Exam ISO-IEC-27001-Lead-Auditor Topic 4 Question 265 Discussion
Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 265
Topic #: 4
Question #: 265
Topic #: 4
You are an experienced ISMS audit team leader who is currently conducting a third party initial certification audit of a new client, using ISO/IEC 27001:2022 as your criteria.
It is the afternoon of the second day of a 2-day audit, and you are just about to start writing your audit report. So far no nonconformities have been identified and you and your team have been impressed with both the site and the organisation's ISMS.
At this point, a member of your team approaches you and tells you that she has been unable to complete her assessment of leadership and commitment as she has spent too long reviewing the planning of changes.
Which one of the following actions will you take in response to this information?
It is the afternoon of the second day of a 2-day audit, and you are just about to start writing your audit report. So far no nonconformities have been identified and you and your team have been impressed with both the site and the organisation's ISMS.
At this point, a member of your team approaches you and tells you that she has been unable to complete her assessment of leadership and commitment as she has spent too long reviewing the planning of changes.
Which one of the following actions will you take in response to this information?
Suggested Answer: C Vote an answer
Review the audit plan and client availabilities to determine whether there is any opportunity for another member of your team to pick up this task before the closing meeting.
Explanation:
Leadership and commitment is a key requirement of ISO/IEC 27001:2022, as it establishes the top management's role and responsibility in establishing, implementing, maintaining, and continually improving the ISMS. Without assessing this aspect, the audit team cannot conclude that the ISMS is effective and conforms to the standard. Therefore, the audit team leader should advise the auditee and audit client that it is not possible to make a positive recommendation at this point, and explain the reason and the implications. The audit team leader should also consult with the certification body and the audit programme manager on the next steps, such as extending the audit duration, conducting a follow-up audit, or issuing a conditional certification, depending on the certification body's policy and the audit client's agreement. Reference: = ISO/IEC 27001:2022, clause 5, Leadership PECB Candidate Handbook ISO 27001 Lead Auditor, page 19, Audit Process PECB Candidate Handbook ISO 27001 Lead Auditor, page 22, Audit Report PECB Candidate Handbook ISO 27001 Lead Auditor, page 23, Audit Conclusion and Recommendation
Explanation:
Leadership and commitment is a key requirement of ISO/IEC 27001:2022, as it establishes the top management's role and responsibility in establishing, implementing, maintaining, and continually improving the ISMS. Without assessing this aspect, the audit team cannot conclude that the ISMS is effective and conforms to the standard. Therefore, the audit team leader should advise the auditee and audit client that it is not possible to make a positive recommendation at this point, and explain the reason and the implications. The audit team leader should also consult with the certification body and the audit programme manager on the next steps, such as extending the audit duration, conducting a follow-up audit, or issuing a conditional certification, depending on the certification body's policy and the audit client's agreement. Reference: = ISO/IEC 27001:2022, clause 5, Leadership PECB Candidate Handbook ISO 27001 Lead Auditor, page 19, Audit Process PECB Candidate Handbook ISO 27001 Lead Auditor, page 22, Audit Report PECB Candidate Handbook ISO 27001 Lead Auditor, page 23, Audit Conclusion and Recommendation
by Stanford at Jan 18, 2026, 03:05 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).