Compliance scoping provides a review of your organisation’s information processing systems to identify the elements that fall within the scope of a potential assessment. This process not only ensures that you concentrate on relevant system components but also that critical elements are not incorrectly excluded which could jeopardise your overall compliance.
Our qualified consultants will identify those business units and components of your operating environment that fall within the scope of compliance assessments such as PCI DSS and assist you in defining the scope for a given assessment (e.g. by assisting with a Statement of Applicability for ISO 27001). Over the course of this exercise we can also discuss a sampling methodology and devise a strategy to define the appropriate sample set to ensure that all system types are assessed.
Furthermore, they will also provide valuable analysis; identifying methods, techniques and solutions for reducing that scope, for example, by isolating particular systems, users or processes. This exercise can evolve into an entire phase of the project and even into a dedicated scope reduction project.
For further information on our Compliance Scope Analysis & Reduction service, please contact one of our Sales representatives by calling +27 46 622 6123 or by completing our Online Enquiry Form or Request a Call Back Form on our website.
Also, please feel free to visit our resource centre for helpful articles, videos, latest news, wikis and useful links related to industry topics and terminology.