PECB Lead Implementer (ISO/IEC 27001) — Question 11

“The ISMS covers all departments within Company XYZ that have access to customers’ data. The purpose of the ISMS is to ensure the confidentiality, integrity, and availability of customers’ data, and ensure compliance with the applicable regulatory requirements regarding information security.” What does this statement describe?

Answer options

• A. The information systems boundary of the ISMS scope
• B. The organizational boundaries of the ISMS scope
• C. The physical boundary of the ISMS scope

Correct answer: A

Explanation

The correct answer is A because the statement specifically addresses the access to customer data by various departments, which relates to the information systems boundary. Options B and C do not accurately reflect the focus on information systems as they pertain to organizational and physical boundaries rather than the scope of information systems involved.