Expert Advice Community

Guest

Dealing with business processes experience

  Quote
Guest
Guest user Created:   Dec 18, 2020 Last commented:   Dec 18, 2020

Dealing with business processes experience

I need your feedback on dealing with business processes experience.

Do we limit ourselves to processes that have links with the information system or do we put other vital and commercial processes such as the purchase of raw material, storage… as a process excluded when defining the scope?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 18, 2020

ISO 27001 allows you the flexibility to define what will be included in the scope - it is recommended to include the processes. locations or departments that include the most sensitive information. You cannot define the scope only for an information system.

These articles will provide you further explanation about scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

These materials will also help you regarding scope definition:
- How to set the ISMS scope according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-set-the-isms-scope-according-to-iso-27001-free-webinar-on-demand/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course http://training.advisera.com/course/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 18, 2020

Dec 18, 2020