Exam ISO-IEC-27001-Lead-Auditor Topic 3 Question 285 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 285
Topic #: 3
What is a reason for the classification of information?

Suggested Answer: B Vote an answer

The reason for the classification of information is to structure the information according to its sensitivity. Information classification is a process of assigning categories or labels to information based on its value, sensitivity, criticality and legal requirements. Information classification helps to determine the appropriate level of security controls and handling procedures for different types of information. Information classification also facilitates the communication of information security requirements and expectations among internal and external parties. ISO/IEC 27001:2022 requires the organization to classify information in terms of legal requirements, value, criticality and sensitivity to unauthorized disclosure or modification (see clause A.8.2.1). Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements, What is Data Classification?

by Justin at Sep 07, 2025, 02:12 AM

Limited Time Offer

15%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10