PECB
LEAD-AUDITOR · Question #146
LEAD-AUDITOR Question #146: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #146. The question stem and answer options stay visible for context.
Question
You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident management process. The IT Security Manager presents the information security incident management procedure (Document reference ID: ISMS_L2_16, version 4) and explains that the process is based on ISO/IEC 27035-1:2016. You review the document and notice a statement "any information security weakness, event, and incident should be reported to the Point of Contact (PoC) within 1 hour after identification". When interviewing staff, you found that there were differences in the understanding of the meaning of "weakness, event, and incident". The IT Security Manager explained that an online "information security handling" training seminar was conducted 6 months ago. All of the interviewed persons participated in and passed the reporting exercise and course assessment. You are preparing the audit findings. Select two options that are correct.
Options
- AThere is a nonconformity (NC). The information security incident training has failed. This is not
- BThere is a nonconformity (NC). The terminology of the the incident management reporting process
- CThere is an opportunity for improvement (OFI). The information security incident training
- DThere is an opportunity for improvement (OFI). The information security weaknesses, events, and
- EThere is no nonconformance. The information security handling training has been effective. This
- FThere is no nonconformance. The information security weaknesses, events, and incidents are
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.