Question 1

During a third-party certification audit you are presented with a list of issues by an auditee. Which four of the following constitute 'external' issues in the context of a management system to ISO/IEC 27001:2022?

Options :

A : A rise in interest rates in response to high inflation

B : A reduction in grants as a result of a change in government policy

C : Poor levels of staff competence as a result of cuts in training expenditure

D : Increased absenteeism as a result of poor management

E : Higher labour costs as a result of an aging population

F : Inability to source raw materials due to government sanctions

G : Poor morale as a result of staff holidays being reduced

H : A fall in productivity linked to outdated production equipment

Answer: A,B,E,F

Question 2

During a follow-up audit, you notice that a nonconformity identified for completion before the follow-up audit

is still outstanding.

Which four of the following actions should you take?

Options :

A :

Report the failure to address the corrective action for the outstanding nonconformity to the organisation-s top management

B : Immediately raise an nonconformity as the date for completion has been exceeded

C :

If the delay is justified agree on a revised date for clearing the nonconformity with the auditee/audit client

D : Contact the individuals) managing the audit programme to seek their advice as to how to proceed

E : Decide whether the delay in addressing the nonconformity is justified

F :

Cancel the follow-up audit and return when an assurance has been received that the nonconformity has been cleared

G : Note the nonconformity is still outstanding and follow audit trails to determine why

H : If the delay is unjustified advise the auditee /audit client and agree on remedial action

Answer: A,C,E,G

Question 3

Which two of the following phrases would apply to "act" in relation to the Plan-Do-Check-Act cycle for a business process?

Options :

A : Auditing processes

B : Planning changes

C : Measuring objectives

D : Resetting objectives

E : Achieving improvements

F : Verifying training

Answer: D,E

Question 4

PayBell, a finance corporation, is using an accounting software to track financial transactions. The software can be accessed from anywhere with an internet connection. It also enables PayBell's employees to easily collaborate with each other to ensure accurate financial reporting. What type of services is PayBell using?

Options :

A : Machine learning

B : Cloud computing

C : Artificial intelligence

Answer: B

Question 5

What would be the reference for you to know who should have access to data/document?

Options :

A : Data Classification Label

B : Access Control List (ACL)

C : Masterlist of Project Records (MLPR)

D : Information Rights Management (IRM)

Answer: B

Higher Test Marks with Free Online ISO-IEC-27001-Lead-Auditor Exam Practice

Buying Options: