PECB
LEAD-AUDITOR · Question #89
LEAD-AUDITOR Question #89: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #89. The question stem and answer options stay visible for context.
Question
You are the audit team leader conducting a third-party audit of an online insurance company. During Stage 1, you found that the organization took a very cautious risk approach and included all the information security controls in ISO/IEC 27001:2022 Appendix A in their Statement of Applicability. During the Stage 2 audit, your audit team found that there was no evidence of a risk treatment plan for the implementation of the three controls (5.3 Segregation of duties, 6.1 Screening, 7.12 Cabling security). You raise a nonconformity against clause 6.1.3.e of ISO 27001:2022. At the closing meeting, the Technical Director issues an extract from an amended Statement of Applicability (as shown) and asks for the nonconformity to be withdrawn. Select three options of the correct responses of an audit team leader to the request of the Technical Director.
Exhibit
Options
- AAdvise management that the information provided will be reviewed when the auditors have more
- BAdvise the Technical Director that his request will be included in the audit report.
- CAdvise the Technical Director that once a nonconformity is raised it cannot be withdrawn.
- DAdvise the Technical Director that the nonconformity must stand since the evidence obtained for it
- EAsk the auditor who raised the issue for their opinion on how you should respond to the request.
- FInform the Technical Director that the nonconformity will be changed to an Opportunity for
- GReview the documentation produced and withdraw the nonconformity.
- HState that a follow up audit will be necessary to review the evidence for the updated Statement of
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.