PECB
LEAD-AUDITOR · Question #148
LEAD-AUDITOR Question #148: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #148. The question stem and answer options stay visible for context.
Question
You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security of the business continuity management process. During the audit, you learned that the organisation activated one of the business continuity plans (BCPs) to make sure the nursing service continued during the recent pandemic. You ask the Service Manager to explain how the organization manages information security during the business continuity management process. The Service Manager presented the nursing service continuity plan for a pandemic and summarised the process as follows: Stop the admission of any NEW residents. 70% of administration staff and 30% of medical staff will work from home. Regular staff self-testing, including submitting a negative test report 1 day BEFORE they come to the office. Install ABC's healthcare mobile app, tracking their footprint and presenting a GREEN Health Status QR- Code for checking on the spot. You ask the Service Manager how to prevent non-relevant family members or interested parties from accessing residents' personal data when staff work from home. The Service Manager cannot answer and suggests the IT Security Manager should help with that. You would like to further investigate other areas to collect more audit evidence. Select three options that will not be in your audit trail.
Options
- ACollect more evidence on how information security protocols are maintained during disruption
- BCollect more evidence that staff only use IT equipment protected from malware when working from
- CCollect more evidence by interviewing additional staff to ensure they are aware of the need to
- DCollect more evidence on how and when the Business Continuity Plan has been tested. (Relevant
- ECollect more evidence on how the organisation makes sure all staff periodically conduct a positive
- FCollect more evidence on how the organisation manages information security on mobile devices
- GCollect more evidence on how the organisation performs a business risk assessment to evaluate
- HCollect more evidence on what resources the organisation provides to support the staff working
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.