Defining objectives, scope and criteria for each individual audit, selecting audit methods, and defining and implementing the necessary operational controls for the supervision of the audit program are part of the activities for:

Correctly create the ISMS policy.

They are responsible for assigning responsibilities to the audit team:

The person responsible for the management system.

The person(s) managing the audit program.

They should ensure that the following activities are carried out as part of the management of the results of the audit program: 1. Evaluation of the achievement of the objectives for each audit within the audit program. 2. Review and approval of audit reports on compliance with the scope and objectives of the audit. 3. Reviewing the effectiveness of actions taken to address audit findings. 4. Distribution of audit reports to relevant stakeholders. 5. Determination of the need for any follow-up audits.

The person(s) managing the audit program.

The audit plan describes:

The activities and arrangements for each planned audit.

A planning over a given period of time of one or more audits.

Both are valid since there is a relation between the program and the audit plan.

The audit program describes:

A planning over a given period of time of one or more audits.

The activities and arrangements for each planned audit

Both are valid since there is a relation between the program and the audit plan.

During an audit the auditee provides little information and constantly rephrases the auditor's questions:

Considered difficult situations that the auditor must be able to handle.

Issues that the lead auditor must resolve.

Conditions for termination of the audit.

They select and determine the methods for conducting the audit depending on the defined audit objectives, scope and criteria.

The person(s) managing the audit program.

Which of the statements below is in-correct?

Organizations cannot obtain certification against ISO/IEC 27001

Organizations can obtain certification against ISO/IEC 27005

Organizations can obtain certification against ISO/IEC 27001

Organizations cannot obtain certification against ISO/IEC 27002

Day#3 ISO 27001 Lead Auditor

Authored by sudiyuwono wowo

Professional Development

1st Grade

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

It establishes that the organization must implement the risk treatment
process:

Clause 6.1.2

Clause 6.1.3

Clause 8.3

B and C are valid

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

These are risk management strategies except:

Mitigate

Transfer

Assume

Retain

Control

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Type of strategy where the implementation of a control to reduce the level of
risk is defined:

Mitigate

Transfer

Assume

Retain

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The “Statement of Applicability” must contain:

Controls necessary to reduce the level of risk.

The justification for the inclusion of the controls considered necessary.

Whether or not the necessary controls are implemented.

Justification for exclusions from any of the controls in annex A.

All are valid

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

According to ISO 19011:2018 audit is defined as a systematic, independent,
documented process for obtaining evidence and evaluating it objectively, in
order to determine the extent to which the audit criteria are met.

True

False

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

ISO 19011:2018 establishes as methods for assessing auditors:

Observation

Examination

Interview

Telephone call

All except D

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

During the audit, professional behavior by the auditor is desired, e.g., the
auditor is expected to be open-minded, i.e., willing to consider alternative ideas
or points of view.

True

False

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

QUIZ PBO

Quiz

•

1st - 3rd Grade

16 questions

Career Decisions

Quiz

•

KG - University

20 questions

Emails

Quiz

•

1st Grade

15 questions

Smart Protection Plus

Quiz

•

1st Grade

15 questions

ADULT BEGINNER : INTRODUCTION

Quiz

•

1st Grade - Professio...

15 questions

O5A Level 3 Day 2

Quiz

•

1st - 3rd Grade

20 questions

MCU 003 Conversation

Quiz

•

1st Grade

15 questions

LEA 1 QUIZ

Quiz

•

1st Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Professional Development

15 questions

Guess the Food with Emojis

Quiz

•

1st Grade

Day#3 ISO 27001 Lead Auditor

It establishes that the organization must implement the risk treatmentprocess:

These are risk management strategies except:

Type of strategy where the implementation of a control to reduce the level ofrisk is defined:

The “Statement of Applicability” must contain:

According to ISO 19011:2018 audit is defined as a systematic, independent,documented process for obtaining evidence and evaluating it objectively, inorder to determine the extent to which the audit criteria are met.

ISO 19011:2018 establishes as methods for assessing auditors:

During the audit, professional behavior by the auditor is desired, e.g., theauditor is expected to be open-minded, i.e., willing to consider alternative ideasor points of view.

Defining objectives, scope and criteria for each individual audit, selecting auditmethods, and defining and implementing the necessary operational controlsfor the supervision of the audit program are part of the activities for:

They are responsible for assigning responsibilities to the audit team:

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development

It establishes that the organization must implement the risk treatment
process:

Type of strategy where the implementation of a control to reduce the level of
risk is defined:

According to ISO 19011:2018 audit is defined as a systematic, independent,
documented process for obtaining evidence and evaluating it objectively, in
order to determine the extent to which the audit criteria are met.

During the audit, professional behavior by the auditor is desired, e.g., the
auditor is expected to be open-minded, i.e., willing to consider alternative ideas
or points of view.

Defining objectives, scope and criteria for each individual audit, selecting audit
methods, and defining and implementing the necessary operational controls
for the supervision of the audit program are part of the activities for: