After completing Stage 1 and in preparation for a Stage 2 initial certification audit, the auditee informs the audit team leader that they wish to extend the audit scope to include two additional sites that have recently been acquired by the organisation.
Considering this information, what action would you expect the audit team leader to take?

• A.Increase the length of the Stage 2 audit to include the extra sites
• B.Obtain information about the additional sites to inform the certification body
• C.Arrange to complete a remote Stage 1 audit of the two sites using a video conferencing platform
• D.Inform the auditee that the request can be accepted but a full Stage 1 audit must be repeated

Comment: *

Name: *

Email: *

Verification: *

A key audit process is the way auditors gather information and determine the findings' characteristics. Put the actions listed in the correct order to complete this process. The last one has been done for you.

Correct Answer:

Explanation:
Determine source of information
Collect by means of appropriate sampling
Reviewing
Audit evidence
Evaluating against audit criteria
Audit findings
Audit conclusions
The reviewing step involves checking the accuracy, completeness, and relevance of the collected information.
The audit evidence step involves documenting the information in a verifiable and traceable manner. The evaluating against audit criteria step involves comparing the audit evidence with the requirements of the ISO
27001 standard and the organization's own policies and objectives. The audit findings step involves identifying any nonconformities, weaknesses, or opportunities for improvement in the ISMS. The audit conclusions step involves summarizing the audit results and providing recommendations for corrective actions or enhancements.

Comment: *

Name: *

Email: *

Verification: *

How does predictive analytics help auditors in identifying potential risks?

• A.By providing real-time analysis of financial data
• B.By predicting future outcomes based on trends
• C.By organizing data from various sources

Comment: *

Name: *

Email: *

Verification: *

After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated?

• A.Between incident and damage
• B.Between detection and classification
• C.Between recovery and normal operations
• D.Between classification and escalation

Comment: *

Name: *

Email: *

Verification: *

Which one of the following options best describes the main purpose of a Stage 2 third-party audit?

• A.To determine readiness for certification
• B.To check for legal compliance by the organisation
• C.To identify nonconformances against a standard
• D.To get to know the organisation's management system

Comment: *

Name: *

Email: *

Verification: *