SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

ISO 27001 Scope

  Quote
Guest
Guest user Created:   Feb 16, 2022 Last commented:   Feb 21, 2022

ISO 27001 Scope

1. Do we have the ISO 9001 certification where its scope is "Customer Service and Telemarketing", is it possible to indicate the same scope on the SGSI? 2. If the YES is the answer on the scope of the ISMS, should it be included in the point 3.1 of the document on the scope of the ISMS? The inside of the point 3.1 must detail all the processes that interact within the "Service of Customer Service and Telemarketing”
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 16, 2022

1. Do we have the ISO 9001 certification where its scope is "Customer Service and Telemarketing", is it possible to indicate the same scope on the SGSI?

I’m assuming this scope refers to "Customer Service and Telemarketing" processes.

In this case, it is perfectly possible to have the same scope for ISO 9001 and ISO 27001. ISO 27001 scope can be defined in terms of processes, locations, or information to be protected.

For further information, see:

2. If the YES is the answer on the scope of the ISMS, should it be included in the point 3.1 of the document on the scope of the ISMS?
The inside of the point 3.1 must detail all the processes that interact within the "Service of Customer Service and Telemarketing”

You do not need to detail the processes that interact with the processes in the ISMS scope. It is enough to identify the interfaces with them (i.e., the point of contact between the processes). For example, you do not need to detail IT processes, you only need to identify that IT processes keep the systems used by Service of Customer Service and Telemarketing running.

Quote
0 0
Guest
Guest user Feb 18, 2022

Thank you very much for the reply.

In any case, within point 3.1 of the ISMS scope document, only "Telephone Customer Service and Telemarketing" would be placed?

Quote
0 0
Expert
Rhand Leal Feb 21, 2022

Your understanding is correct. In sections 3.2 to 3.5 of the ISMS scope document, you will identify how the elements of the scope are separated from the other elements.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 16, 2022

Feb 21, 2022

Suggested Topics

Guest user Created:   Mar 15, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Scope change

Guest user Created:   Jun 12, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 scope