ISO IEC 27013:2021 pdf download – Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1. For ISO/IEC 27001, the definition of the organization is that which is covered by the ISMS. As with an SMS, an ISMS can be applied to part or all of an entity and can include services delivered by the organization. The ISMS scope can also be defined exclusively by a clear physical boundary, such as a security perimeter around a specific site or part of a site. In some cases, the full requirements specified in ISO/IEC...