Scope definition
Assign topic to the user
Answer: Regarding section 2.4 of the ISMS scope document, you do not have to state each asset of IT infrastructure separately. It is sufficient to state the type of assets as you mentioned. It is also important to include the networks involved (e.g., Organization's LAN, or data center sub-network).
Included in the template there are comments with examples you can use to define your ISMS scope.
These articles will provide you further explanation about scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
Comment as guest or Sign in
Jul 23, 2018