PECB ISO-IEC-27001-Lead-Implementer Exam - Topic 3 Question 65 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Implementer exam

Question #: 65
Topic #: 3

[All ISO-IEC-27001-Lead-Implementer Questions]

An organization that is implementing the ISMS based on ISO/IEC 27001 has defined and communicated secure system architecture and engineering principles. However, there is no documented information related to these principles. Is this acceptable?

AYes, the standard requires organizations to only communicate secure system architecture and engineering principles

BYes, documented information related to secure system architecture and engineering principles is not directly required by the standard

CNo, documenting secure system architecture and engineering principles is required by the standard

Show Suggested Answer

Suggested Answer: B

by Daron at Mar 02, 2026, 03:27 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Implementer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jettie

24 hours ago

I disagree, C makes more sense. Documentation is key!

upvoted 0 times

...

Marjory

6 days ago

B is correct, documentation isn't explicitly required.

upvoted 0 times

...

Luisa

11 days ago

I thought the standard was flexible about documentation, but now I'm questioning if that applies to secure system architecture principles specifically.

upvoted 0 times

...

Leigha

16 days ago

I lean towards option C because I believe that having documented information is crucial for demonstrating adherence to the ISMS requirements.

upvoted 0 times

...

Tanja

22 days ago

I feel like I came across a similar question in our practice exams, and it emphasized the need for documentation to support the principles communicated.

upvoted 0 times

...

Linn

27 days ago

I think I remember that documentation is important for compliance, but I'm not entirely sure if it's explicitly required by the standard.

upvoted 0 times

...