Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Changing SOA in praparation of audit

  Quote
Guest
Guest user Created:   May 13, 2023 Last commented:   May 13, 2023

Changing SOA in praparation of audit

we are currently preparing for our control audit. 

However, due to personnel changes I am contemplating to change certain aspects of the SOA to reduce unnecessary overhead. 

What effect will the removal of controls e.g. A.14 have for the audit and our certification scope?

Can Changes to the SOA only be made prior to certification audits?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 13, 2023

You can make changes to the SoA prior to certification audits, but this will not have an effect on ISMS or certification scope. 

You can mark certain controls as not applicable in the SoA - however, be aware that controls can be marked as not applicable only if there are no related risks and if there are no requirements of interested parties for those controls.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 13, 2023

May 13, 2023

Suggested Topics

Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits

Gerry Created:   Nov 27, 2023 ISO 27001 & 22301
Replies: 1
0 0

SoA Tasks

Guest user Created:   Oct 31, 2023 ISO 27001 & 22301
Replies: 1
0 0

Audit report