BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

PECB Exam ISO-IEC-27001-Lead-Auditor Topic 4 Question 47 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam

Question #: 47
Topic #: 4

[All ISO-IEC-27001-Lead-Auditor Questions]

The auditor discovered that two out of 15 employees of the IT Department have not received adequate information security training. What does this represent?

AAudit finding

BAudit evidence

CInformation source

Show Suggested Answer

Suggested Answer: A

This scenario represents an 'audit finding.' An audit finding refers to results that indicate a deviation from the expected performance or standards. Discovering that two employees have not received the required training is an audit finding indicating noncompliance with the organization's training requirements.

by Armando at Sep 14, 2024, 08:27 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Catalina

29 days ago

I'd say this is a classic case of 'security through obscurity' - out of sight, out of mind. Time to shine a light on that dark corner of the IT department!

upvoted 0 times

Ciara

2 days ago

C) Information source

upvoted 0 times

...

Lilli

3 days ago

B) Audit evidence

upvoted 0 times

...

Nydia

16 days ago

A) Audit finding

upvoted 0 times

...

...

Reita

1 months ago

Haha, looks like those two employees need to watch some 'Cybersecurity for Dummies' videos ASAP!

upvoted 0 times

Iesha

3 days ago

C) Information source

upvoted 0 times

...

Mollie

5 days ago

B) Audit evidence

upvoted 0 times

...

Devora

22 days ago

A) Audit finding

upvoted 0 times

...

...

Henriette

1 months ago

But could it also be considered audit evidence of a potential risk?

upvoted 0 times

...

Minna

1 months ago

I agree with Latia, it shows a gap in training.

upvoted 0 times

...

Zena

1 months ago

Hmm, I'm not so sure. Couldn't this also be considered an information source for the auditor to further investigate the training processes?

upvoted 0 times

Arlette

3 days ago

It could be both an audit finding and an information source for further investigation.

upvoted 0 times

...

Leonor

11 days ago

C) Information source

upvoted 0 times

...

Desirae

13 days ago

B) Audit evidence

upvoted 0 times

...

Youlanda

21 days ago

A) Audit finding

upvoted 0 times

...

...

Chauncey

2 months ago

I agree, this is definitely audit evidence that the company needs to address their security training program.

upvoted 0 times

Tamar

21 days ago

C) Information source

upvoted 0 times

...

Cristina

24 days ago

B) Audit evidence

upvoted 0 times

...

Twila

1 months ago

A) Audit finding

upvoted 0 times

...

...

Flo

2 months ago

This seems like a clear-cut audit finding to me. Two out of 15 employees lacking proper training is definitely a red flag.

upvoted 0 times

Malcolm

24 days ago

Yes, it's important to address this issue as soon as possible.

upvoted 0 times

...

Cassie

28 days ago

I agree, it's definitely an audit finding.

upvoted 0 times

...

Sage

1 months ago

C) Information source

upvoted 0 times

...

Kathrine

1 months ago

B) Audit evidence

upvoted 0 times

...

Omer

2 months ago

A) Audit finding

upvoted 0 times

...

...

Latia

2 months ago

I think it's an audit finding.

upvoted 0 times

...