Organizational context identification

Answer: Following the sequence recommend to implement an ISMS, you should start identifying the organizational context, the internal and external issues considered most relevant to ISMS (e.g., geographical location, organizational culture, public infrastructure available, etc.), and the interested parties, the relevant people with interest in ISMS results (e.g., clients, suppliers, top management, employees, etc). By knowing the internal and external issues interested parties, you can start think about which kind of questions you should ask.

This article will provide you further explanation about recommend steps to implement an ISMS:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

These articles will provi de you further explanation about organizational context identification:
- Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization) https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
- How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
- How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/

These materials will also help you regarding organizational context identification and recommend steps to implement an ISMS:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/