A. ensures people to comply with service level agreements (SLAS) using documented information
B. It allows an organization to be certified, which always adds value for the business
C. It provides a structure for service provisioning that can be adapted to the culture of the organization
D. It offers prescriptive guidance that allows the organization to create efficient processes.
A. Organizations can only be certified to one of them at a time
B. The management systems of all three may be integrated
C. Certification of ISO 9001 and ISO/IEC 27001 Is a pre-requisite to applying for ISO/IEC 20000-1 certification
D. Demonstration of conformance for ISO/IEC 20000-1 Information security management requires that ISO/IEC 27001 processes are used
A. Demand management determines demand for services. Capacity management provides sufficient capacity to meet demand
B. Demand management determines future capacity needs. Capacity management monitors current capacity
C. Demand management reports on consumption of services. Capacity management reports on improvements needed in consumption of services
D. Demand management determines the capacity that customers need. Capacity management determines capacity the organization needs
A. To monitor information security incidents
B. To control access to the services
C. To enforce the information security policy
D. To address identified information security risks
A. They identify different levels of defect, and if either of them are identified during an audit then certification ^ CANNOT be granted
B. A nonconformity can be identified by both internal and external auditors, but an observation can only be identified by an internal auditor
C. They are different names for the same thing
D. A nonconformity identifies that a requirement is NOT being correctly met, whereas an observation identifies a recommendation for improvement
A. By defining service levels
B. By reporting on all incidents
C. By checking contracts with suppliers
D. By monitoring service level targets
