8. Regarding documented information, ISO 27001:2022 indicates it may include:

a) Documented information of external origin, determined by the organization as necessary for the planning and operation of the information security management system

b) Documented information required by the information security management system and by this international regulation

c) Documented information that the organization has determined is necessary for the effectiveness of the information security management system.

9. The audit plan refers to:

b) Description of the activities and arrangements for an audit.

a) A set of one or more audits planned for a specific period of time and directed toward a specific purpose

11. This is the best time to disclose the conditions under which the audit may be terminated

a) At the beginning of an individual audit.

c) During the definition of the audit scope.

12. ISO 17011:2018 states that auditors should have knowledge and skills such as:

a) Understand the types of risks and opportunities associated with the audit.

d) Taking too much time to write their notes correctly.

f) Empower in the audit to try to obtain as much evidence as possible.

e) Prioritize and focus on important issues.

15.Checklists used by auditors:

a) Ensure that nothing important is overlooked.

d) Help provide information on possible consequences of not adequately addressing audit finding

c) Help to provide continuity to the audit.

16. They are responsible for designating the members of the audit team, including the team leader and any technical experts required for the specific audit

b) The individual(s) managing the audit program.

d) The person in charge of the management.

20. Objective evidence:

a) Is data that supports the existence or truth of something.

b) Can be obtained through observation, measurement, testing or by other means.

c) It is an audit method to reach reliable conclusions.

21. The results of the audit:

a) Are the evaluation results of the audit evidence gathered against the audit criteria.

b) They are considered findings and can be classified as conformity or nonconformity

c) It is an audit method to reach reliable conclusions.

d) If the audit criteria are selected from legal requirements or regulatory requirements, the audit finding is referred to as compliance or noncompliance.

26. The “Statement of Applicability” must contain:

a) Controls necessary to reduce the level of risk.

b) The justification for the inclusion of the controls considered necessary.

30. Defining objectives, scope and criteria for each individual audit, Selecting audit methods, and Defining and implementing the necessary operational controls for the supervision of the audit program are part of the activities for:

a) Define the scope of the ISMS.

b) Correctly create the ISMS policy.

31. They are responsible for assigning responsibilities to the audit team:

b) The person responsible for the management system.

d) The person(s) managing the audit program.

32. They should ensure that the following activities are carried out as part of the management of the results of the audit program: 1. Evaluation of the achievement of the objectives for each audit within the audit program. 2. Review and approval of audit reports on compliance with the scope and objectives of the audit. 3. Reviewing the effectiveness of actions taken to address audit findings. 4. Distribution of audit reports to relevant stakeholders. 5. Determination of the need for any follow-up audits.

c) The person(s) managing the audit program.

b) Everyone in the organization.

33. The audit plan describes:

a) The activities and arrangements for each planned audit.

b) A planning over a given period of time of one or more audits.

c) Both are valid since there is a relation between the program and the audit plan.

34. The audit program describes:

b) A planning over a given period of time of one or more audits.

a) The activities and arrangements for each planned audit

c) Both are valid since there is a relation between the program and the audit plan.

36.During an audit the auditee provides little information and constantly rephrases the auditor's questions:

a) Considered difficult situations that the auditor must be able to handle.

b) Issues that the lead auditor must resolve.

c) Conditions for termination of the audit.

37. A finding indicates:

a) Conformity or nonconformity.

b) Compliance or noncompliance.

39. They select and determine the methods for conducting the audit depending on the defined audit objectives, scope and criteria.

d) The person(s) managing the audit program.

3. ISO 27001:2022 Lead Auditor

Professional Development

•

41 Qs

Similar activities

EV Quiz

Professional Development

•

40 Qs

Key trades: Plumber

Professional Development

•

40 Qs

Unité 7 - Lecon 5 - BILAN

Professional Development

•

38 Qs

Test đào tạo chuyên sâu sản phẩm

Professional Development

•

36 Qs

Quiz Hukum Acara Pidana

Professional Development

•

40 Qs

Unit 3&4 Review - Pre-IELTS (Block A)

Professional Development

•

44 Qs

小テスト (5) Bab 34-37.

