1. Home
  2. Discussions
  3. PECB
  4. ISO 27001
  5. ISO-IEC-27001-Lead-Auditor Discussions
  6. ISO-IEC-27001-Lead-Auditor Exam Topic 7 Question 60 Discussion

PECB Certified ISO/IEC 27001 2022 Lead Auditor exam ISO-IEC-27001-Lead-Auditor Question # 60 Topic 7 Discussion

 PECB Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

PECB Certified ISO/IEC 27001 2022 Lead Auditor exam ISO-IEC-27001-Lead-Auditor Question # 60 Topic 7 Discussion

ISO-IEC-27001-Lead-Auditor Exam Topic 7 Question 60 Discussion:
Question #: 60
Topic #: 7

You are carrying out your first third-party ISMS surveillance audit as an audit team leader. You are presently in the auditee's data centre with another member of your audit team and the organisation's guide.

You request access to a locked room protected by a combination lock and iris scanner. The room contains several rows of uninterruptable power supplies along with several data cabinets containing client-supplied

equipment, predominantly servers, and switches.

You note that there is a gas-based fire extinguishing system in place. A label indicates that the system requires testing every 6 months however the most recent test recorded on the label was carried out by the

manufacturer 12 months ago.

Based on the scenario above which two of the following actions would you now take?
A.

Determine if requirements for recording fire extinguisher checks have been revised within the last year. If so, suggest these are referenced on the existing labels as an opportunity for improvement

B.

Make a note to ask the site maintenance manager for evidence that a fire extinguishing system test was carried out 6 months ago

C.

Providing water-based extinguishers are accessible in the room, take no further action as these provide an alternative means to put out a fire

D.

Raise a nonconformity against control A.5.7 'threat intelligence' as the organisation has not identified the need to take action against the threat of fire

E.

Raise a nonconformity against control A.7.11 'supporting utilities' as information processing facilities are not adequately protected against possible disruption

F.

Require the guide to initiate the organisation's information security incident process

Get Premium ISO-IEC-27001-Lead-Auditor Questions
Actual exam question for PECB ISO-IEC-27001-Lead-Auditor exam by Echo3 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next