Expert Advice Community

Guest

Conformio - Justification in SoA

  Quote
Guest
Guest user Created:   Nov 29, 2021 Last commented:   Nov 29, 2021

Conformio - Justification in SoA

In the statement of Applicability, I can see preselected controls based on the risks. I’m adding additional controls as well. There is a ‘justification’ box here. Is it mandatory to type why I’m adding these extra controls?

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 29, 2021

ISO 27001 requires a justification for all applicable controls (clause 6.1.3 “d”), so if you are adding controls in the Statement of Applicability you need to fill in the ‘justification’ field to be compliant with the standard.  

This article will provide you a further explanation about the Statement of Applicability:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 29, 2021

Nov 29, 2021

Suggested Topics

Guest user Created:   Dec 23, 2021 ISO 27001 & 22301
Replies: 1
0 0

Risk assessment Vs SoA

Guest user Created:   Jul 04, 2022 ISO 27001 & 22301
Replies: 1
0 0

Is Conformio for us?

Guest user Created:   Jun 28, 2022 ISO 27001 & 22301
Replies: 1
0 0

Conformio Risk Register