4.1 – Understanding the Organisation and its Context

One of the elements of ISO 27001: 2013 is about the context of an organisation. This is very helpful as it ensures that all of your efforts with your ISMS relate back to your organisation’s ‘reason for being’

The challenges of understanding an organisation’s context

 

It can be difficult to find information and guidance on what it means to find the right context, and that we are considering the correct internal and external issues. Here we guide you through an exercise that we have used for your own company to help you get on the right track with preparing for ISO 27001: 2013.

The ISO 27001 auditors are essentially looking to find out about your organisation’s background, the context in which you are operating, as well as your purpose. The way we do that is to identify the internal and external issues that our organisation could face.

Examples of internal issues facing an organisation

Your staff

Organisation level

The products that you sell

 

Examples of external issues facing an organisation

Political

Economic

Sociological

Technological

Legislative

Environmental

Improve your ISMS & achieve ISO 27001 with ISMS.online

ISMS Online Rating: 5 out of 5
Share This