Author: Chloe Biscoe

Documentation is a crucial part of any ISO 27001 implementation project, and one of the most important documents you need to complete is the SoA (Statement of Applicability). In this blog, we explain what an SoA is, why it’s important and how to produce one. What is a Statement of Applicability? An SoA summarises your organisation’s position on each of the 114 information security controls outlined in Annex A of ISO 27001. Clause 6.1.3 of the Standard states an SoA must: Identify which controls an organisation has selected to tackle identified risks; Explain why these have been selected; State whether

The post The importance of the Statement of Applicability in ISO 27001 – with template appeared first on IT Governance UK Blog.

Read More The importance of the Statement of Applicability in ISO 27001 – with template