ExamTopics Logo
Mail Us[email protected]
Menu
Pecb Discussions
exam questions

Exam Lead Implementer All Questions

View all questions & answers for the Lead Implementer exam
Go to Exam

Exam Lead Implementer topic 1 question 34 discussion

Actual exam question from PECB's Lead Implementer
Question #: 34
Topic #: 1
[All Lead Implementer Questions]

Based on scenario 5, after migrating to cloud, Operaze’s IT team changed the ISMS scope and implemented all the required modifications. Is this acceptable?

  • A. Yes, because the ISMS scope should be changed when there are changes to the external environment
  • B. No, because the company has already defined the ISMS scope
  • C. No, because any change in ISMS scope should be accepted by the management
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by CHUEY at Jan. 27, 2025, 6:11 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bb43b7c
2 weeks, 2 days ago
Selected Answer: A
Clause 4.3 – Determining the scope of the ISMS, the scope of the ISMS must be continually reviewed and updated when significant changes occur
upvoted 1 times
...
somkiatr
2 months ago
Selected Answer: C
While changes to the environment (like cloud migration) can necessitate a change in the ISMS scope (making option A partially correct in principle), the process matters. Defining and modifying the ISMS scope is a strategic decision that requires top management oversight and approval according to ISO/IEC 27001 principles (Clause 5.1). The scenario implies the IT team made this decision unilaterally ("the IT team... decided"). Therefore, the action as described is likely not acceptable because it bypasses necessary management approval. The answer is C.
upvoted 1 times
...
somkiatr
2 months ago
Selected Answer: C
While changes to the environment (like cloud migration) can necessitate a change in the ISMS scope (making option A partially correct in principle), the process matters. Defining and modifying the ISMS scope is a strategic decision that requires top management oversight and approval according to ISO/IEC 27001 principles (Clause 5.1). The scenario implies the IT team made this decision unilaterally ("the IT team... decided"). Therefore, the action as described is likely not acceptable because it bypasses necessary management approval. The answer is C.
upvoted 1 times
...
somkiatr
2 months ago
While changes to the environment (like cloud migration) can necessitate a change in the ISMS scope (making option A partially correct in principle), the process matters. Defining and modifying the ISMS scope is a strategic decision that requires top management oversight and approval according to ISO/IEC 27001 principles (Clause 5.1). The scenario implies the IT team made this decision unilaterally ("the IT team... decided"). Therefore, the action as described is likely not acceptable because it bypasses necessary management approval. The answer is C.
upvoted 1 times
...
Say754
2 months, 3 weeks ago
Selected Answer: C
This should be C, because any change in ISMS scope should be accepted by the management.
upvoted 1 times
...
CHUEY
4 months, 2 weeks ago
Selected Answer: A
A is correct : because the hosting was moved from On Premise hosting to Cloud Computing supplied by a 3rd party infrastructer supplier . This is a significant change impacting information security and requires the ISMS scope to be updated .
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel