PECB Exam ISO-IEC-27001-Lead-Auditor Topic 1 Question 40 Discussion

Actual exam question for PECB's ISO/IEC 27001 Lead Auditor exam

Question #: 40
Topic #: 1

[All ISO/IEC 27001 Lead Auditor Questions]

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show a very large number of returned items with causes including misaddressed labels and, in 15% of cases, two or more labels for different addresses for the one package. You are interviewing the Shipping Manager (SM).

You: Are items checked before being dispatched?

SM: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.

You: What action is taken when items are returned?

SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.

You raise a nonconformity against ISO 27001:2022 based on the lack of control of the labelling process.

At the closing meeting, the Shipping Manager issues an apology to you that his comments may have been misunderstood. He says that he did not realise that there is a background IT process that automatically checks that the right label goes onto the right parcel otherwise the parcel is ejected at labelling. He asks that you withdraw your nonconformity.

Select three options of the correct responses that you as the audit team leader would make to the request of the Shipping Manager.

AAdvise the Shipping Manager that his request will be included in the audit report

BAdvise management that the new information provided will be discussed when the auditors have more time

CInform the Shipping Manager that the nonconformity is minor and should be quickly corrected

DAsk the audit team members to state what they think should happen

EInform him of your understanding and withdraw the nonconformity

FThank the Shipping Manager for his honesty but advise that withdrawing the nonconformity is not the right way to proceed

GAdvise the Shipping Manager that the nonconformity must stand since the evidence obtained for it was dear

HIndicate that the nonconformity is evidence of a deeper system failure that needs to be rectified

Show Suggested Answer

Suggested Answer: A, B, F

A) Advise the Shipping Manager that his request will be included in the audit report. This is true because the audit report should document all the relevant information and evidence related to the audit, including any requests or objections raised by the auditee.The audit report should also provide the rationale for the audit conclusions and recommendations12.

B) Advise management that the new information provided will be discussed when the auditors have more time. This is true because the auditors should not make hasty decisions based on incomplete or unverified information.The auditors should review and evaluate the new information in a systematic and objective manner, and determine whether it affects the audit findings, nonconformities, or conclusions12.

F) Thank the Shipping Manager for his honesty but advise that withdrawing the nonconformity is not the right way to proceed. This is true because the auditors should acknowledge and appreciate the cooperation and transparency of the auditee, but also maintain their professional integrity and independence.The auditors should not withdraw a nonconformity unless they are satisfied that it was raised in error or that it has been effectively corrected and verified12.

ISO 19011:2022 Guidelines for auditing management systems

ISO/IEC 17021-1:2022 Conformity assessment --- Requirements for bodies providing audit and certification of management systems --- Part 1: Requirements

by Clemencia at Jul 10, 2024, 12:16 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Albina

3 months ago

This company needs a serious overhaul of its shipping processes. I hope the auditor doesn't let the Shipping Manager off the hook so easily.

upvoted 0 times

...

3 months ago

Haha, I bet the Shipping Manager is sweating bullets right now. Trying to pull a fast one on the auditor? Good luck with that!

upvoted 0 times

Tyisha

3 months ago

SM: Thank you for understanding, I appreciate it.

upvoted 0 times

...

Jenifer

3 months ago

You: Inform him of your understanding and withdraw the nonconformity.

upvoted 0 times

...

Maira

3 months ago

SM: I didn't realize there was an IT process in place to check labels.

upvoted 0 times

...

Albert

3 months ago

3 months ago

SM: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.

upvoted 0 times

...