Context of the organizacion

I want to know more about "Context of the organization" and its relation to Risk management Thank you so much
 

Answer:

It is related with the clause “4.1 Understanding the organization and its context” of the ISO 27001:2013 (although you can find the same clause in other standards), and basically you need to identify all of the internal and external issues that could influence your ISMS. These issues are important for the risk management because can serve to the identification of risks. For example, internal issues can be the organization’s culture, (although is not limited to this), which is a parameter that you can use to identify threats related to people (non compliance of policies, error of use in information systems, etc.), which means that you can use internal issues to identify risks.
And external issues can be for example technological environment (of external stakeholders), which can be also involved in the identification of risks.
This article can be interesting for you “The requirements of ISO 27001 clause 4.1 and sugg estions of ISO 31000” : https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/

Hello everybody,
question:
1) if i will include interested parties in my organizational processes to understand them expectation and needs for improvement, do i need to include them in the scope of ISMS document? it's Because, that they going to have result to my core processes
thank you in advance !

I am not sure if I have understood your question, but if you want to include a list of interested parties in your ISMS scope document, you can do it, but this does not mean that the interested parties are included in the scope of the ISMS, because the definition of the scope is about areas, information systems, services, etc. about your organization.

Anyway, regarding the interested parties, the important is the identification of the requirements of the interested parties, and you can do it in an independent document. For example, you can use this template (you can see a free demo clicking on “Free demo” tab) “List of Legal, Regulatory, Contractual and Other Requirements” : https://advisera.com/27001academy/documentation/list-of-legal-regulatory-contractual-and-other-requirements/

This article can be useful for you “How to define the ISMS scope” : https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/

And also this one “How to identify interested parties according to ISO 27001 and ISO 22301” : https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//

And our online course can be also interesting for you because we give more information about the ISMS scope and the interested parties “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/