ISO 27001 ISMS Requirements
10 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of the Statement of Applicability?

  • To list the controls selected to mitigate risk and explain their implementation (correct)
  • To organize and review ISMS documentation
  • To outline the organization's business objectives and risks associated with them
  • To document evidence of security awareness training for personnel
  • What type of documentation is included in ISMS Resources?

  • Only meeting minutes and communications from senior management
  • Only audit reviews, incident reports, and remediation plans
  • All of the above, including strategy, planning, and budgeting documents (correct)
  • Only security awareness training materials and certificates
  • What is the importance of retaining documented information in ISO 27001?

  • To improve the ISMS documentation
  • To evidence competence in maintaining the ISMS (correct)
  • To show the effectiveness of the ISMS
  • To demonstrate compliance with the standard
  • What is the purpose of the Information Security Objectives and Plans?

    <p>To document the organization's information security objectives and plans</p> Signup and view all the answers

    What is included in the Employee Security Awareness and Training documentation?

    <p>All of the above, including posters, presentations, and attendance records</p> Signup and view all the answers

    What is the purpose of the General documentation?

    <p>To organize and review ISMS documentation</p> Signup and view all the answers

    What is the purpose of the Communication documentation?

    <p>To document any processes or policies made around what needs to be communicated, when, and to whom</p> Signup and view all the answers

    What is the primary purpose of the Risk Assessment and Treatment?

    <p>To identify and assess risks associated with the organization's information assets</p> Signup and view all the answers

    What is the purpose of the Information Security Policy?

    <p>To outline the organization's approach to managing information security</p> Signup and view all the answers

    What is the primary purpose of the Competence documentation?

    <p>To evidence competence in maintaining the ISMS</p> Signup and view all the answers

    More Like This

    Control de Acceso en ISO 27001
    6 questions
    ISO 27001 - Informasjonssikkerhet og Ledelse
    10 questions
    ISO 27001 Compliance
    8 questions
    Use Quizgecko on...
    Browser
    Browser