Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. PECB
  4. ISO 27001
  5. ISO-IEC-27001-Lead-Auditor Discussions
  6. ISO-IEC-27001-Lead-Auditor Exam Topic 3 Question 23 Discussion
 PECB Discussions
Exam ISO-IEC-27001-Lead-Auditor All Questions
Exam ISO-IEC-27001-Lead-Auditor All Questions

View all questions & answers for the ISO-IEC-27001-Lead-Auditor exam

Go to Exam

PECB ISO 27001 ISO-IEC-27001-Lead-Auditor Question # 23 Topic 3 Discussion

ISO-IEC-27001-Lead-Auditor Exam Topic 3 Question 23 Discussion:
Question #: 23
Topic #: 3

You are an experienced audit team leader conducting a third-party surveillance audit of an organisation that designs websites for its clients. You are currently reviewing the organisation's Statement of Applicability.

Based on the requirements of ISO/IEC 27001, which two of the following observations about the Statement of Applicability are false?
A.

A Statement of Applicability must be produced by organisations seeking ISO/IEC 27001 conformity

B.

Justification is only required for any controls that the organisations choses to exclude

C.

Justification for both the inclusion and exclusion of Annex A controls in the Statement of Applicability is required

D.

The Statement of Applicability is owned and amended by the organisation's top management

E.

Additional controls not included in Appendix A may be added to the Statement of Applicability if the organisation choses to do so

F.

The Statement of Applicability must include Organisational, Physical, People and Technological controls that are necessary

Get Premium ISO-IEC-27001-Lead-Auditor Questions
Actual exam question for PECB ISO-IEC-27001-Lead-Auditor exam by Knox26593 at Apr 28, 2026, 9:04:50 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit