Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

ISO 27001 Scope change

  Quote
Guest
Guest user Created:   Mar 15, 2021 Last commented:   Mar 15, 2021

ISO 27001 Scope change

We are coming up for re-certification this year for ISO27001. We were all in an office in *** but since the pandemic we have all been given new contracts and are permanently WFH now. Since the scope only contained services and company owned hardware at the *** Office, this cannot stay as is. I was wondering if I was to change the scope to say "Company owned assets"? If I was to change this will it exclude home routers etc., or will I need a new policy for updating home security devices? We have many layers of security in place, including encryption, MFA, conditional access policies etc. Just looking to make the scope correct for the new world we find ourselves in.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 15, 2021

Please note that if all employees are accessing from home the same services and company-owned hardware they accessed when they worked in the company, then the ISMS scope does not need to be changed.

The use of personal devices to access company’s services and owned hardware from home can be handled by means of identification of relevant risks related to the use of personal devices and to remote access, which can be treated by means of controls such as A.6.2.1 Mobile device policy, A.6.2.2 Teleworking, and A.13.2.1 Information transfer policies and procedures.

The use of company’s owned hardware by employees from their homes can be handled by means of identification of relevant risks related to telework, which can be treated by means of controls such as A.6.2.1 Mobile device policy, A.6.2.2 Teleworking, and A.11.2.6 Security of equipment and assets off-premises

To see how policies covering these controls look like, please take a look at these free demos:

These articles will provide you a further explanation about teleworking:

These materials will also help you regarding teleworking:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 15, 2021

Mar 15, 2021