ISO/IEC 27001:2022 prior knowledge quiz

Question 1 of 12

With regards to the controls, what must the organisation produce?

Statement of applicability

Blue Tick

Statement of implementation

Blue Tick

Statement of control

Blue Tick
Question 2 of 12

What does the C in the CIA of Information Security stand for?

Confidentiality

Blue Tick

Context

Blue Tick

Conformity

Blue Tick
Question 3 of 12

ISO/IEC 27001:2022 is focussed solely on the protection of personal information. Is this statement 'true' or 'false'?

True

Blue Tick

False

Blue Tick
Question 4 of 12

ISO/IEC 27001:2022 requires which of the following to be documented (in Clause 6)? Select as many as you think apply

Risk assessment

Blue Tick

Risk treatment

Blue Tick
Question 5 of 12

"The scope [of the management system] shall be available as documented information". Is this statement 'true' or 'false'?

True

Blue Tick

False

Blue Tick
Question 6 of 12

Where would you find the Terms and Definitions for ISO/IEC 27001:2022?

ISO 27000

Blue Tick

ISO 9000

Blue Tick

Oxford English Dictionary

Blue Tick
Question 7 of 12

Which is a top management responsibility? Select as many as you think apply

Promoting continual improvement

Blue Tick

Ensuring the ISMS is integrated into the business

Blue Tick

Neither

Blue Tick
Question 8 of 12

"ISO/IEC 27001:2022 uses the same Annex SL 10-clause framework as ISO 9001:2015 and ISO 14001:2015." Is this statement 'true' or 'false'?

True

Blue Tick

False

Blue Tick
Question 9 of 12

In ISO/IEC 27000:2018 what is "fulfilment of a requirement"?

Conformity

Blue Tick

Compliance

Blue Tick
Question 10 of 12

ISO/IEC 27001:2022 requires defined rules for which of the following? Select as many as you think apply

Clear desk

Blue Tick

Clear screen

Blue Tick
Question 11 of 12

Where in the standard will you find a reference for controls?

Clause 9 Performance evaluation

Blue Tick

Annex A

Blue Tick

Annex SL

Blue Tick
Question 12 of 12

How is 'Information Security' defined in an ISMS (Information Security Management System) based on ISO/IEC 27001:2022?

Protection of data and information

Blue Tick

Maintenance of security services

Blue Tick

Preservation of confidentiality, integrity and availability of information

Blue Tick