Q: 5
In the context of a third-party certification audit, confidentiality is an issue in an audit programme.
Select two options which correctly state the function of confidentiality in an audit
Options
Discussion
Probably C and D here since the question asks about actual functions of confidentiality. C is the audit principle, D covers recorded info needing auditee approval. Not totally sure E fits this context, but open to other takes!
C/D? Saw a similar question in a recent exam report, these two came up as the right combo.
C/D? Audit principle (C) is straight from ISO guidance and D makes sense because you always need permission if recording during audits. E feels less about confidentiality than these two. Pretty sure about this, correct me if I missed something.
C/D? I see why people mention E, but confidentiality as an audit principle (C) and needing auditee permission for recordings (D) both come up in ISO 19011. Not totally sure if C is always enforced, but these fit best for function of confidentiality. Disagree?
Confidentiality is a core audit principle, so C fits. Auditors need permission before recording or taking photos, making D the other good pick. Pretty sure about these based on ISO guidelines.
C/D tbh, pretty sure those are correct. C is the audit principle and D covers respecting confidentiality when recording. E looks tempting but isn't a primary function of confidentiality here. Let me know if you disagree.
Its C and D for me, saw similar advice in the official ISO 27001 lead auditor guide and a couple practice exams. Not totally confident because E keeps coming up, so open to corrections.
C and E tbh. I picked E since using audit info for personal competence sounded connected to confidentiality, as long as nothing sensitive is shared. Not 100% certain, maybe a bit of a trap but C feels safe.
Maybe C and E for this one.
C and D tbh
Be respectful. No spam.
