Free Practice Questions for CertiProf I27001F Exam

The PDCA cycle stands for Plan, Do, Check, Act. It is a management model commonly associated with management systems, including the implementation and continual improvement of an ISMS. In the context of ISO/IEC 27001:2022, this logic supports planning the ISMS, implementing and operating it, monitoring and reviewing performance, and taking actions for continual improvement. Therefore, option B is correct.

=======

ISO/IEC 27001:2022 requires the organization to determine the boundaries and applicability of the ISMS in order to establish its scope. When defining the scope, the organization must consider internal and external issues, interested parties, and interfaces and dependencies between activities performed by the organization and those performed by other organizations. The strongest and most accurate answer is B because it directly reflects the concept of scope and boundaries. Options A and C may be related in practice, but they are not the clearest expression of the formal requirement.

=======