If all the questions in the suitability test can be answered with a “yes” then the task in a second step is to define the scope, in other words the extent and area of validity for the planned certification. This is important in order to clearly define the area to be investigated by the audit.

The following criteria can be taken into account for defining the scope of the certification:

• Geographic boundaries such as for example location, region, country or global.
• Organizational boundaries such as for example department or groups of departments.
• Service boundaries, in other words which services or groups of services or all services are covered.

On the basis of the arrangement with external partners it makes sense to limit the scope of the area of certification accordingly.

The service provider should be able to supply the following documents as a guideline for making optimum preparations for the pre-audit meeting:

• A clear definition of the services and infrastructures to be included within the scope of the ISO/IEC 20000 certification.
• The interfaces between the processes as well as clarity on how the processes are controlled and monitored. It is important for the processes not to be seen in isolation but for the interplay between them and the coordination with internal and external organizations to be subject to clear rules.
• Information on the role and the interface with other organizations involved in the service delivery.

If an organization is unable to provide this information at justifiable cost then it is undoubtedly not yet ready for certification.