Scope of ISO 27001 and ISO 9001
Assign topic to the user
Answer:
This article, How to define the ISMS scope - https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/, starts with this: “The main purpose of setting the ISMS (information security management system) scope is to define which information you intend to protect. Therefore, it doesn’t matter whether this information is stored within your company offices, or somewhere in the cloud; it doesn’t matter whether this information is accessed from your local network, or through remote access. The point is that you will be responsible for protecting this information no matter where, how, and by whom this information is accessed.”
So, if you only intend to protect the information around the scope of your QMS (quality management system) you could use the same scope.
The following material will provide you more information about ISMS scope and about ISMS and QMS integration:
Problems with defining the scope in ISO 2700 1 - https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
Defining the ISMS scope if the servers are in the cloud - https://advisera.com/27001academy/blog/2017/05/22/defining-the-isms-scope-if-the-servers-are-in-the-cloud/
Using ISO 9001 for implementing ISO 27001 - https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
How to integrate ISO 9001 and ISO 27001 - https://advisera.com/9001academy/blog/2016/09/27/how-to-integrate-iso-9001-and-iso-27001/
Free online ISO 27001:2013 Foundations Course - https://advisera.com/training/iso-27001-foundations-course/
Book – Secure & Simple - A Small-Business Guide to Implementing ISO 27001 on Your Own - https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
Comment as guest or Sign in
Mar 12, 2019