4.1 Understanding the Organisation and its Context

One of the elements of ISO 27001: 2013 is about the context of an organisation. This is very helpful as it ensures that all of your efforts with your ISMS relate back to your organisation’s ‘reason for being’

The challenges of understanding an organisation’s context

It can be difficult to find information and guidance on what it means to find the right context, and that we are considering the correct internal and external issues. Here we guide you through an exercise that we have used for your own company to help you get on the right track with preparing for ISO 27001: 2013.

The ISO 27001 auditors are essentially looking to find out about your organisation’s background, the context in which you are operating, as well as your purpose. The way we do that is to identify the internal and external issues that our organisation could face.

See how simple it is with ISMS.online

Examples of internal issues facing an organisation

  • Your staff
  • Organisation level
  • The products that you sell

Examples of external issues facing an organisation

  • Political
  • Economic
  • Sociological
  • Technological
  • Legislative
  • Environmental

Platform features

Disconnected templates and toolkits supported by an expensive consultant just don’t cut it anymore. You need an ISMS that works for you both now and as your business grows.