1. Home
  2. Discussions
  3. PECB
  4. ISO 27001
  5. ISO-IEC-27001-Lead-Auditor Discussions
  6. ISO-IEC-27001-Lead-Auditor Exam Topic 6 Question 56 Discussion

PECB Certified ISO/IEC 27001 2022 Lead Auditor exam ISO-IEC-27001-Lead-Auditor Question # 56 Topic 6 Discussion

 PECB Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

PECB Certified ISO/IEC 27001 2022 Lead Auditor exam ISO-IEC-27001-Lead-Auditor Question # 56 Topic 6 Discussion

ISO-IEC-27001-Lead-Auditor Exam Topic 6 Question 56 Discussion:
Question #: 56
Topic #: 6

You are carrying out your first third-party ISMS surveillance audit as an audit team leader. You are presently in the auditee's data centre with another member of your audit team and the organisation's guide.

You request access to a locked room protected by a combination lock and iris scanner. In the corner of the room is a collection of hard drives piled on a desk. You ask the guide what the status of

the drives is. He tells you the drives are redundant and awaiting disposal. They should have been picked up last week, but the organisation's external provider of secure destruction services was

unable to source a driver due to staff sickness. He says this has recently become more common though he does not know why. He then presents you with a job ticket that confirms the pickup has

been rescheduled for tomorrow.

Based on the scenario above which three of the following actions would you now take?
A.

Record a nonconformity against control A.5.13 'labelling of information' as the disk drives' status was unclear

B.

Raise a nonconformity against control A.7.7, 'clear desk and clear screen' because the drives have been left unprotected on the desktop.

C.

Record an opportunity for improvement in respect of the external provider's inventory management arrangements.

D.

Ensure that the organisation's arrangements for the secure disposal and reuse of equipment have been adhered to.

E.

Record the finding but note no further action is required as the pickup has now been rescheduled.

F.

Raise a nonconformity against control A.7.5, 'protecting against physical and environmental threats' because the drives have been left exposed on the desktop.

G.

Ensure that the organisation's arrangements for the life cycle management of storage media have been adhered to.

Get Premium ISO-IEC-27001-Lead-Auditor Questions
Actual exam question for PECB ISO-IEC-27001-Lead-Auditor exam by Draven44463 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next