How is audit evidence evaluated?

By comparing it against the audit criteria

How often should audit team meetings be held?

A meeting held in the morning and another at the end of the day

A meeting per day held in the morning

A meeting per day held in the evening

What is the role of an observer?

To help the auditor with the audit procedures

What should an auditor do to evaluate the top management’s commitment to the information security management system?

Interview the auditee’s top management

Demonstrate commitment to audit procedures

Ask all of the auditee’s employees for their opinion

Which of the options below is NOT necessary to have in mind when conducting effective interviews?

Using complex and abstract terminology

Ensuring the interviewee does not leave out important information

An auditor takes notes of the serial numbers of the audited equipment and the locations where certain processes take place. Why would an auditor take such actions?

To keep notes for similar future cases

To keep track in case they forget something

Which of the following is considered as audit evidence when verifying conformity to clause 5.1 Leadership and commitment of ISO/IEC 27001?

The scope of the organization’s certification

1. The risk management process involves the systematic application of policies, procedures and practices to the activities of communication and consultation, setting the context and assessment, treatment, monitoring, review, recording and reporting of risk. What does an ISMS contribute to the organization through the risk management process?

B. Determine appropriate controls to achieve acceptable levels of risk.

A. Determine the probability of a certain risk occurring.

D. Establish the threats to which IT resources are exposed

C. Determine the damage caused by possible security-related incidents.

What is Information Security Risk Analysis? Select the best answer.

D. It is the process that includes the possible consequences that certain situations may bring with them and the probability that these will occur with the objective of measuring the level of risk.

A. The process for determining only the controls required to avoid compromising an information asset.

C. Establishes the environmental safety risk of an organization.

B. It is the process to eliminate the risks of an information asset.

Day#3 Lead Auditor

1st Grade

•

20 Qs

Similar activities

MIDTERM EXAM (ISOM)

University

•

28 Qs

Sprawdzian - UNESCO Polska

9th - 12th Grade

•

28 Qs

pracownia 3.1-3.4

2nd Grade

•

28 Qs

TES PPDB SMK YAPERJASA

10th Grade

•

30 Qs

RICA Domain 2- Competency 5

KG - University

•

30 Qs

Antecedentes de Ingenería de métodos

10th Grade - University

•

27 Qs

NPCP 2 defination 3

1st Grade

•

27 Qs

Introduction to Media and Information Literacy 2nd Class

12th Grade

•

30 Qs

Day#3 Lead Auditor

Quiz

•

Professional Development

•

1st Grade

•

Practice Problem

•

Medium

sudiyuwono wowo

Used 8+ times

FREE Resource

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the main objective of stage 2 audit?

To review the internal audit activities

To evaluate the implementation of the ISMS

To verify the information security objectives of the ISMS

Answer explanation

The purpose of stage 2 audit is to evaluate the implementation and effectiveness of the management system

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a step in audit planning?

Conducting risk assessment

Determining the audit criteria

Preparing the audit test plans

Answer explanation

The audit planning steps include: learning about the auditee’s mission, objectives, and processes, defining the audit objectives and audit scope, conducting a risk assessment, and developing the audit strategy

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How does the audit team select processes and systems to be tested?

Based on the technical experts’ advice

Based on audit procedures

Based on materiality

Answer explanation

Since not all of the elements of a management system can be validated, the processes and systems to be tested are selected based on their materiality.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

During the audit, documented information involving proprietary information was protected at all times. Which principle of maintaining audit work documents has been followed?

Confidentiality

Authorship

Conciseness

Answer explanation

All work documents during the audit that may contain confidential information of the auditee should be suitably safeguarded to preserve their confidentiality

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

What is the main purpose of the opening meeting in an audit?

To obtain detailed information about management system-related processes

To verify audit evidence and obtain a reasonable level of assurance

To ensure that planned audit activities can be performed

Answer explanation

The purpose of the opening meeting is to ensure that all planned audit activities can be performed

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The opening meeting agenda can include information on:

The availability of the resources

The examination of documented information

The creation of audit test plans

Answer explanation

The opening meeting agenda includes an introduction of the audit team members, audit methods and procedures to be followed, and information on the availability of resources

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The auditor has accessed logs to the server room. What source of information was collected?

Documents

Observations

Records

Answer explanation

Records that auditors can collect include access logs to the server room, visitor logs, and information security event logs

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

35 questions

Chapter 2 - Communicating in the Workplace

Quiz

•

9th - 12th Grade

35 questions

Etika rekayasa

Quiz

•

University

30 questions

Latihan_MR1_#2

Quiz

•

1st Grade

27 questions

Employment Progress Test Unit 8 Level 1

Quiz

•

University - Professi...

27 questions

Student Self-Reflection on Workforce Readiness

Quiz

•

12th Grade

30 questions

Broadcast Engineering 1

Quiz

•

University

27 questions

Leapstart Policies Quiz

Quiz

•

12th Grade - University

28 questions

Mälumäng 03062021

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Professional Development

20 questions

Telling Time to the Hour and Half hour

Quiz

•

1st Grade

10 questions

Life Cycle of a Frog

Quiz

•

1st - 2nd Grade

10 questions

Exploring Rosa Parks and Black History Month

Interactive video

•

1st - 5th Grade

20 questions

Place Value

Quiz

•

KG - 3rd Grade

10 questions

100th Day of School 1st/2nd

Quiz

•

1st - 2nd Grade

15 questions

Reading Comprehension

Quiz

•

1st - 5th Grade

10 questions

Identifying Physical and Chemical Changes

Interactive video

•

1st - 5th Grade

10 questions

Exploring the American Revolution

Interactive video

•

1st - 5th Grade

Day#3 Lead Auditor

20 questions

What is the main objective of stage 2 audit?

The purpose of stage 2 audit is to evaluate the implementation and effectiveness of the management system

Which of the following is a step in audit planning?

The audit planning steps include: learning about the auditee’s mission, objectives, and processes, defining the audit objectives and audit scope, conducting a risk assessment, and developing the audit strategy

How does the audit team select processes and systems to be tested?

Since not all of the elements of a management system can be validated, the processes and systems to be tested are selected based on their materiality.

During the audit, documented information involving proprietary information was protected at all times. Which principle of maintaining audit work documents has been followed?

All work documents during the audit that may contain confidential information of the auditee should be suitably safeguarded to preserve their confidentiality

What is the main purpose of the opening meeting in an audit?

The purpose of the opening meeting is to ensure that all planned audit activities can be performed

The opening meeting agenda can include information on:

The opening meeting agenda includes an introduction of the audit team members, audit methods and procedures to be followed, and information on the availability of resources

The auditor has accessed logs to the server room. What source of information was collected?

Records that auditors can collect include access logs to the server room, visitor logs, and information security event logs

How is audit evidence evaluated?

Audit evidence is evaluated against the audit criteria in order to obtain audit findings

How often should audit team meetings be held?

The best practice is to schedule a meeting in the morning and another at the end of the day to review the progress of the audit and the issues faced by auditors.

What is the role of an observer?

An observer is an individual who accompanies the audit team, provided that they received prior approval from the audit team leader.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development