PECB Exam ISO-IEC-27001-Lead-Implementer Topic 1 Question 42 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Implementer exam

Question #: 42
Topic #: 1

[All ISO-IEC-27001-Lead-Implementer Questions]

What should an organization demonstrate through documentation?

AThat the complexity of processes and their interactions is documented

BThat the distribution of paper copies is regularly complete

CThat Its security controls are implemented based on risk scenarios

Show Suggested Answer

Suggested Answer: C

by Xochitl at Aug 06, 2024, 05:07 AM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Implementer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Daniel

7 months ago

I see both points. It's essential to have a balance between documenting processes and ensuring security measures are in place.

upvoted 0 times

...

Ming

7 months ago

I believe documenting the complexity of processes and their interactions is also crucial for transparency and efficiency.

upvoted 0 times

...

Chauncey

8 months ago

I'm going with C. Wouldn't want to be the organization that can't demonstrate its security controls are based on actual risk, right? That's just asking for trouble.

upvoted 0 times

...

Kanisha

8 months ago

Option C is the way to go. Gotta love those risk scenarios - they're like the spice of life for security professionals!

upvoted 0 times

Timmy

7 months ago

C) That Its security controls are implemented based on risk scenarios

upvoted 0 times

...

Silvana

7 months ago

A) That the complexity of processes and their interactions is documented

upvoted 0 times

...

Arlyne

8 months ago

B seems like a strange option. Why would an organization demonstrate the distribution of paper copies? That's not really relevant to the question.

upvoted 0 times

Lashonda

7 months ago

I agree, option B does seem out of place in this context.

upvoted 0 times

...

Christiane

7 months ago

C) That Its security controls are implemented based on risk scenarios

upvoted 0 times

...

Denny

7 months ago

A) That the complexity of processes and their interactions is documented

upvoted 0 times

...

Royal

8 months ago

I agree with Alise. It's important to show that security measures are aligned with potential risks.

upvoted 0 times

...

Tyisha

8 months ago

I think A is the right choice. Documenting the complexity of processes and their interactions is crucial for understanding the organization's operations.

upvoted 0 times

Daniel

7 months ago

Definitely, having clear documentation can also aid in training new employees effectively.

upvoted 0 times

...

Terrilyn

7 months ago

Plus, it can help identify areas for improvement and optimization.

upvoted 0 times

...

Sharee

7 months ago

It helps ensure everyone is on the same page and can follow procedures correctly.

upvoted 0 times

...

Lashawnda

7 months ago

I agree, documenting processes and interactions is key for transparency.

upvoted 0 times

...

Alise

8 months ago

I think an organization should demonstrate that its security controls are implemented based on risk scenarios.

upvoted 0 times

...

Chuck

8 months ago

I see both points. It's essential to have a balance between documenting processes and implementing security controls based on risk scenarios.

upvoted 0 times

...

Janessa

8 months ago

I believe that documenting the complexity of processes and their interactions is also crucial for transparency and efficiency.

upvoted 0 times

...

Huey

8 months ago

I agree with Annalee. It's important to show that the organization is addressing potential risks.

upvoted 0 times

...

Gerald

9 months ago

Option C is clearly the correct answer. An organization needs to demonstrate that its security controls are implemented based on risk scenarios to ensure effective risk management.

upvoted 0 times