ISMS and PCI DSS

Answer:
From my point of view, if your company is complex, in your case can be a recommendation to limit the scope of the ISMS. I mean, the implementation of the ISMS in your company could be gradual, so maybe the first year you can implement the ISMS in a sector of the organization, next year you can implement the ISMS in another sector, and so on. Although, generally, our recommendation is , if the company is small, that the scope is for the entire organization (but I think that your case is different).

For more information about the scope, this article can be interesting for you “How to define the ISMS scope” : https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/

And these articles about PCI and ISO 27001 can be also interesting for you:

“PCI-DSS vs. IS O 27001 Part 1 – Similarities and Differences” : https://advisera.com/27001academy/knowledgebase/pci-dss/

“PCI-DSS vs. ISO 27001 Part 2 – Implementation and Certification” : https://advisera.com/27001academy/knowledgebase/pci-dss/

Finally, our online course can give you information about the implementation of ISO 27001 in your organization “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/