APMG-International ISO-IEC-27001-Foundation Exam - Topic 3 Question 11 Discussion

Actual exam question for APMG-International's ISO-IEC-27001-Foundation exam

Question #: 11
Topic #: 3

[All ISO-IEC-27001-Foundation Questions]

Identify the missing words in the following sentence.

The organization shall establish, implement, maintain and [ ? ] an information security management system, including the processes needed and their interactions, in accordance with the requirements of this document.

Areport on

Bcontinually improve

Ccommunicate the importance of

Denforce standards for

Show Suggested Answer

Suggested Answer: B

Clause 4.4 of ISO/IEC 27001:2022 states:

''The organization shall establish, implement, maintain and continually improve an information security management system, including the processes needed and their interactions, in accordance with the requirements of this document.''

This requirement highlights that an ISMS is not static; it must evolve continuously to adapt to new risks, technologies, and business changes. Options A, C, and D are not mentioned in the clause. The continual improvement cycle is central to ISO standards, aligning with the Plan-Do-Check-Act (PDCA) model.

Thus, the missing words are ''continually improve.''

by Jolanda at Mar 06, 2026, 12:11 AM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Foundation Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!