Expert Advice Community

Guest

ISO 27001 Foundations Course comment

  Quote
Guest
Guest user Created:   Jan 19, 2021 Last commented:   Jan 19, 2021

ISO 27001 Foundations Course comment

“List of all the controls from Annex A and any additional controls that might be identified in the risk treatment process”

“all the controls from Annex A ” means the 114 controls.

So this should be false and the quiz consider it true.

I know it’s meant this SELECTED controls from Annex A, but that is not what is written.

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 19, 2021

Please note that the question refers to the Statement of Applicability document (“The Statement of Applicability document should include:”)

Considering that, ISO 27001 clauses 6.1.3 d), and 6.1.3.c requires that all 114 controls from Annex A are included in the SoA, not only those deemed applicable, as well as additional controls from other sources. For those controls from Annex A deemed not applicable, you need to provide justification for their exclusion.

This article will provide you a further explanation about the Statement of Applicability:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 19, 2021

Jan 19, 2021

Suggested Topics

L.Chap Created:   Jun 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Beginner

Guest user Created:   May 05, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISMS Scope Statement

Guest user Created:   Feb 03, 2021 ISO 27001 & 22301
Replies: 1
0 0

How to fill out BYOD policy?