LEAD-AUDITOR Exam Questions

Which two of the following phrases would apply to "plan" in relation to the Plan-Do-Check-Act cycle for a business process?

Which two of the following phrases are 'objectives' in relation to a first-party audit?

Which one of the following options describes the main purpose of a Stage 1 audit?

Objectives, criteria, and scope are critical features of a third-party ISMS audit. Which two issues are audit objectives?

Which two of the following are examples of audit methods that 'do not' involve human interaction?

Select two options that describe an advantage of using a checklist.

Which one of the following statements best describes the purpose of conducting a document review?

During a Stage 1 audit opening meeting, the Management System Representative (MSR) asks to extend the audit scope to include a new site overseas which they have expanded into since...

You have to carry out a third-party virtual audit. Which two of the following issues would you need to inform the auditee about before you start conducting the audit ?

You ask the IT Manager why the organisation still uses the mobile app while personal data encryption and pseudonymisation tests failed. Also, whether the Service Manager is authori...

You ask the IT Manager why the organisation still uses the mobile app while personal data encryption and pseudonymization tests failed. Also, whether the Service Manager is authori...

During a third-party certification audit, you are presented with a list of issues by an auditee. Which four of the following constitute 'internal' issues in the context of a manage...

You are an experienced ISMS audit team leader. During the conducting of a third-party surveillance audit, you decide to test your auditee's knowledge of ISO/IEC 27001's risk manage...

You are performing an ISMS audit at a residential nursing home called ABC that provides healthcare services. You find all nursing home residents wear an electronic wristband for mo...

You are an experienced ISMS audit team leader providing guidance to an ISMS auditor in training. They have been asked to carry out an assessment of external providers and have prep...

You are an experienced ISMS auditor conducting a third-party surveillance audit at an organisation which offers ICT reclamation services. ICT equipment which companies no longer re...

You are performing an ISMS audit at a residential nursing home railed ABC that provides healthcare services. The next step in your audit plan is to verify the effectiveness of the...

You are an ISMS audit team leader who has been assigned by your certification body to carry out a follow-up audit of a client. You are preparing your audit plan for this audit. Whi...

During a follow-up audit, you notice that a nonconformity identified for completion before the follow-up audit is still outstanding. Which four of the following actions should you...

You are performing an ISO 27001 ISMS surveillance audit at a residential nursing home, ABC Healthcare Services. ABC uses a healthcare mobile app designed and maintained by a suppli...

Which one of the following options is the definition of an interested party?

Which two of the following statements are true?

Which two of the following phrases would apply to 'check' in the Plan-Do-Check-Act cycle for a business process?

Which two of the following actions are the individual(s) managing the audit programme responsible for?

You are the person responsible for managing the audit programme and deciding the size and composition of the audit team for a specific audit. Select the two factors that should be...

Select two of the following options that are the responsibility of a legal technical expert on the audit team during a certification audit.

The audit team leader prepares the audit plan for an initial certification stage 2 audit to ISO/IEC 27001:2022. Which one of the following statements is true?

You are performing an ISMS audit at a residential nursing home (ABC) that provides healthcare services. The next step in your audit plan is to verify the information security of AB...

You are an experienced audit team leader guiding an auditor in training. Your team is currently conducting a third-party surveillance audit of an organisation that stores data on b...

You are an audit team leader conducting a third-party surveillance audit of a telecom services provider. You have assigned responsibility for auditing the organisation's informatio...

You are performing an ISMS audit at a residential nursing home called ABC that provides healthcare services. You find all nursing home residents wear an electronic wristband for mo...

You are performing an ISMS audit at a residential nursing home that provides healthcare services and are reviewing the Software Code Management (SCM) system. You found a total of 1...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify that the Statement of Applicability...

You are a certification body auditor, conducting a surveillance audit to ISO/IEC 27001:2022 of a data centre operated by a client who provides hosting services for ICT facilities....

You are an experienced ISMS audit team leader who is currently conducting a third party initial certification audit of a new client, using ISO/IEC 27001:2022 as your criteria. It i...

You are an experienced ISMS audit team leader providing guidance to an auditor in training. She asks you why it is important to have specific criteria relating to the grading of no...

You are an experienced ISMS audit team leader guiding an auditor in training. You decide to test her knowledge of follow-up audits by asking her a series of questions. Here are you...

You are an audit team leader who has just completed a third-party audit of a mobile telecommunication provider. You are preparing your audit report and are just about to complete a...

You are the audit team leader conducting a third-party audit of an online insurance company. During Stage 1, you found that the organization took a very cautious risk approach and...

You are performing an ISO 27001 ISMS surveillance audit at a residential nursing home, ABC Healthcare Services. ABC uses a healthcare mobile app designed and maintained by a suppli...

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospit...

What is meant by the term 'Corrective Action'? Select one

Which two of the following options do not participate in a first-party audit?

Which two of the following phrases would apply to "act" in relation to the Plan-Do-Check-Act cycle for a business process?

During an audit, the audit team leader reached timely conclusions based on logical reasoning and analysis. What professional behaviour was displayed by the audit team leader?

Audit methods can be either with or without interaction with individuals representing the auditee. Which two of the following methods are with interaction?

Which two of the following options are an advantage of using a sampling plan for the audit?

You are an experienced ISMS audit team leader conducting a third-party surveillance visit. You notice that although the auditee is claiming conformity with ISO/IEC 27001:2022 they...

You are an experienced audit team leader guiding an auditor in training. Your team is currently conducting a third-party surveillance audit of an organisation that stores data on b...

You are an experienced audit team leader conducting a third-party surveillance audit of an organisation that designs websites for its clients. You are currently reviewing the organ...