We have bought the toolkit (German version) and I have one question:
Which parts and elements are needed within the documentation and description of interfaces and dependencies from “outside” services in connection with the scope of the ISMS. We have identified several interfaces to parties which are not directly included in the scope of the ISMS. For example:
- External software developing companies
- Legal department
- Data from external component manufactures needed for our product in the scope
So what is needed to describe these interfaces?