Expert Advice Community

Guest

Scope of ISMS

  Quote
Guest
Guest user Created:   Sep 23, 2021 Last commented:   Sep 23, 2021

Scope of ISMS

Regarding the implementation of the ISO 27001 standard, we are in the process of determining the scope.

Our company deals with the following areas:

1. development of IT solutions,
2. digitization of documents,
3. hosting and
4. by keeping a paper archive of our clients.

It is clear to us that the first three areas need to be in scope. It is not clear to us whether there should be a paper archive in the scope.

We would appreciate advice on this issue.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 23, 2021

The paper archive will need to be part of the ISMS scope if it contains information you want your Information Security Management System to protect.

For example, if the paper archive contains employees’ information, and you want the ISMS to protect only customer information, then the paper archive does not need to be part of the ISMS scope.

These articles will provide you a further explanation about defining the ISMS scope:

This material can also provide more information:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 23, 2021

Sep 23, 2021

Suggested Topics

Guest user Created:   Jun 18, 2020 ISO 27001 & 22301
Replies: 2
0 0

Scope of ISMS

Guest user Created:   Jun 12, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 scope