Q: 5
An organization has compared its actual performance against predetermined performance targets.
What is the primary purpose of this action?
Options
Discussion
Makes sense to go with B here. The whole idea of comparing actual performance with targets is to check if the objectives are being achieved, especially for ISMS. Not totally sure if there's a catch, but that's what lines up for ISO 27001 logic. Disagree?
B imo
Wouldn’t B be the ISO 27001 approach, since it’s all about continuous assessment against objectives?
C or B
B tbh. ISO 27001 is really about checking progress against objectives, not just automating reports. Saw something similar on an old practice, always came back to "are the security goals being met" as the main reason for measuring performance against targets. Anyone pick C here for a reason?
Guessing C, saw a similar question on a practice set.
Be respectful. No spam.
