Expert Advice Community

Guest

Increasing the Scope of the ISO27001

  Quote
Guest
Guest user Created:   Nov 05, 2021 Last commented:   Nov 05, 2021

Increasing the Scope of the ISO27001

Hi Dejan and Rhand, thank you so much for always being there to answer our queries. Hopefully, other readers can also benefit from these questions. I have recently got the company I work for to re-certify for ISO27001. Our scope is only for the UK office.   However, when I did the works I ensured that everyone in the business were involved for example Security awareness training.   We are increasingly getting request from clients who are asking us “whether you have plans to extend the IS027001 to include every office around the globe. In order to increase the scope what would be the basic process needed. Any inputs would be much appreciated. I also have the Secure and Simple book written by Dejan are there any particular chapter in there that may give me further guidance.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 05, 2021

To extend the ISMS scope you have to perform all the steps as if you were implementing the ISMS for the first time, on a scale equivalent to the size of this extension.

While you will have less effort related to common requirements such as document and record control, internal audit and management review, the effort for the risk assessment and treatment will depend on how similar this extension is to the current scope. If they are similar you may use existent controls and security metrics with only minor adjustments.

In the Secure and Simple book, you should take a look at chapter 5 - FIRST STEPS IN THE PROJECT, which explains how to develop the ISMS scope.

These articles will provide you a further explanation about implementing ISO 27001 (the concepts are the same for scope extension):

This material will also help you regarding implementing ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 05, 2021

Nov 05, 2021

Suggested Topics

Lee Created:   Oct 21, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO27001 Lead Implementer Training

Guest user Created:   Sep 23, 2021 ISO 27001 & 22301
Replies: 1
0 0

Scope of ISMS