I have implemented ISMS in one dept. which is IT and got the ISO 27001 certificate for the IT dept. as scope. Now I need to extend the scope to other dept. like admin , Finance , Trading and other division of organization. How can I do that and what steps should I take so that the requirements from 4 to 10 are fulfilled and also I can select some controls in annex A.
I have a doubt that I can extend ISMS in other dept. , can anyone please guide me how to extend this scope?