ISMS Scope Definition Form
Define the boundaries, coverage, exclusions, and ownership for the Information Security Management System scope.
Scope Context
Organization Name
*
Brief Business Description and Primary Purpose of the ISMS Scope Definition
*
Scope Boundaries and Coverage
In-scope business units/functions
*
Executive Management
Finance
Human Resources
IT
Operations
Sales
Customer Support
Legal/Compliance
Procurement
Manufacturing
Research & Development
Other
In-scope physical locations/sites
*
Head Office
Branch Office
Data Center
Warehouse
Factory/Plant
Remote Workforce
Cloud Environment
Other
In-scope products/services
Internal IT Services
Software Products
Professional Services
Customer Support Services
Managed Services
Manufacturing Outputs
Online Services
Other
Key information assets or processes included
*
Explicit exclusions or out-of-scope areas
*
Scope Governance and Completion Details
Responsible Owner Name
*
First Name
Middle Name
Last Name
Target Completion / Approval Date
-
Month
-
Day
Year
Date
Additional Notes or Dependencies
Submit Scope Details
Should be Empty: