Our company decision is to first check our compliance with ISO 27001. This is my project. I attend training for ISO 27001 internal auditor and manager of the ISMS system.
So the scope of my project is to get the info on how and where we comply (gap analysis) and what we still need to do (plan for implementation). Based on this our management will decide to go into activities towards obtaining certification. This will be a separate project.
Everywhere I can just find info on how to prepare a project for implementation, but not how to prepare a project to get my scope. Can you please help me with this.