4.3 Determining the scope of the ISMS

The entry explains that an organization must identify the boundaries and applicability of its Information Security Management System, taking into account internal and external issues, the needs and expectations of interested parties, and any interfaces with other management systems, to establish a clear and appropriate ISMS scope.