Changes in scope
Assign topic to the user
Answer: Yes, it is possible to certify your company only for the first office without expanding the scope of ISO certification; however be aware that in such case the other offices will be treated as third parties, which could complicate your operations. Such solutions are better for larger companies, whereas for smaller companies we recommend that you include your whole company (i.e. all of your offices) in the scope.
This article will provide more information:
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
Comment as guest or Sign in
Jul 28, 2018