Guest
Scope definition
I am currently in the process of certification under ISO 27001: 2013. I told you that we had a first audit (Phase I) by the certifying body, in which some findings arose, one of which was that we did not consider the interfaces and dependencies of the activities carried out by the company and other organizations (Requirements 4.3 liter C) .
Assign topic to the user
Expert
Rhand Leal
Jul 13, 2019
It has been difficult for me to develop that point, since I do not quite understand it. I have investigated but it is not clear to me. I wish you could help me or show me some examples based on your knowledge and experience.)
Answer:
Without detailed information about your scope what we can do is provide general examples:
- In an e-commerce organization its website is considered the interface between the activities carried out by the organization and their customers. The web page of the Supplier Chain management software is the interface between the activities carried out by the organization and their suppliers
- Considering a data center, dependencies that must be considered are electrical and comm unication providers, as well as hardware manufacturers
This article will provide you further explanation about scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
This material can also help you:
- How to set the ISMS scope according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-set-the-isms-scope-according-to-iso-27001-free-webinar-on-demand/
Comment as guest or Sign in
Jul 13, 2019
Jul 13, 2019
Jul 13, 2019