Professional Development

•

40 Qs

BÀI 5. CÁC NGUYÊN TỐ HÓA HỌC VÀ NƯỚC

Professional Development

•

40 Qs

3. ISO 27001:2022 Lead Auditor

Quiz

•

others

•

Professional Development

•

Practice Problem

•

Medium

Yohana Gracia Naomi

Used 12+ times

FREE Resource

41 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

1. In which of its clauses ISO 27001:2022 asks to consider:

a. Stakeholders that are relevant to the information security management system

b. The requirements of these stakeholders that are relevant to information security.

c. Which of these requirements will be addressed through the Information Security Management System.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

2. ISO 27001:2022 states that when the organization determines the need for changes to the ISMS, the changes shall be carried out in a planned manner in its clause:

a) Clause 6.3

b) Clause 10.2

c) Clause 4.2

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

3. Annex A of ISO 27001:2022 defines 4 categories (organizational, people, physical and technological) to group the 93 information security controls.

True

False

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

4. Once the audit has been carried out, the auditor in charge of the audit must prepare the Audit Report.
This report establishes:
a. Audit objectives
b. Scope of the audit.
c. Auditees and the audit period.
d. Documentation of the contact person.
e. Documentation of the lead auditor and other auditors.
f. Dates and locations where the audit activities took place.
g. Audit criteria.
h. Audit statements.
i. Audit Conclusions

a) All are correct.

b) All except d and e.

c) Only i.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

5. The audit objectives define what is to be achieved with the individual audit.

a) True.

b) False.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

6. The Statement of Applicability (SoA) must contain:
a. The controls necessary to implement the chosen information security risk treatment option(s).
b. Justification of inclusions.
c. Whether or not the necessary controls are implemented.
d. Justification for exclusions from any of the controls in annex A.

a) All are correct.

b) All except b and c.

c) Only a.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

7. During the closing meeting the lead auditor should explain, for example, any related post-audit activities (e.g., implementation and review of corrective actions, handling of audit complaints, appeals process).

a) True.

b) False.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

40 questions

小テスト (6) Bab 34-37.

Quiz

•

Professional Development

43 questions

6035 Drainage outcome 2 part 2

Quiz

•

Professional Development

42 questions

Grapevine Fire Department Promotional Process Quiz

Quiz

•

Professional Development

Popular Resources on Wayground

10 questions

Honoring the Significance of Veterans Day

Interactive video

•

6th - 10th Grade

9 questions

FOREST Community of Caring

Lesson

•

1st - 5th Grade

10 questions

Exploring Veterans Day: Facts and Celebrations for Kids

Interactive video

•

6th - 10th Grade

19 questions

Veterans Day

Quiz

•

5th Grade

14 questions

General Technology Use Quiz

Quiz

•

8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

Circuits, Light Energy, and Forces

Quiz

•

5th Grade

19 questions

Thanksgiving Trivia

Quiz

•

6th Grade

Discover more resources for others

10 questions

Identifying Phishing Emails Quiz

Quiz

•

Professional Development

14 questions

2019 Logos

Quiz

•

Professional Development

10 questions

Thanksgiving Day Quiz - reading passage

Passage

•

Professional Development

20 questions

Prepositions of Place

Quiz

•

Professional Development

3. ISO 27001:2022 Lead Auditor

41 questions

1. In which of its clauses ISO 27001:2022 asks to consider:

2. ISO 27001:2022 states that when the organization determines the need for changes to the ISMS, the changes shall be carried out in a planned manner in its clause:

3. Annex A of ISO 27001:2022 defines 4 categories (organizational, people, physical and technological) to group the 93 information security controls.

5. The audit objectives define what is to be achieved with the individual audit.

7. During the closing meeting the lead auditor should explain, for example, any related post-audit activities (e.g., implementation and review of corrective actions, handling of audit complaints, appeals process).

8. Regarding documented information, ISO 27001:2022 indicates it may include:

9. The audit plan refers to:

10. ISO 19011:2018 determines nonconformities and improvement opportunities as noncompliance to requirements of the audited regulation.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for others