Expert Advice Community

Guest

Defining Scope

  Quote
Guest
Guest user Created:   May 29, 2020 Last commented:   May 29, 2020

Defining Scope

1. How to define Scope

2. Can we say that a company is certified if it is just a part that meets the standards?

3. A company that builds an IT solution. Can we make a difference between its business infrastructure and the product infrastructure?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 29, 2020

1. How to define Scope

You need to identify in which part of your company is your most valuable information. You can start this by identifying which information is important for your organization to achieve its objectives and be compliant with applicable legal requirements (e.g., laws, regulations, and contracts)

Generally speaking, for a company of up to 100 employees, the best option is to include the whole company in the scope.

These articles will help you:

2. Can we say that a company is certified if it is just a part that meets the standards?

You need to check the specific procedures on how to communicate the certification status to external parties with the certification body, but generally speaking, wherever you display information about the certification status you also need to provide information for people to verify the certification scope (e.g., the certification number, a link to a copy of the certification, etc.).

3. A company that builds an IT solution. Can we make a difference between its business infrastructure and the product infrastructure?

You can define the ISMS scope considering only specific parts of your organization, but in general, this is worthy only for bigger organizations.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 29, 2020

May 29, 2020

Suggested Topics

Guest user Created:   Dec 03, 2020 ISO 27001 & 22301
Replies: 1
0 0

Defining scope

Guest user Created:   Jun 30, 2020 ISO 27001 & 22301
Replies: 1
0 0

Defining Scope