Expert Advice Community

Guest

Expanding scope

  Quote
Guest
Guest user Created:   Oct 07, 2019 Last commented:   Oct 07, 2019

Expanding scope

We did the certification audit last year on one function (customer support) and got the 3-year certificate. Since then we bought a company and would like to expand the scope to include the new company and also additional functions across both functions. do we need to 'start over' and recertify or is it possible to do the surveillance audit for year 2?

0 0

Assign topic to the user

ISO 27001 ISMS SCOPE DOCUMENT

Define the boundaries of ISMS for ISO 27001.

ISO 27001 ISMS SCOPE DOCUMENT

Define the boundaries of ISMS for ISO 27001.

Expert
Rhand Leal Oct 07, 2019

It is possible to include this new part of the scope in the surveillance audit for year 2, provided that you inform your certification body of this change in due time, and that the new part of the scope fulfills all requirements of the standard and the risks related to integrating this new scope to the current one are assessed and treated as necessary.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 07, 2019

Oct 07, 2019

Suggested Topics

Guest user Created:   Mar 24, 2017 ISO 27001 & 22301
Replies: 2
0 0

Expanding ISMS scope

Guest user Created:   Nov 27, 2018 ISO 27001 & 22301
Replies: 1
0 0

Scope extension

Guest user Created:   Jun 26, 2017 ISO 27001 & 22301
Replies: 3
0 0

Monitoring ISMS effectiveness