ISMS Short Quiz - Clause 9 - 10

Assessing employee punctuality and attendance

Evaluating the speed of computer networks

Monitoring the effectiveness of cybersecurity measures

Reviewing the quality of office furniture

Ensuring compliance with external regulations and industry standards

Identifying areas for improvement and enhancing operational efficiency

Conducting background checks on potential employees

Reviewing customer feedback and satisfaction

Setting rigid standards

Halting any changes

Process for continuously enhancing system performance

Ignoring customer feedback

Ceasing new product development

Blame others

Identify, record, and address nonconformities

Reduce transparency

Turn a blind eye to failures

Ignore and continue business as usual

Blaming individuals

Ignoring issues

Actions to eliminate the causes of nonconformities

Turning a blind eye to emerging problems

Conducting external audits

Secure Software Development Language and Coding

Systematic Software Deployment and Licensing Control

Secure Software Development Life Cycle

Structured Software Design and Lifecycle Control

Secure System Deployment and Lifecycle Management

To limit access to only a few individuals

To complicate the login process for users

To manage and control user access to resources effectively

To allow unrestricted access to all users

To ignore user identities and access rights

It doesn't relate, as it's a separate concept

Employees should have maximum privileges to access all information

Employees should have the least amount of privilege necessary to perform their job duties

Only senior management should have access to any information

Employees should have unrestricted access to all information

Software updates and patches

Strong encryption methods

Unauthorized access, malware, and phishing attacks

Regular security audits and assessments

Physical security measures

To prevent identity theft

To ensure compliance with privacy regulations

To increase network speed

To encourage data sharing

To make information freely accessible to everyone