Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.

• A.MRO
• B.CSM
• C.COO
• D.CISO

Comment: *

Name: *

Email: *

Verification: *

What is we do in ACT - From PDCA cycle

• A.Take actions to continually monitor process performance
• B.Take actions to continually improve process performance
• C.Take actions to continually monitor process performance
• D.Take actions to continually improve people performance

Comment: *

Name: *

Email: *

Verification: *

You are an experienced ISMS audit team leader guiding an auditor in training. You are testing her understanding of follow-up audits by asking her a series of questions to which the answer is either "true* or 'false'. Which four of the following questions should the answer be true"'

• A.A follow-up audit may be carried out where nonconformities are major
• B.A follow-up audit may be carried out where nonconformities are minor
• C.The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified
• D.The outcome of a follow-up audit could lower a major nonconformity to minor status
• E.The outcome of a follow-up audit could be a recommendabon to suspend the client's certification
• F.The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client
• G.A follow-up audit is required in all instances where nonconformities have been identified
• H.A follow-up audit is required only in instances where a major nonconformity has been identified

Comment: *

Name: *

Email: *

Verification: *

In the context of a management system audit, please identify the sequence of a typical process of collecting and verifying information. The first one has been done for you.

Correct Answer:

Explanation:
A screenshot of a computer Description automatically generated

Identifying the source of information (already given)
Gathering audit evidence: This involves collecting information from various sources such as documents, records, interviews, and observations.
Sampling the available data: Due to the vast amount of information available, auditors typically use sampling techniques to select representative data for closer scrutiny.
Verifying objective evidence: This involves checking the accuracy, completeness, and reliability of the collected evidence.
Evaluating evidence against the audit criteria: Auditors compare the collected evidence to the established criteria (e.g., standards, policies, procedures) to assess compliance and effectiveness.
Recording audit findings: This involves documenting the results of the evaluation, including observations, conclusions, and recommendations.
Making audit conclusions: Based on the recorded findings, auditors formulate overall conclusions about the status of the management system.
Therefore, the correct sequence is:
1. Identifying the source of information 2. Gathering audit evidence 3. Sampling the available data 4.
Verifying objective evidence 5. Evaluating evidence against the audit criteria 6. Recording audit findings 7.
Making audit conclusions

Comment: *

Name: *

Email: *

Verification: *

A hacker gains access to a webserver and can view a file on the server containing credit card numbers.
Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?

• A.Availability
• B.Confidentiality
• C.Integrity
• D.Compliance

Comment: *

Name: *

Email: *

Verification: *