Your organization and your customer
Assign topic to the user
So, is ISO27001 adherent for me? Or just to a company that provides services?
Answer:
In this scenario, you can implement and certify the ISO 27001 in your organization, and also your customer can implement and certify the ISO 27001 in his business. The unique difference will be the scope of the ISMS. In your case could be your development services, your informations systems that supports your services, etc. In the case of your customer the scope could be the services that they offers, the information systems that supports their services, etc. So, you could have a ISO 27001 certificate, and also your customer could have a ISO 27001 certificate but with a different scope.
If you need more information about the scope, please re ad this article How to define the ISMS scope: https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
Comment as guest or Sign in
Jan 12, 2016