ISO 27001 ISMS Scoping exercise
-
Upload
mark-edward-stirling-bernard -
Category
Business
-
view
2.838 -
download
4
description
Transcript of ISO 27001 ISMS Scoping exercise
*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
For more information contact , Skype; Mark_E_S_Bernard, Twitter; @MESB_TechSecure, LinkedIn; http://ca.linkedin.com/in/markesbernard
There are two sections that need to be drafted, #1. the scope statement
and #2. the scope diagram to add clarity to the scope statement and
assist the organization with rationalization of
the target.
*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
For more information contact , Skype; Mark_E_S_Bernard, Twitter; @MESB_TechSecure, LinkedIn; http://ca.linkedin.com/in/markesbernard
Here’s a hint of what should be in scope, a service or product that your organization produces. I recommend keeping the initial target narrowed down to once physical site if possible to simplify and get some quick wins and traction with upper management. We can expand it if needed after the initial quick win. This approach will also help us establish a straw-man to test out and customize to fit your organization.
*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
For more information contact , Skype; Mark_E_S_Bernard, Twitter; @MESB_TechSecure, LinkedIn; http://ca.linkedin.com/in/markesbernard
Once completed this document will be included with the statement of applicability and submitted with the registers recommendation for registration /certification, but for now lets start with a draft.
*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
For more information contact , Skype; Mark_E_S_Bernard, Twitter; @MESB_TechSecure, LinkedIn; http://ca.linkedin.com/in/markesbernard
I use a bubble chart to help explain what is the purpose /target of registration /certification and how this will affect other related business units. Contact me directly for an editable Visio document.