Clauses and security controls
Assign topic to the user
True, our Statement of Applicability (and any) starts with the clause A.5.
Keep in mind that the ISO 27001 has 11 paragraphs, starting at number 0 and finishing at number 10. Furthermore, the standard has an Annex. So, the standard has 2 parts: "main part of the standard" and the "Annex A. Whenever there is "A.xz" this means the reference is for Annex A; When there is no "A." this means the reference is for the main part of the standard. The Statement of Applicability only shows information about the security controls (included in the Annex A of the standard), so when we refer to the clause 4, we mean the paragraph 4 of the standard ("4. Context of the organization)
For more information about the Annex A of the ISO 27001, please read this article Overview of ISO 27001:2013 Annex A : https://advisera.com/27001academy/iso-27001-controls/
If yo u need more information about the list of mandatory documents required by the ISO 27001, please read this article List of mandatory documents required by ISO 27001 (2013 revision) : https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Comment as guest or Sign in
Jan 12, 2016