Expert Advice Community

Guest

ISO 27001 corporate vs business functions

  Quote
Guest
Guest user Created:   Jan 16, 2021 Last commented:   Jan 16, 2021

ISO 27001 corporate vs business functions

I wonder whether you could advise me, We are planning to have a ISO27001 assessment but assessment team is planning to audit the Business function assets as well. However as far as I know ISO27001 is dealing with Corporate functions only (workplace, HR, IT, Procurement...). Could you let me know whether my understanding is correct? Is there any article already written on this please?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 16, 2021

I’m assuming that by business functions you mean activities related to the organization’s core business, while for corporate functions you mean supporting activities.

Considering that, please note that ISO 27001 aims to protect any kind of information, and depending on the defined scope, the information can be either related to Business functions as well as to Corporate functions. So, you need to clarify first with your assessment team which information, processes, and/or locations will be part of your ISMS to verify which functions need to be assessed.

These articles will provide you a further explanation about ISMS scope:

- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

These materials will also help you regarding ISMS scope:
- How to set the ISMS scope according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-set-the-isms-scope-according-to-iso-27001-free-webinar-on-demand/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 16, 2021

Jan 16, 2021

Suggested Topics

Guest user Created:   Jun 03, 2020 ISO 27001 & 22301
Replies: 0
0 0

ISO/IEC ISMS 27001 Annex A

Guest user Created:   Jun 03, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO/IEC ISMS 27001 Annex A

Guest user Created:   Jun 02, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO/IEC ISMS 27001 Annex A