How to define ISO 27001 scope

How to define ISO27001 Scope

In this article I lay bare how to write, define and implement ISO 27001 Scope. A beginners guide, exposing the insider trade secrets, giving you the templates that will save you hours of your life and showing you exactly what you need to do to satisfy it for ISO27001 certification. We show you exactly what changed in the ISO27001:2022 update. I am Stuart Barker the ISO27001 Ninja and this is how to define ISO 27001 Scope

How to define ISO 27001 Scope: Step By Step

When defining your scope be as clear as you can and include in your scope document the things that are in scope and the things that are out of scope. This is an extension to the scope statement and for your own management. Consider

  • Systems
  • People
  • Locations
  • Departments

Providing good documentation such as a Scope Document with associated architecture diagrams, technical documentation, network diagrams will enable you to define the boundaries of your ISO 27001 scope more clearly.

How to define ISO 27001 Scope

  1. List your products and services

    Create list of all of your products and services. Use the names that your customers use and know them by.

  2. Choose the products and services that need ISO 27001 certification

    From the list of all of your products and services choose the ones that customers are asking you about and / or the ones that you want to have and ISO 27001 certificate for.

  3. Identify the people, technology and premises that make up the chosen products and services.

    List out the departments in the company, the technologies and the locations that make up the products and / or services that you want to have and ISO 27001 certification.

  4. Write a clear ISO 27001 scope statement

    Write a clear statement that states the products and / or services and then clearly sets out the people, technology and locations that are in scope for the ISO 27001 certification.

ISO 27001 Scope Statement Tutorial

In this short tutorial we show you how to use the ISO 27001 Scope Statement

ISO27001 Scope Document -Black

ISO 27001 Scope Statement Template

Doing so many ISO 27001 certifications over the years led to the creation of the ISO 27001 Scope Document Template that people can use as part of their own ISO 27001 certification.

The complete guide to the ISO 27001 scope statement
ISO 27001 Templates Toolkit Business Edition Black
ISO27001 Policy Templates Pack Green

FREE 30 minute ISO27001 strategy session.

Claim your 100% FREE no-obligation 30 minute strategy session call (£1000 value). This is strictly for small businesses who are hungry to get ISO27001 certified up to 10x faster and 30x cheaper.

ISO27001 Certification Stragey Call
Shopping Cart