The answer to Question 298 is identical to Question 297, as both questions ask the same thing based on Scenario 3. The correct and verified answer remains Option C.
ISO/IEC 27001:2022 requires that organizations plan, resource, and structure their ISMS activities before implementing Annex A controls. The scenario demonstrates full alignment with this requirement through:
Planned implementation phases
Defined objectives
Cost–benefit analysis
Resource allocation
Competence assurance
Documented implementation activities
These actions collectively satisfy Clauses 6 and 7 of ISO/IEC 27001:2022 and demonstrate adequate preparation.
Therefore, Option C is correct and fully verified.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit