Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Use promo code:
CTA20

Expert Advice Community

Home / ISO 27001 & 22301 / Some particular controls partially implemented

Guest

Some particular controls partially implemented

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Some particular controls partially implemented

ISO 27001 & 22301
I declare the status "Partially implemented" for some particular controls in SOA, for which I must write a Policy document. I put this task in Risk Treatment Plan, e.g.: write a Policy document. Is it necessary to review the SOA after implementation (after writing that Policy document) and update the status of controls to "Fully implemented"?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
AntonioS Jan 12, 2016

Yes, absolutely, you can perform a revision after the implementation and update the state of all security controls in the SoA. Finally, I think that it is interesting to know the importance of the SoA, so please read this article "The importance of Statement of Applicability for ISO 27001":

https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest post Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Review of SOA after implementation
Guest user Created:   Sep 29, 2023 ISO 27001 & 22301
Replies: 1
0 0

Can a company be certified by someone who works for them?
Guest user Created:   Aug 29, 2023 ISO 27001 & 22301
Replies: 1
0 0

Controls in the SoA that so not show up in the Risk Assessment