Define scope

According to chapter 4.3 of ISO 27001, you must define the boundaries within which your ISMS will be deployed. In the scope section of the ISMS app, you determine the processes you want to protect with your ISMS for each legal entity.

Procedure:

1. In the Description text box, define your scope and list the ISMS-relevant processes.

   Tip: Link your processes that you list here using the mention function. This allows you to quickly navigate to ISMS-relevant processes. See also Mention configurations in the delivery state.

2. All processes that have been marked as ISMS-relevant appear in the evaluation box All processes with ISMS relevance. Make sure that the processes mentioned in the description are actually marked as ISMS relevant. Here you can also easily identify when processes have been marked as ISMS-relevant that do not fall within the scope.

   See also: How to determine ISMS-relevant processes is described under Identify ISMS risks.