SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Clause to requires status of control in 27001:2013 SOA

Guest

Clause to requires status of control in 27001:2013 SOA

ISO 27001 & 22301
  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Clause to requires status of control in 27001:2013 SOA

ISO 27001 & 22301
I am not sure whether in the new 27001:2013 SOA really required status of each control instead of just yes or no in 2005; Where is the cause in standard state that we need to add "status of implementation" in 27001:2013 SOA? Thank you
0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.
Guest
DejanK Jan 12, 2016

Chattavut,

ISO 27001:2013 defines Statement of Applicability in clause 6.1.3 d), and it requires that SoA should state for each control "whether they are implemented or not" - therefore, you need to document their status in SoA.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Atheer AlMartan Created:   Feb 13, 2024 ISO 27001 & 22301
Replies: 1
0 0

Procedure for document and record control
Atheer AlMartan Created:   Jan 30, 2024 ISO 27001 & 22301
Replies: 1
68 0

Procedure for document and record control
LindaK Created:   Jan 16, 2024 ISO 27001 & 22301
Replies: 2
0 0

Choose to Not implement a security control