Organizations need to demonstrate confident knowledge of all internal and external issues, including regulatory issues, so that scope of ISMS within the unique organizational context is clearly defined. Again, your auditor will note any nonconformities and opportunities for improvement based on t