New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

APMG-International ISO-IEC-27001-Foundation Exam - Topic 5 Question 3 Discussion

Actual exam question for APMG-International's ISO-IEC-27001-Foundation exam
Question #: 3
Topic #: 5
[All ISO-IEC-27001-Foundation Questions]

Which is a control title within Annex A of ISO/IEC 27001?

Show Suggested Answer Hide Answer
Suggested Answer: A

Comprehensive and Detailed Explanation From Exact Extract ISO/IEC 27002:2022 standards:

In ISO/IEC 27002:2022, which provides control guidance for Annex A of ISO/IEC 27001, Clause 5.19 is titled: ''Information security in supplier relationships.''

This control requires organizations to ensure that information security is addressed in supplier agreements and relationships. It is part of the Organizational Controls theme. The other options are not control titles in Annex A:

''Responsibilities and procedures'' (B) was used in older standards like ISO/IEC 27001:2005 but no longer exists.

''Protection of documents'' (C) relates to document control but is not a specific Annex A control.

''Change control'' (D) is relevant to ITIL/ITSM but not listed as a control title in Annex A.

Therefore, the correct Annex A control title is A: Information security in supplier relationships.


by Gearldine at Oct 07, 2025, 06:07 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Foundation Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Chanel
3 days ago
C) Protection of documents is important too.
upvoted 0 times
...
Lon
8 days ago
But B covers the overall management aspect.
upvoted 0 times
...
Marcos
14 days ago
I feel like it's B) Responsibilities and procedures.
upvoted 0 times
...
Kami
19 days ago
I think it's A) Information security in supplier relationships.
upvoted 0 times
...
Tu
24 days ago
Totally agree with A! It's a key area in ISO/IEC 27001.
upvoted 0 times
...
Lindsey
29 days ago
Wait, is this really a control title? Seems off.
upvoted 0 times
...
Minna
1 month ago
D) Change control sounds familiar too.
upvoted 0 times
...
Gene
1 month ago
I remember "Responsibilities and procedures" being mentioned in the context of governance, but I'm not confident it's a control title in Annex A.
upvoted 0 times
...
Cyril
1 month ago
I practiced a question similar to this, and I think "Change control" might be a control title, but I could be mixing it up with something else.
upvoted 0 times
...
Kenny
2 months ago
I feel like "Information security in supplier relationships" sounds familiar, but I can't recall if it's actually in Annex A or not.
upvoted 0 times
...
Carma
2 months ago
I'm pretty sure the right answer is D) Change control. Gotta love those control titles!
upvoted 0 times
...
Dalene
2 months ago
Haha, I bet the answer is "All of the above" and they're just trying to trick us!
upvoted 0 times
...
Edna
2 months ago
I thought it was B) Responsibilities and procedures.
upvoted 0 times
...
Tiera
2 months ago
A) Information security in supplier relationships is correct!
upvoted 0 times
...
Rasheeda
3 months ago
I think I remember that Annex A covers various controls, but I'm not sure which one is specifically a control title.
upvoted 0 times
...
Leonida
3 months ago
A seems right, suppliers are crucial.
upvoted 0 times
...
Lorrie
3 months ago
Hmm, this is a tough one. I'll have to go with C) Protection of documents.
upvoted 0 times
...
Ciara
3 months ago
B) Responsibilities and procedures is the control title I'm familiar with.
upvoted 0 times
...
Timothy
4 months ago
D) Change control seems like the correct answer to me.
upvoted 0 times
...
Alexia
4 months ago
I think the answer is A) Information security in supplier relationships.
upvoted 0 times
...
Carmelina
4 months ago
Ah, I remember learning about the Annex A controls. I'm going to go with option D - that sounds like it could be a valid control title.
upvoted 0 times
...
Marlon
4 months ago
This seems like a straightforward question. I'll just review the options and pick the one that sounds most like a control title.
upvoted 0 times
...
Larae
4 months ago
Okay, let me see... I know Annex A covers the control objectives, so I'll try to recall what the different sections are.
upvoted 0 times
...
Lakeesha
5 months ago
Hmm, I'm not totally sure about the details of Annex A. I'll have to think this through carefully.
upvoted 0 times
...
Billye
5 months ago
I'm pretty familiar with the ISO/IEC 27001 standard, so I think I can handle this one.
upvoted 0 times
Erin
3 months ago
I’m leaning towards B) Responsibilities and procedures.
upvoted 0 times
...
...

Save Cancel