Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Defining scope of application and scope for ISMS

  Quote
Guest
Guest user Created:   Aug 05, 2021 Last commented:   Aug 06, 2021

Defining scope of application and scope for ISMS

How do I best define the scope of application and scope for the ISMS? Our web application processes data from ERP systems and documents that are exchanged via them.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 06, 2021

The best ways to define an ISMS scope consider the information, processes, or locations you want to protect. An application cannot be defined as an ISMS scope.

Considering that, for your context, you can define the ISMS scope in terms of:

  • the development and maintenance processes that support the web application
  • the information processed by the web application

Please note that for companies up to 50 employees, the best alternative is to include all organizations in the ISMS scope, because the effort to keep only the organization in the ISMS scope is not worthy.  

These articles will provide you a further explanation about scope definition:

These materials will also help you regarding scope definition:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 05, 2021

Aug 06, 2021

Suggested Topics

Guest user Created:   Mar 10, 2021 ISO 27001 & 22301
Replies: 1
0 0

27001 ISMS Scope Question

Guest user Created:   Jun 23, 2021 ISO 27001 & 22301
Replies: 1
0 0

Scope