Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

ISO 27001 Internal Auditor Course Question

  Quote
Guest
Guest user Created:   Feb 21, 2023 Last commented:   Feb 21, 2023

ISO 27001 Internal Auditor Course Question

Wrt the Q/A listed below. I cannot see the relevance of the Question to the section being discussed Module 9 "Document Review"

Document review - quiz question

Not sure I follow the answer (2) to this question in context of Document Review

Q: When performing the document review you must take into account:
1. Only the context of the organization, including its size and complexity. – Incorrect! These are not the only elements that should be considered when performing the document review.
2. The risks and opportunities associated to the context of the organization. – Correct!
3. The clause order of the ISO standard, so you can follow the exact sequence during the document review. – Incorrect! It is not mandatory to follow the sequence of the clauses of an ISO standard, you must follow the sequence that you believe is the most efficient and effective.
4. All the above. – Incorrect! a) and c) are not correct statements.

Please explain

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 21, 2023

Please note that during document review the internal auditor must evaluate if documentation is compliant not only with the standard’s requirements but also with identified risks and opportunities, as well as relevant aspects of organizational context.

For example, in case there is a relevant risk related to documentation being tampered with, the auditor needs to evaluate how the organization considers this in developing and managing the documents.

Regarding the context of the organization, if the business involves regular remote interaction with customers and suppliers, this also needs to be evaluated regarding documents.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 21, 2023

Feb 21, 2023

Suggested Topics