N
ndabbot
Hi,
I am currently in a process of defining scope for ISMS. We are covering only IT department within our organisation. I have downloaded ISO27K toolkit with scope samples and have a problem with the following:
define security interfaces for information flows and processes that span or extend beyond the in-scope area to the remainder, since everything outside the scoped area is relatively untrustworthy
Can anybody point me to some examples of how to correctly define such interfaces?
I am currently in a process of defining scope for ISMS. We are covering only IT department within our organisation. I have downloaded ISO27K toolkit with scope samples and have a problem with the following:
define security interfaces for information flows and processes that span or extend beyond the in-scope area to the remainder, since everything outside the scoped area is relatively untrustworthy
Can anybody point me to some examples of how to correctly define such interfaces?