Guest
ISMS scope of a digital bank
can I just choose an area to scope? For example, choose Database. I'm kind of lost
Assign topic to the user
Expert
Rhand Leal
Sep 04, 2020
You can define the scope in terms of only the part of the organization (i.e. the Database), but in general, for small and mid-sized business, the best approach is to include the entire organization in the ISMS scope, because the effort to separate the scope for such organizations may not be worthy.
These articles will provide you a further explanation about the scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
These materials will also help you regarding scope definition:
- How to set the ISMS scope according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-set-the-isms-scope-according-to-iso-27001-free-webinar-on-demand/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
Comment as guest or Sign in
Sep 04, 2020
Sep 04, 2020
Sep 04, 2020