Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

You are performing an ISMS audit at a residential nursing home that provides healthcare services.

  1. Home
  2. PECB
  3. ISO 27001
  4. ISO-IEC-27001-Lead-Auditor
  5. ISO-IEC-27001-Lead-Auditor Questions
  6. PECB Certified ISO/IEC 27001 2022 Lead Auditor exam Practice Questions

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident management process. The IT Security Manager presents the information security incident management procedure and explains that the process is based on ISO/IEC 27035-1:2016.

You review the document and notice a statement "any information security weakness, event, and incident should be reported to the Point of Contact (PoC) within 1 hour after identification". When interviewing staff, you found that there were differences in the understanding of the meaning of "weakness, event, and incident".

You sample incident report records from the event tracking system for the last 6 months with summarized results in the following table.

You would like to further investigate other areas to collect more audit evidence. Select two options that will not be in your audit trail.

A.

Collect more evidence on how and when the Human Resources manager pays the ransom fee to unlock personal mobile data, i.e., credit card, and bank transfer. (Relevant to control A.5.26)

B.

Collect more evidence on what the service requirements of healthcare monitoring are. (Relevant to clause 4.2)

C.

Collect more evidence on how the organization determined no further action was needed after the incident. (Relevant to control A.5.26)

D.

Collect more evidence on how the organisation determined the incident recovery time. (Relevant to control A.5.27)

E.

Collect more evidence on the incident recovery procedures. (Relevant to control A.5.26)

F.

Collect more evidence by interviewing more staff about their understanding of the reporting process. (Relevant to control A.6.8)

G.

Collect more evidence on how and when the company pays the ransom fee to unlock the company's mobile phone and data, i.e., credit card, and bank transfer. (Relevant to control A.5.26)

PECB ISO-IEC-27001-Lead-Auditor View All Questions

PECB ISO-IEC-27001-Lead-Auditor Summary

  • Vendor: PECB
  • Product: ISO-IEC-27001-Lead-Auditor
  • Update on: Jul 30, 2025
  • Questions: 368
Price: $52.5  $149.99
Buy Now ISO-IEC-27001-Lead-Auditor PDF + Testing Engine Pack
Next
You are performing an ISMS audit at a residential nursing home that provides healthcare services...
Scenario 2: Knight is an electronics company from Northern California, US that develops video game...
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 02 Aug 2025