27001-LEAD-AUDITOR Question #175: Real Exam Question with Answer & Explanation
The correct answer is B. Confidentiality and nondisclosure agreements C. How information security has been addressed within supplier agreements E. Rules for transferring information within the organisation and to other organisations F. The development and maintenance of an information asset inventory. According to the PECB Candidate Handbook for ISO/IEC 27001 Lead Auditor, the auditor in training should review the organisational controls that are related to the information security policy, the roles and responsibilities, the information classification, the information exchange
Question
Options
- AAccess to and from the loading bay
- BConfidentiality and nondisclosure agreements
- CHow information security has been addressed within supplier agreements
- DHow power and data cables enter the building
- ERules for transferring information within the organisation and to other organisations
- FThe development and maintenance of an information asset inventory
- GThe operation of the site CCTV and door control systems
- HThe organisation's business continuity arrangements
Explanation
According to the PECB Candidate Handbook for ISO/IEC 27001 Lead Auditor, the auditor in training should review the organisational controls that are related to the information security policy, the roles and responsibilities, the information classification, the information exchange, the supplier relationships, and the information asset management1. These controls are aligned with the ISO/IEC 27001 requirements for clauses 5, 7, 8.2, 8.3, and 8.42.
Community Discussion
No community discussion yet for this question.