Expert Advice Community

Guest

Conformio - Justification in SoA

  Quote
Guest
Guest user Created:   Nov 29, 2021 Last commented:   Nov 29, 2021

Conformio - Justification in SoA

In the statement of Applicability, I can see preselected controls based on the risks. I’m adding additional controls as well. There is a ‘justification’ box here. Is it mandatory to type why I’m adding these extra controls?

Assign topic to the user

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

Expert
Rhand Leal Nov 29, 2021

ISO 27001 requires a justification for all applicable controls (clause 6.1.3 “d”), so if you are adding controls in the Statement of Applicability you need to fill in the ‘justification’ field to be compliant with the standard.  

This article will provide you a further explanation about the Statement of Applicability:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 29, 2021

Nov 29, 2021