PECB
LEAD-AUDITOR · Question #112
LEAD-AUDITOR Question #112: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #112. The question stem and answer options stay visible for context.
Question
You are an experienced audit team leader conducting a third-party surveillance audit of an organisation that designs websites for its clients. You are currently reviewing the organisation's Statement of Applicability. Based on the requirements of ISO/IEC 27001, which two of the following observations about the Statement of Applicability are true?
Options
- AJustification for both the inclusion and exclusion of Annex A controls in the Statement of
- BThe Statement of Applicability is owned and amended by the organisation's top management
- CThe Statement of Applicability must be reviewed at least annually
- DA Statement of Applicability must be produced by organisations seeking ISO/IEC 27001 conformity
- EJustification is only required for any controls that the organisations choses to exclude
- FThe Statement of Applicability must be reviewed at Management Review
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.