ISO 27001 Questionnaire

1. ISO 27001 Questions

1. Fill in your details *

Full Name

2. What does the ISO 27001 standard define requirements for? *

A. An Information Security Management System
B. Professional Conduct
C. Effective Communication
D. Financial Control

3. Who is the ISMS Manager? *

A. Mike Taylor
B. Tony Edwards
C. Graeme Hughes
D. Bernie Oattes

4. Which of the following is a security incident that must be reported? *

A. Computer Virus
B. Building left unlocked at night
C. Visitor tailgating into the office
D. All of the above

5. What should you always do before leaving your workstation? *

A. Finish your drink
B. Lock your computer screen
C. Turn off your computer
D. All of the above

6. Which of the following is an acceptable method of sending "Confidential Information" (e.g. customer records)? *

A. Encrypted Zip File
B. Email - unprotected attachment
C. Post
D. Fax

7. Which of the following documents may be left unattended or unsecured? *

A. Bank Statements
B. Customer Contracts
C. Customer Contract Details
D. None of the above

8. Which of the following passwords complies with the company password policy? *

A. 23101978
B. Bopu7228
C. F00tball
D. All of the above

9. It is acceptable to store passwords in which of the following? *

A. Written down and locked in a drawer
B. Memory
C. Web Browsers
D. All of the above

10. When onboarding a new supplier, which of the following should be completed? *

A. Non Disclosure Agreement
B. Supplier Risk Assessment
C. Supplier Agreement
D. All of the above

11. Customer Security Requirements must be agreed during which stage of a project? *

A. During Requirements Gathering
B. Project Review Meetings
C. Post Project Review
D. All of the above

12. Which of the following would be considered personal information that must be protected in accordance with the Data Protection Act? *

A. Address
B. First Name and Last Name
C. First and Last Name & Address
D. All of the above

13. What should be done before reusing a laptop for a new employee? *

A. Change the Password
B. Request that the Infrastructure Support wipes and reconfigures for the new user
C. Add a new account
D. Set it up yourself

14. When noticing an unknown visitor following you into the office, you should? *

A. Open the door for them
B. Prevent them from entering
C. Ignore them
D. Politely challenge them and find out who they are here to see

15. Should anti-virus software be running on your laptop or PC: *

A. Whenever you are not doing other work
B. Constantly
C. Once a week on a scheduled basis
D. None of the above

16. How should sharing of SENSITIVE information be restricted *

A. It can be shared on a need to know basis
B. It can be shared with interested parties within Innovise
C. It can be shared freely
D. None of the above