CompTIA Security+ (SY0-601) — Question 472

An organization recently acquired an ISO 27001 certification. Which of the following would most likely be considered a benefit of this certification?

Answer options

• A. It allows for the sharing of digital forensics data across organizations.
• B. It provides insurance in case of a data breach
• C. It provides complimentary training and certification resources to IT security staff
• D. It certifies the organization can work with foreign entities that require a security clearance
• E. It assures customers that the organization meets security standards

Correct answer: E

Explanation

The correct answer, E, is accurate because ISO 27001 certification demonstrates to customers that the organization has implemented effective information security management practices. Options A, B, C, and D are incorrect as they do not directly relate to the primary purpose of ISO 27001, which focuses on establishing, implementing, maintaining, and continually improving an information security management system.