PECB Lead Auditor (ISO/IEC 27001) — Question 5

Which controls are related to the Annex A controls of ISO/IEC 27001 and are often selected from other guides and standards or defined by the organization to meet its specific needs?

Answer options

Correct answer: A

Explanation

The correct answer is A, as general controls are broad measures that can be adapted from various standards to suit an organization's needs. Strategic controls (B) focus on long-term goals and alignment with business strategy, while specific controls (C) are targeted measures addressing particular risks but do not encompass the broader applicability of general controls.