Exam ISO-IEC-27001-Lead-Auditor Topic 3 Question 253 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 253
Topic #: 3
Which two of the following statements are true?

Suggested Answer: A,C Vote an answer

The benefits of implementing an ISMS are not limited to a reduction in information security risks, but also include improved business performance, customer satisfaction, legal compliance, and stakeholder confidence.
The benefit of certifying an ISMS is not only to obtain contracts from governmental institutions, but also to demonstrate the organisation's commitment to information security to other potential customers, partners, and regulators. The purpose of an ISMS is to apply a risk management process for preserving information security, which means identifying, analysing, evaluating, treating, monitoring, and reviewing the information security risks that the organisation faces. The purpose of an ISMS is not to demonstrate compliance with regulatory requirements, but rather to ensure that the organisation meets its own information security objectives and obligations.
References:
* ISO/IEC 27001:2022 Lead Auditor (Information Security Management Systems) objectives and content from Quality.org and PECB
* ISO/IEC 27001:2013 Information technology - Security techniques - Information security
* management systems - Requirements [Section 0.1] and [Section 1]

by Ives at Dec 19, 2025, 06:38 AM

Limited Time Offer

15%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10