Examen
ISO 27001 LEAD AUDITOR -ADVISERA EXAM
- Grado
- Institución
ISO 27001 LEAD AUDITOR -ADVISERA EXAM...
[Mostrar más]Vista previa 2 fuera de 7 páginas
Vista previa 2 fuera de 7 páginas
Añadir al carrito
Añadir al carrito
Vendedor
Seguir
luzlinkuz
Comentarios recibidos
Vista previa del contenido
ISO 27001 LEAD AUDITOR -ADVISERAEXAM
Information Security and IT Security are the same thing - ANSWER False
An Information Security Management System is a systematic approach for
managing and protecting a company's information. - ANSWER True
The PDCA cycle is - ANSWER A method used for implementation and
maintenance of an Information Security Management System in organizations
The following roles are common in the ISMS implementation process -
ANSWER Project team
Top management
Project manager
Achieving compliance is one of the main benefits of implementing ISO 27001 -
ANSWER True
ISO 27001 requires the identification of interested parties significant for the
information security in your organization to be documented. - ANSWER False
In order to define the ISMS scope, the company shoulder consider: - ANSWER
1. Requirements of the interested parties
2. External and internal issues
3. Activities that are carried out by your organization and the activities
performed by other organizations, such as partners, associates, or an
outsourcing company; how those activities are related; and how they depend on
each other
When defining the information security objectives, the following aspects should
be taken into consideration: - ANSWER 1. Should be aligned with Information
Security policy
2. Should be measurable
3. Should be updated in order to reflect the current situation of the company and
its ISMS
, 4. Should be communicated to all interested parties
Regarding the resources, ISO 27001 requires companies to: - ANSWER 1.
identify the needed resources for the ISMS
2. ensure they are available for everyday operation
3. ensure they are available for continual improvement of the ISMS
Regarding competences, ISO 27001 requires the company to: - ANSWER 1.
Define necessary competences of employees related to information security
2. Make sure that employees have the appropriate training and experience
3. Keep documented evidence that the employees really have the required
competences
The risk management process consists of the following steps: - ANSWER 1.
Conduct risk assessment
2. Create statement of applicability
3. Define risk assessment methodology
4. Select risk treatment options
5. Create the risk treatment plan
According ISO 27001, the risk assessment must include the following elements:
- ANSWER 1. Risk evaluation
2. Risk identification
3. Risk analysis
Risk analysis includes assessment of the impact the risk can have on the
company and assessment of the likelihood that the identified risk can really
happen. The assessment scale for the impact and the likelihood must vary
between the values 1 and 10. - ANSWER False
After formulating a risk treatment plan, the Statement of Applicability must be
documented. - ANSWER False
The Statement of Applicability must include the following information: -
ANSWER 1. List of all the controls from Annex A and any additional controls
that might be identified in the risk treatment process
2. Information regarding whether the listed controls are implemented in the
organization
Los beneficios de comprar resúmenes en Stuvia estan en línea:
Garantiza la calidad de los comentarios
Compradores de Stuvia evaluaron más de 700.000 resúmenes. Así estas seguro que compras los mejores documentos!
Compra fácil y rápido
Puedes pagar rápidamente y en una vez con iDeal, tarjeta de crédito o con tu crédito de Stuvia. Sin tener que hacerte miembro.
Enfócate en lo más importante
Tus compañeros escriben los resúmenes. Por eso tienes la seguridad que tienes un resumen actual y confiable. Así llegas a la conclusión rapidamente!
Preguntas frecuentes
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
100% de satisfacción garantizada: ¿Cómo funciona?
Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller luzlinkuz. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for 11,24 €. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
45,681 summaries were sold in the last 30 days
Founded in 2010, the go-to place to buy summaries for 14 years now