PECB Lead Implementer (ISO/IEC 27001) — Question 13

Which statement below suggests that Beauty has implemented a managerial control that helps avoid the occurrence of incidents? Refer to scenario 2.

Answer options

• A. Beauty’s employees signed a confidentiality agreement
• B. Beauty conducted a number of information security awareness sessions for the IT team and other employees that have access to confidential information
• C. Beauty updated the segregation of duties chart

Correct answer: B

Explanation

Option B is correct because conducting information security awareness sessions directly educates employees on potential risks, which helps in preventing incidents. Options A and C, while important, do not actively contribute to reducing the likelihood of incidents by raising awareness among employees.