Exam ISO-IEC-27001-Lead-Auditor Topic 2 Question 34 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 34
Topic #: 2
The scope of an organization certified against ISO/IEC 27001 states that they provide editing and web hosting services. However, due to some changes in the organization, the technical support related to the web hosting services has been outsourced. Should a change in the scope be initiated in this case?

Suggested Answer: A Vote an answer

Yes, a change in the scope should be initiated because outsourcing a significant part of the service, such as technical support related to web hosting, could impact the risk landscape and the controls needed to manage those risks. This change affects the external environment and how the ISMS operates, necessitating a scope review and possible adjustment.
References: ISO/IEC 27001:2013, Clause 4.3 (Determining the scope of the information security management system)

by Grover at Sep 10, 2025, 02:00 PM

Limited Time Offer

15%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10