PECB
LEAD-AUDITOR · Question #145
LEAD-AUDITOR Question #145: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #145. The question stem and answer options stay visible for context.
Question
The data centre at which you work is currently seeking ISO/IEC27001:2022 certification. In preparation for your initial certification visit, several internal audits have been carried out by a colleague working at another data centre within your Group. They secured their own ISO/IEC 27001:2022 certificate earlier in the year. You have just qualified as an Internal ISMS auditor and your manager has asked you to review the audit process and audit findings as a final check before the external Certification Body arrives. Which four of the following would cause you concern in respect of conformity to ISO/IEC 27001:2022 requirements?
Options
- AAlthough the scope for each internal audit has been defined, there are no audit criteria defined for
- BAudit reports are not held in hardcopy (i.e. on paper). They are only stored as *. PDF documents
- CThe audit process states the results of audits will be made available to 'relevant' managers, not top
- DThe audit programme does not reference audit methods or audit responsibilities.
- EThe audit programme does not take into account the relative importance of information security
- FThe audit programme does not take into account the results of previous audits.
- GThe audit programme has not been signed as 'approved by Top Management.
- HThe audit programme shows management reviews taking place at irregular intervals during the
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.