Exam ISO-IEC-27001-Lead-Auditor Topic 4 Question 74 Discussion
Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 74
Topic #: 4
Question #: 74
Topic #: 4
Question:
Which of the following can be considered a minor nonconformity?
Which of the following can be considered a minor nonconformity?
Suggested Answer: C Vote an answer
Comprehensive and Detailed In-Depth Explanation:
* C. Correct Answer:
* A missing reference to continual improvement is a documentation issue, not an immediate security risk, making it a minor nonconformity.
* A. Incorrect:
* Lack of employee training poses a direct security risk (major nonconformity).
* B. Incorrect:
* Missing multi-factor authentication significantly weakens security (major nonconformity).
Relevant Standard Reference:
* ISO/IEC 27001:2022 Clause 10.1 (Continual Improvement)
* C. Correct Answer:
* A missing reference to continual improvement is a documentation issue, not an immediate security risk, making it a minor nonconformity.
* A. Incorrect:
* Lack of employee training poses a direct security risk (major nonconformity).
* B. Incorrect:
* Missing multi-factor authentication significantly weakens security (major nonconformity).
Relevant Standard Reference:
* ISO/IEC 27001:2022 Clause 10.1 (Continual Improvement)
by Levi at Feb 26, 2026, 07:41 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).