Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

CFO exclusion from ISMS Scope

  Quote
Guest
Guest user Created:   Oct 05, 2020 Last commented:   Oct 05, 2020

CFO exclusion from ISMS Scope

I’d appreciate your help/reassurance on a query regarding our ISMS scope.

Context

For our ISMS scope, I have added in an organisation chart. On the basis of your advice stating that 3rd parties are out of our remit of control I have made our CFO (he is an independent consultant) and shareholders out of scope.

Question.

In the section, exclusions from scope, are we okay to exclude the CFO/Finance function and shareholders from the scope?

Thank you in advance for your guidance on the above,

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Oct 05, 2020

Considering the provided information, since the CFO and shareholders are considered 3rd parties, you can exclude both from the scope.

These articles will provide you a further explanation about scope definition:

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 05, 2020

Oct 05, 2020

Suggested Topics

Guest user Created:   Sep 23, 2021 ISO 27001 & 22301
Replies: 1
0 0

Scope of ISMS

Guest user Created:   Sep 14, 2021 ISO 27001 & 22301
Replies: 1
0 0

Scope in Conformio