ISMS scope definition
Assign topic to the user
I could put a two page document together detailing the reasons why the whole business should be included but need to put this into a couple of lines.
Do you have any suggestions
Answer: You can write that by ISO 27001, clause 4.3 c, when defining the ISMS scope an organization has also to consider its relationships with all external elements that can influence it, and since support and installation have relationships with all other organization's elements, the effort for managing this reduced scope and these relationships would be greater than managing a scope including all the organization.
This article will provide you further explanation about problems with scope definition:
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
This material will also help you regarding scope definition:
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
May 17, 2017