To document ISO 27001 clause 4.2, it is considered best practice to create a List of legal, regulatory, contractual, and other requirements. This document should include columns for interested parties and their specific requirements. Although documentation is not mandatory, it helps in recording the information used to develop the ISMS scope.