Scope definition

1 - Can we scope the ISO certification to one (1) business unit only or do we have to implement processes, procedures and measures throughout the whole organization?

Answer: Yes, you can define the scope of ISO certification to a single business unit.

2 - Can we scope the Information Assets on which we want to apply the processes, procedures and measures to comply to ISO?

Answer: If I understood your question correctly, you are asking if you can include in the ISMS scope specific information assets. Considering that, the answer is yes, besides specific departments and processes that will be part of the scope you also can state specific assets as part of your ISMS scope.

3 - Do you only give advice through the consultancy hours and e-mails on the compiling of the document, or also on questions regarding the implementing of ISO?

Answer: We can also provide answers about your doubts regarding the implementation of ISO 27001 as well as other ISO standards related to our other Academies (e.g. 9001Academy and 14001Academy). You can post questions on our Expert Advise Community, or as comments in our articles any time and as many times you want and we will provide answer as soon as possible (within a business day).

These articles will provide you further explanation about scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

These materials will also help you regarding scope definition:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/