Free ISO-IEC-27001-Foundation Questions for APMG-International ISO/IEC 27001 (2022) Foundation ISO-IEC-27001-Foundation Exam as PDF & Practice Test Engine

Exam Code/Number: ISO-IEC-27001-Foundation
Exam Name/Title: ISO/IEC 27001 (2022) Foundation Exam
Certification Provider: APMG-International
Corresponding Certification: ISO/IEC 27001

Exam Questions: 52
Updated On: Jun 01, 2026

Question #1

Which of the following statements about the relationship between ISO/IEC 27001 and ISO/IEC 27002 is true?
* ISO/IEC 27002 provides implementation advice on the controls selected during the ISO/IEC 27001 information security risk management process
* ISO/IEC 27002 provides a process for information security risk management which implements the requirements of ISO/IEC 27001

A. Only 1 is true

B. Neither 1 or 2 is true

C. Both 1 and 2 are true

D. Only 2 is true

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Question #2

What is the definition of the term 'integrity' according to ISO/IEC 27000?

A. The property of availability and confidentiality

B. The property of accuracy and completeness

C. The property of being accessible and usable

D. The property that information is NOT made available inappropriately

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Question #3

Which action must top management take to provide evidence of its commitment to the establishment, operation and improvement of the ISMS?

A. Producing a risk assessment report

B. Communicating feedback from interested parties to the organization

C. Implementing the actions from internal audits

D. Ensuring information security objectives are established

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Question #4

Which is a control title within Annex A of ISO/IEC 27001?

A. Change control

B. Protection of documents

C. Information security in supplier relationships

D. Responsibilities and procedures

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Question #5

Which statement about the conduct of audits is true?

A. During Stage 1 of a certification audit, evidence is collected by observing activities

B. One of the focus areas for a surveillance audit is the output from internal audits and management reviews

C. The certificate issued after a successful re-certification audit in typical schemes lasts for one year

D. Third party audits are conducted by a customer of the organization

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Question #6

Which action is a required response to an identified residual risk?

A. Top management shall delegate its treatment to risk owners

B. It shall be reviewed by the risk owner to consider acceptance

C. By default, it shall be controlled by information security awareness and training

D. The organization shall change practices to avoid the risk occurring

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).

Free ISO-IEC-27001-Foundation Questions for APMG-International ISO/IEC 27001 (2022) Foundation ISO-IEC-27001-Foundation Exam as PDF & Practice Test Engine

Download Free APMG-International ISO-IEC-27001-Foundation Demo