ISMS scope document
1. What is to be included in the scoping document beyond simply stating the locations that are 'In-scope for the ISMS?
2. and when does this document need to be created - before the Project Plan Is signed off?
Assign topic to the user
1. What is to be included in the scoping document beyond simply stating the locations that are 'In-scope for the ISMS?
The most important information to be included in the ISMS scope is the information the ISMS is intended to protect. Information like location, processes, or business units included in the scope helps clarify the scope.
To see how an ISMS scope document looks like, I suggest you take a look at the free demo of our ISMS scope document at this link: https://advisera.com/27001academy/documentation/isms-scope-document/
For more information, see:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
2. and when does this document need to be created - before the Project Plan Is signed off?
The ISMS scope is created after the Project Plan is signed off.
This article will provide you a further explanation about ISO 27001 implementation steps:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
This material will also help you regarding ISO 27001:
- ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jun 22, 2020