PECB
ISO-IEC-27001-LEAD-AUDITOR · Question #186
ISO-IEC-27001-LEAD-AUDITOR Question #186: Real Exam Question with Answer & Explanation
Sign in or unlock ISO-IEC-27001-LEAD-AUDITOR to reveal the answer and full explanation for question #186. The question stem and answer options stay visible for context.
Question
You are an experienced audit team leader guiding an auditor in training. Your team is currently conducting a third-party surveillance audit of an organisation that stores data on behalf of external clients. The auditor in training has been tasked with reviewing the TECHNOLOGICAL controls listed in the Statement of Applicability (SoA) and implemented at the site. Select four controls from the following that would you expect the auditor in training to review.
Options
- AConfidentiality and nondisclosure agreements
- BHow access to source code and development tools are managed: This control requires the
- CHow power and data cables enter the building
- DHow protection against malware is implemented: This control requires the organisation to
- EHow the organisation evaluates its exposure to technical vulnerabilities: This control requires
- FInformation security awareness, education and training
- GThe organisation's arrangements for information deletion: This control requires the
- HThe organisation's business continuity arrangements
Unlock ISO-IEC-27001-LEAD-AUDITOR to see the answer
You've previewed enough free ISO-IEC-27001-LEAD-AUDITOR questions. Unlock ISO-IEC-27001-LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.