New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27001-Lead-Auditor Topic 3 Question 38 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 38
Topic #: 3
[All ISO-IEC-27001-Lead-Auditor Questions]

You are conducting an ISMS audit in the despatch department of an international logistics organisation that provides shipping services to large organisations including local hospitals and government offices. Parcels typically contain pharmaceutical products, biological samples, and documents such as passports and driving licences. You note that the company records show a very large number of returned items with causes including misaddressed labels and, in 15% of cases, two or more labels for different addresses for the one package. You are interviewing the Shipping Manager (SM).

You: Are items checked before being dispatched?

SM: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.

You: What action is taken when items are returned?

SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.

You raise a nonconformity against ISO 27001:2022 based on the lack of control of the labelling process.

At the closing meeting, the Shipping Manager issues an apology to you that his comments may have been misunderstood. He says that he did not realise that there is a background IT process that automatically checks that the right label goes onto the right parcel otherwise the parcel is ejected at labelling. He asks that you withdraw your nonconformity.

Select three options of the correct responses that you as the audit team leader would make to the request of the Shipping Manager.

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Michell
5 months ago
I believe we should inform him of our understanding and withdraw the nonconformity.
upvoted 0 times
...
Pearline
5 months ago
Should we advise the Shipping Manager to withdraw the nonconformity?
upvoted 0 times
...
Gail
5 months ago
I think we should withdraw the nonconformity since there is an IT process in place.
upvoted 0 times
...
Rasheeda
5 months ago
The nonconformity must stand. Withdrawing it would be like letting them off the hook for their sloppy procedures. Time to get serious.
upvoted 0 times
Fabiola
4 months ago
H) Indicate that the nonconformity is evidence of a deeper system failure that needs to be rectified
upvoted 0 times
...
Mira
5 months ago
E) Inform him of your understanding and withdraw the nonconformity
upvoted 0 times
...
...
Ashley
5 months ago
What should we do about the nonconformity raised against the labelling process?
upvoted 0 times
...
Michell
5 months ago
Most contracts are low value, so we just reprint labels and resend parcels.
upvoted 0 times
...
Pearline
5 months ago
What action is taken when items are returned?
upvoted 0 times
...
Lennie
5 months ago
Haha, the Shipping Manager's 'background IT process' sounds like a total coverup. Good luck convincing the auditor with that one.
upvoted 0 times
Ryan
4 months ago
You: Advise the Shipping Manager that his request will be included in the audit report.
upvoted 0 times
...
Jamal
4 months ago
SM: Thank you for understanding, I appreciate it.
upvoted 0 times
...
Hobert
4 months ago
You: Inform him of your understanding and withdraw the nonconformity.
upvoted 0 times
...
Trinidad
5 months ago
SM: I didn't realize there was an IT process in place to check labels.
upvoted 0 times
...
...
Alva
5 months ago
Reprint and re-send individual parcels? That's a recipe for disaster. I bet half of those returned items end up lost or delivered to the wrong address.
upvoted 0 times
...
Kirk
5 months ago
Looks like a real mess at the dispatch department. How can they not have a proper label checking process? This is a serious breach of ISO 27001:2022.
upvoted 0 times
Twanna
4 months ago
SM: Most of these contracts are relatively low value, therefore it has been decided that it is easier and more convenient to simply reprint the label and re-send individual parcels than it is to implement an investigation.
upvoted 0 times
...
Ezekiel
5 months ago
You: Inform him of your understanding and withdraw the nonconformity
upvoted 0 times
...
Kenia
5 months ago
SM: Any obviously damaged items are removed by the duty staff before being dispatched, but the small profit margin makes it uneconomic to implement a formal checking process.
upvoted 0 times
...
...
Gail
6 months ago
Any obviously damaged items are removed before dispatch, but no formal checking process due to low profit margin.
upvoted 0 times
...
Ashley
6 months ago
Do you think items are checked before being dispatched?
upvoted 0 times
...

Save Cancel