Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27001-Lead-Auditor Topic 1 Question 39 Discussion

Actual exam question for PECB's ISO/IEC 27001 Lead Auditor exam
Question #: 39
Topic #: 1
[All ISO/IEC 27001 Lead Auditor Questions]

You are an experienced ISMS audit team leader guiding an auditor in training. You are testing her understanding of follow-up audits by asking her a series of questions to which the answer is either "true* or 'false'. Which four of the following questions should the answer be true"'

Show Suggested Answer Hide Answer
Suggested Answer: A, B, C, F

A follow-up audit may be carried out where nonconformities are major. This is true because a major nonconformity is a situation that raises significant doubt about the ability of the organization's management system to achieve its intended results, and therefore requires immediate corrective action.A follow-up audit is necessary to verify the effectiveness of the corrective action and the conformity of the management system12.

A follow-up audit may be carried out where nonconformities are minor. This is true because a minor nonconformity is a situation that does not affect the capability of the management system to achieve its intended results, but represents a deviation from the specified requirements.A follow-up audit may be conducted to check the implementation of the corrective action and the improvement of the management system12.

The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified. This is true because the top management is responsible for ensuring the effectiveness and continual improvement of the management system, and the audit team leader is accountable for the audit process and the audit conclusions.The follow-up audit report should provide them with objective evidence of the status of the nonconformities and the corrective actions taken by the auditee13.

The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client. This is true because the individual managing the audit programme is responsible for planning, implementing, monitoring and reviewing the audit activities, and the audit client is the organization or person requesting an audit.The follow-up audit report should inform them of the results of the follow-up audit and any changes in the certification status of the auditee13.


ISO 19011:2022 Guidelines for auditing management systems

ISO/IEC 27001:2022 Information technology --- Security techniques --- Information security management systems --- Requirements

ISO/IEC 17021-1:2022 Conformity assessment --- Requirements for bodies providing audit and certification of management systems --- Part 1: Requirements

Contribute your Thoughts:

Amber
3 months ago
Wait, a follow-up audit isn't required in all cases? That's news to me! Anyway, I'd say A, C, D, and F are the true statements.
upvoted 0 times
Tamra
2 months ago
Absolutely. The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client.
upvoted 0 times
...
Maryann
2 months ago
You're on the right track. The outcome of a follow-up audit could lower a major nonconformity to minor status.
upvoted 0 times
...
Tequila
2 months ago
That's right. The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the initial audit.
upvoted 0 times
...
Cyril
2 months ago
Yes, you are correct. A follow-up audit may be carried out where nonconformities are major.
upvoted 0 times
...
...
Louisa
3 months ago
This is a tricky one, but I think A, C, D, and F are the right choices. The follow-up audit is all about verifying corrective actions and communicating the results.
upvoted 0 times
Ona
2 months ago
F) True
upvoted 0 times
...
Leatha
2 months ago
D) True
upvoted 0 times
...
Lajuana
2 months ago
C) True
upvoted 0 times
...
Vi
2 months ago
A) True
upvoted 0 times
...
...
Raymon
3 months ago
Haha, I bet the auditor in training is sweating bullets right now. Gotta love those trick questions! But I'd go with A, C, D, and F as the correct answers.
upvoted 0 times
Frank
2 months ago
F) True - The outcomes of a follow-up audit should be reported to the individual managing the audit programme and the audit client
upvoted 0 times
...
Carol
2 months ago
D) True - The outcome of a follow-up audit could lower a major nonconformity to minor status
upvoted 0 times
...
Paz
3 months ago
C) True - The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified
upvoted 0 times
...
Jade
3 months ago
A) True - A follow-up audit may be carried out where nonconformities are major
upvoted 0 times
...
...
Harrison
4 months ago
Definitely A, C, D, and F. The outcomes of the follow-up audit need to be reported to the relevant stakeholders, and it can lead to changes in nonconformity status.
upvoted 0 times
Reuben
3 months ago
That's right. The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified.
upvoted 0 times
...
Barrett
3 months ago
Yes, you are correct. A follow-up audit may be carried out where nonconformities are major.
upvoted 0 times
...
...
Alethea
4 months ago
Yes, that is also true. It is essential to communicate the results to the relevant parties for accountability and improvement.
upvoted 0 times
...
Norah
4 months ago
The outcomes of a follow-up audit should be reported to top management and the audit team leader who carried out the audit where the nonconformities were initially identified.
upvoted 0 times
...
Alethea
4 months ago
That's correct. It is important to follow up on major nonconformities to ensure they have been addressed.
upvoted 0 times
...
Francine
4 months ago
A, C, D, and F seem like the correct answers to me. A follow-up audit is necessary to verify corrective actions for both major and minor nonconformities.
upvoted 0 times
Vonda
3 months ago
Auditor in training
upvoted 0 times
...
Dominga
4 months ago
Experienced ISMS audit team leader
upvoted 0 times
...
...
Norah
4 months ago
A follow-up audit may be carried out where nonconformities are major.
upvoted 0 times
...

Save Cancel