User
What is the structure of Statement of Applicability?
Experta
The structure of the Statement of Applicability includes:
- Listing all controls from ISO 27001 Annex A.
- Defining which controls are applicable and which are not applicable.
- Providing justification for controls marked as applicable.
- Providing justification for controls marked as not applicable.
- Defining implementation methods for applicable controls.
- Defining the status of each control.