Scope in the ISO 27001:2013
Assign topic to the user
Not necessarily. The new revision of the standard, the ISO 27001:2013, has new requisites and your organization has to adapt to them (I suppose that still has the ISO 27001:2005), but it does not imply that you have to change the scope. Anyway, some certification bodies consider as a major non-conformity if your organization still has the old ISO 27001:2005. For more information about changes between old and new version of the standard, please read this article How to make a transition from ISO 27001 2005 revision to 2013 revision : https://advisera.com/27001academy/knowledgebase/how-to-make-a-transition-from-iso-27001-2005-revision-to-2013-revision/
Finally, this article also can be interesting for you "How to define the ISMS scope" : https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
Comment as guest or Sign in
Jan 12, 2016