Guest
ISMS Scope Question
While establishing an ISMS for an Information Security department ,should I include HR/Finance (and all supporting divisions) as 3 third parties component as they are feeding services to IS Department (the only Dep in scope)?
Assign topic to the user
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free 
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free
This depends where is your most valuable information located - if it is located in HR/Finance departments, then they should be included in the ISMS scope; also if you are a smaller company it would be difficult to exclude such departments from the scope even though the information is not located there.
This article will explain you this topic into detail: How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016