Statement - ISMS Scope

Title Statement - ISMS Scope

Classification: Internal Use Only

Author Probal Choudhuri

Reviewer (suitability and

ISMS Manager/CISO
adequacy)
Approver (suitability and
Chief Executive Officer
adequacy)

Policy/Document Owner ISMS Manager/CISO

Current Version 1.0

First Document Release Date 12th December 2016

Modification History:

S. No. Description of Change Date of Change Version No.

1
Table of Contents
1. Purpose & Objective........................................................................................................................ 3
2. ISO 27001 – 2013 Reference........................................................................................................... 3
3. Policy - Scope.................................................................................................................................... 3
4. Physical Locations............................................................................................................................ 4
5. Scope of Network............................................................................................................................. 4
6. Out of Scope..................................................................................................................................... 4
7. Additional References..................................................................................................................... 4
8. Policy Review..................................................................................................................................................... 4

2
1. Purpose & Objective
The document defines the scope of ISMS in line with organizations’ external and internal issues,
including interest of external and internal stakeholders.

2. ISO 27001 – 2013 Reference

Clause 4.3 – Determining the scope of the information security management system

3. Policy - Scope
The scope of compliance applies to the following organisational units along with justification for
exclusions:

Scope Statement

ISMS applies to [main external

services] supported by IT
support, Human Resources,
Physical Security, Legal, Finance
and Procurement from [city,
country]. This is as per Statement
of applicability Version [1.0]

3
4. Physical Locations

[Address of the locations under scope, with business divisions, and approximate list of
personnel]

SN Location Business Division/s Number of People

1
2
3

5. Scope of Network

[Network diagram here]

6. Out of Scope

All areas of business are under the scope of ISMS.

7. Additional References
 Dependency Diagram - External and Internal

8. Policy Review

The policy is reviewed annually and/or when significant changes occur.