How is audit evidence evaluated?

By comparing it against the audit criteria

How often should audit team meetings be held?

A meeting held in the morning and another at the end of the day

A meeting per day held in the morning

A meeting per day held in the evening

What is the role of an observer?

To help the auditor with the audit procedures

What should an auditor do to evaluate the top management’s commitment to the information security management system?

Interview the auditee’s top management

Demonstrate commitment to audit procedures

Ask all of the auditee’s employees for their opinion

Which of the options below is NOT necessary to have in mind when conducting effective interviews?

Using complex and abstract terminology

Ensuring the interviewee does not leave out important information

An auditor takes notes of the serial numbers of the audited equipment and the locations where certain processes take place. Why would an auditor take such actions?

To keep notes for similar future cases

To keep track in case they forget something

Which of the following is considered as audit evidence when verifying conformity to clause 5.1 Leadership and commitment of ISO/IEC 27001?

The scope of the organization’s certification

1. The risk management process involves the systematic application of policies, procedures and practices to the activities of communication and consultation, setting the context and assessment, treatment, monitoring, review, recording and reporting of risk. What does an ISMS contribute to the organization through the risk management process?

B. Determine appropriate controls to achieve acceptable levels of risk.

A. Determine the probability of a certain risk occurring.

D. Establish the threats to which IT resources are exposed

C. Determine the damage caused by possible security-related incidents.

What is Information Security Risk Analysis? Select the best answer.

D. It is the process that includes the possible consequences that certain situations may bring with them and the probability that these will occur with the objective of measuring the level of risk.

A. The process for determining only the controls required to avoid compromising an information asset.

C. Establishes the environmental safety risk of an organization.

B. It is the process to eliminate the risks of an information asset.

Day#3 Lead Auditor

Quiz

•

Professional Development

•

1st Grade

•

Practice Problem

•

Medium

sudiyuwono wowo

Used 8+ times

FREE Resource

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the main objective of stage 2 audit?

To review the internal audit activities

To evaluate the implementation of the ISMS

To verify the information security objectives of the ISMS

Answer explanation

The purpose of stage 2 audit is to evaluate the implementation and effectiveness of the management system

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a step in audit planning?

Conducting risk assessment

Determining the audit criteria

Preparing the audit test plans

Answer explanation

The audit planning steps include: learning about the auditee’s mission, objectives, and processes, defining the audit objectives and audit scope, conducting a risk assessment, and developing the audit strategy

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How does the audit team select processes and systems to be tested?

Based on the technical experts’ advice

Based on audit procedures

Based on materiality

Answer explanation

Since not all of the elements of a management system can be validated, the processes and systems to be tested are selected based on their materiality.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

During the audit, documented information involving proprietary information was protected at all times. Which principle of maintaining audit work documents has been followed?

Confidentiality

Authorship

Conciseness

Answer explanation

All work documents during the audit that may contain confidential information of the auditee should be suitably safeguarded to preserve their confidentiality

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

What is the main purpose of the opening meeting in an audit?

To obtain detailed information about management system-related processes

To verify audit evidence and obtain a reasonable level of assurance

To ensure that planned audit activities can be performed

Answer explanation

The purpose of the opening meeting is to ensure that all planned audit activities can be performed

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The opening meeting agenda can include information on:

The availability of the resources

The examination of documented information

The creation of audit test plans

Answer explanation

The opening meeting agenda includes an introduction of the audit team members, audit methods and procedures to be followed, and information on the availability of resources

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The auditor has accessed logs to the server room. What source of information was collected?

Documents

Observations

Records

Answer explanation

Records that auditors can collect include access logs to the server room, visitor logs, and information security event logs

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

27 questions

fajardo 16 fire protection in building

Quiz

•

1st Grade

27 questions

ENGLISH PTS GENAP 8

Quiz

•

8th Grade

30 questions

MP IA1 Prep

Quiz

•

9th - 12th Grade

30 questions

PRODUK CAKE DAN KUE INDONESIA

Quiz

•

3rd Grade

27 questions

Oznakowanie

Quiz

•

1st - 5th Grade

30 questions

MS Word

Quiz

•

University

34 questions

Soal Cerita 34 Bakat

Quiz

•

1st - 10th Grade

27 questions

Hackers chapitre 2

Quiz

•

3rd Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

Discover more resources for Professional Development

15 questions

Using link

Quiz

•

1st - 5th Grade

Day#3 Lead Auditor

20 questions

What is the main objective of stage 2 audit?

The purpose of stage 2 audit is to evaluate the implementation and effectiveness of the management system

Which of the following is a step in audit planning?

The audit planning steps include: learning about the auditee’s mission, objectives, and processes, defining the audit objectives and audit scope, conducting a risk assessment, and developing the audit strategy

How does the audit team select processes and systems to be tested?

Since not all of the elements of a management system can be validated, the processes and systems to be tested are selected based on their materiality.

During the audit, documented information involving proprietary information was protected at all times. Which principle of maintaining audit work documents has been followed?

All work documents during the audit that may contain confidential information of the auditee should be suitably safeguarded to preserve their confidentiality

What is the main purpose of the opening meeting in an audit?

The purpose of the opening meeting is to ensure that all planned audit activities can be performed

The opening meeting agenda can include information on:

The opening meeting agenda includes an introduction of the audit team members, audit methods and procedures to be followed, and information on the availability of resources

The auditor has accessed logs to the server room. What source of information was collected?

Records that auditors can collect include access logs to the server room, visitor logs, and information security event logs

How is audit evidence evaluated?

Audit evidence is evaluated against the audit criteria in order to obtain audit findings

How often should audit team meetings be held?

The best practice is to schedule a meeting in the morning and another at the end of the day to review the progress of the audit and the issues faced by auditors.

What is the role of an observer?

An observer is an individual who accompanies the audit team, provided that they received prior approval from the audit team leader.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development