Q: 5
An organization has compared its actual performance against predetermined performance targets.
What is the primary purpose of this action?
Options
Discussion
Option B
Makes sense to go with B here. The whole idea of comparing actual performance with targets is to check if the objectives are being achieved, especially for ISMS. Not totally sure if there's a catch, but that's what lines up for ISO 27001 logic. Disagree?
C vs B, but I don't think it's C. The main focus is always on assessing if objectives are met, that's classic ISO language. C is tempting but feels like a distractor here from past practice exams.
Probably B here. The main goal is to check if the security objectives are actually being achieved, which is central in ISO 27001. C sounds like it could fit but it's not the primary purpose, just a possible side benefit. I've seen similar on practice sets. Agree?
B. not C
B imo, that's what ISO 27001 stresses: check actuals vs targets to see if objectives are being met. You see this a lot in the official guide and practice tests. If anyone thinks otherwise, let me know.
B imo
Wouldn’t B be the ISO 27001 approach, since it’s all about continuous assessment against objectives?
C or B
B , C is a common distractor since automation's nice but not the main ISO 27001 point here.
Be respectful. No spam.
