Enterprise Branch Certification
Assign topic to the user
Gokhan,
In this case you have to set the scope of your ISMS very precisely. You have basically 2 options:
a) Broaden the scope of your main company ISMS to include the branch office as well, or
b) Implement a separate ISMS in your branch only.
It seems to me that option a) would be better, because this would mean that the existing documentation will be valid not only for the main office, but also for your branch.
If you choose the option b), your branch office will have to treat everything that is outside of the scope as external party - this means that in this context your main office would also be an external party, with which you would have to define a clear boundary and make agreements for SLA, security, etc. Further, in this case the branch would have to write its own documentation.
Comment as guest or Sign in
Jan 12, 2016