Focus the ISMS scope
Assign topic to the user
Answer:
I am sorry but I am not sure what do you mean, but you can define the scope of the ISMS limiting it to only the IT department. Another way, is to define the scope for the whole organization, and generally it is our recommendation. For more information about the definition of the scope, please read this article “How to define the ISMS scope” : https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
If you limit the ISMS scope to your IT department only, you will have to treat the other departments in your company as third parties, and this is why creating such a scope is difficult.
This article can be also interesting for you “Problems with defining the scope in ISO 27001” : https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
And our online course can be also interesting for you because we give more infor mation about how to define the ISMS scope “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Aug 02, 2016