0%(1)0% found this document useful (1 vote) 375 views4 pagesISMS Scope Document EN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content,
claim it here.
Available Formats
Download as PDF or read online on Scribd
‘Comment {OKI}; To er how tin
11¥ieo ttl “Yow Deine a
Document be SS epee 050
[organization logo}
[organization name] ‘mast ee,
ISMS SCOPE DOCUMENT
ode ‘Comment [DKS]; The decent coh
system shoud te nine wth he
Version reumert code nese soot
‘etn, re may be delete.
Date of version:
Created by
“Approved by:
Confidentiality level:
(©2013 his tmplate may eed by ents of FS Sees wa 270 sac com nacordace wth thease Agere�[organization name] confident evel
Change history
Date Version | Created by | Description of change
‘01/10/2013 [01 | Dejan Kosutic | Basic document outine
Table of contents
1. PURPOSE, SCOPE AND USERS.
2. REFERENCE DOCUMENTS.
3. DEFINITION OF IsMs SCOPE.
3. Processsano series,
2.2, OfGANeATINALUMIS.
33, ORTON.
3.4, NeTwoaksanoT aweasTRUCTURE
35. Exsons Frou mi core
4. VAUDITY AND DOCUMENT MANAGEMENT.
TBS Scope Document
ve ein] om ae]
(©2013 his tmplate may eed by ents of FS Sees. wa 270 saccom nacordace wth thease Agere�[organization name} [confidentiaity level)
1. Purpose, scope and users
‘The purpose ofthis document i to clearly define the boundaries of the Information Security
Management System (ISMS) in organization name,
This document is applied to all documentation and activities within the ISMS.
Users of this document are members of organization name] management, members of the project
‘team implementing the ISMS, and
2. Reference documents
ISO/IEC 27001 standard, clause 4.3
[Project Plan document for ISO 27001 implementation)
+ Ustof legal, regulatory, contractual and other requirements
3. Definition of ISMS scope
‘The organization needs to define the boundaries of its ISMS in order to decide which information it
‘that the responsibilty for applying the security measures will be transferred to a third party who
‘manages that information.
“Taking into account the legal, regulatory, contractual and other requirements, the ISMS scope is
defined as specified in the following items:
3.1. Processes and services
[specify the services anor ss oe seh see seat in the scope]
3.2. Organizational units
[specify the organizational units which are included in the scone, and i sale
3.3. Locations
[specify the locations which are included inthe scope, and jie Nau
3.4. Networks and IT infrastructure
[specify the networks and related IT infrastructure that are included in the scope, and eile
——
“TUS Scape Document ver version] rom ate] ag
(©2013 Thistle may ued by ons of FS Sees wa i270 san com nacordace wth teense Apert
‘Comment [OKA]: Powe vanes of
ter emplyees whe mst have e516
‘Comment [OKT] wail ear,
seat ulng ee�[organization name} [confidentiality level
3.5. Exclusions from the scope
‘The following is not included in the scope: ii ii i ste ne
4, Validity and document management
‘This document is valid as of [date]
“The owner of this dacurnent is ji shhh sys Hh tenn
least once a year.
‘When evaluating the effectiveness and adequacy ofthis document, the following criteria need to be
considered
+ NUTBEr Of ee Sy Ne te
© RUMbEr Of se se A Ae a et ce
‘time put in by employees implementing the ISMS to resolve dilemmas concerning the
unclear scape
lob title}
[name]
[signature]
“TS Scape Document ver version] rom @ate]———SSSSSCSCSCSCSS ag
‘©2013 hs tmp ay ewe by cents of FS Seis wn 2 7Clsanrcom nacre wth the easement
