Month End Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

Scenario 6Sinvestment is an insurance provider that offers a wide range of coverage options, including...

  1. Home
  2. PECB
  3. ISO 27001
  4. ISO-IEC-27001-Lead-Auditor
  5. ISO-IEC-27001-Lead-Auditor Questions
  6. PECB Certified ISO/IEC 27001 2022 Lead Auditor exam Practice Questions

Scenario 6

Sinvestment is an insurance provider that offers a wide range of coverage options, including home, commercial, and life insurance. Originally established in North California, the company has expanded its operations to other locations, including Europe and Africa. In addition to its growth, Sinvestment is committed to complying with laws and regulations applicable to its industry and preventing any information security incident. They have implemented an information security management system (ISMS) based on ISO/IEC 27001 and have applied for certification.

A team of auditors was assigned by the certification body to conduct the audit. After signing a confidentiality agreement with Sinvestment, they started the audit activities. For the activities of the stage 1 audit, it was decided that they would be performed on site, except the review of documented information, which took place remotely, as requested by Sinvestment.

The audit team started the stage 1 audit by reviewing the documentation required, including the declaration of the ISMS scope, information security policies, and internal audit reports. The evaluation of the documented information was based on the content and procedure for managing the documented information.

In addition, the auditors found out that the documentation related to information security training and awareness programs was incomplete and lacked essential details. When asked, Sinvestment’s top management stated that the company has provided information security training sessions to all employees.

The stage 2 audit was conducted three weeks after the stage 1 audit. The audit team observed that the marketing department (not included in the audit scope) had no procedures to control employees’ access rights. Since controlling employees' access rights is one of the ISO/IEC 27001 requirements and was included in the company's information security policy, the issue was included in the audit report.

Question

Was Sinvestment’s request for reviewing documented information remotely acceptable?

A.

Yes, documented information can be reviewed remotely.

B.

No, as it can lead to a breach of confidentiality.

C.

No, as the combination of different locations can negatively impact the audit efficiency.

PECB ISO-IEC-27001-Lead-Auditor View All Questions

PECB ISO-IEC-27001-Lead-Auditor Summary

  • Vendor: PECB
  • Product: ISO-IEC-27001-Lead-Auditor
  • Update on: Feb 1, 2026
  • Questions: 418
Price: $52.5  $149.99
Buy Now ISO-IEC-27001-Lead-Auditor PDF + Testing Engine Pack
Next
Scenario 7: Webvue.
QuestionWhich of the following options best describes the velocity of big data?
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2026 examsvce.com. All Rights Reserved
mcafee secure

TESTED 01 Feb 2026