Assign topic to the user
Answer: The reference to SoA revision number is used to help certification auditors, as well as any person evaluating the ISMS, to ensure that the current SoA version is the one against which the ISMS was certified. If the version of the SoA is newer, then auditors will know that they have to search for the reasons for the SoA to be updated and if new risks, legal requirements, and/or controls should be audited.
This article will provide you further explanation about the SoA:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
Comment as guest or Sign in
Jun 20, 2019