Exam ISO-IEC-27001-Lead-Auditor Topic 4 Question 74 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 74
Topic #: 4
Question:
Which of the following can be considered a minor nonconformity?

Suggested Answer: C Vote an answer

Comprehensive and Detailed In-Depth Explanation:
* C. Correct Answer:
* A missing reference to continual improvement is a documentation issue, not an immediate security risk, making it a minor nonconformity.
* A. Incorrect:
* Lack of employee training poses a direct security risk (major nonconformity).
* B. Incorrect:
* Missing multi-factor authentication significantly weakens security (major nonconformity).
Relevant Standard Reference:
* ISO/IEC 27001:2022 Clause 10.1 (Continual Improvement)

by Levi at Feb 26, 2026, 07:41 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어