Scope is described

1

Components in scope are identified, listed.

2

Third party services in scope are identified, listed.

3

Data flows between components are identified, listed.

4

Risks to components in scope are identified, evaluated and listed.

5

A policy that governs and provides direction for protection of the systems is scope is defined

6

Responsible person is assigned to each component

PreviousScope is definedNextPersonnel is listed

Last updated