Passed Exam Today L4M2

Defining Business Needs Questions and Answers

Question 25

SET Group are a start-up company trying to estimate the direct costs of materials for a project. The organisation has limited procurement records available. Would using general industry averages as a benchmark provide an accurate estimation of the project costs?

Options:

Yes, industry benchmarks are always kept up to date to consider real-time market conditions

No, the organisation will not have access to industry benchmarks as they are a new organisation

No, industry benchmarks do not consider specific specifications, quality requirements, or real-time market conditions

Yes, cost predictions do not need to be accurate as they are just an initial guess

Question 26

An IT department has tasked procurement to help produce a conformance specification for new company laptops. Which factor is common within a conformance specification?

Options:

Meets the operational requirements

Tends to be short and specific

Allows flexibility in the offering

Meets the specification standard

Question 27

NO: 34

Which of the following activities would apply to a straight rebuy procurement?

Reviewing existing specifications and arrangements

Engaging in extensive purchasing research

Engaging in proactive value engineering

Optimising inventory replenishment methods

Options:

1 and 4 only

2 and 3 only

1 and 3 only

2 and 4 only

Question 28

Which of the following are main focuses of ISO 27001:2013 standard?

1. Confidentiality

2. Logistics

3. Process

4. Life cycle

Options:

1 and 3 only

3 and 4 only

2 and 3 only

2 and 4 only

Answer:

Explanation:

Explanation

This International Standard (ISO 27001:2013) has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.

The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.

It is important that the information security management system is part of and integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization.

This International Standard can be used by internal and external parties to assess the organization's ability to meet the organization’s own information security requirements.

The order in which requirements are presented in this International Standard does not reflect their importance or imply the order in which they are to be implemented. The list items are enumerated for reference purpose only.

ISO/IEC 27000 describes the overview and the vocabulary of information security management systems, referencing the information security management system family of standards (includ-ing ISO/IEC 27003[2], ISO/IEC 27004[3] and ISO/IEC 27005[4]), with related terms and defini-tions.

[Reference:, - ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements, LO 3, AC 3.1]

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Defining Business Needs Questions and Answers

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

CompTIA

Fortinet

Microsoft

Salesforce