Which two of the following phrases would apply to "audit objectives"?
A.
Audit duration
B.
Determining conformity
C.
Checking legal compliance
D.
Auditor competence
E.
Revising management policy
F.
Identifying opportunities for improvement, if required
The Answer Is:
B, F
This question includes an explanation.
Explanation:
The audit objectives are the purpose and scope of an audit, as defined by the audit client and the auditor. According to the ISO/IEC 27001 standard, the audit objectives for an ISMS audit may include determining the extent of conformity of the ISMS with the audit criteria, evaluating the ability of the ISMS to ensure the organization meets its information security objectives, and identifying potential areas for improvement of the ISMS12. References: = 1: PECB Candidate Handbook - ISO/IEC 27001 Lead Auditor, page 192: ISO/IEC 27007:2011 Information technology — Security techniques — Guidelines for information security management systems auditing, clause 4.2.1.
ISO-IEC-27001-Lead-Auditor PDF/Engine
Printable Format
Value of Money
100% Pass Assurance
Verified Answers
Researched by Industry Experts
Based on Real Exams Scenarios
100% Real Questions
Get 60% Discount on All Products,
Use Coupon: "8w52ceb345"