Expert Advice Community

Guest

Question about SOA

  Quote
Guest
Guest user Created:   May 08, 2020 Last commented:   May 08, 2020

Question about SOA

1 - Is the SOA related to the scope?

2 - How can we verify the inclusion and exclusion of controls?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 08, 2020

1 - Is the SOA related to the scope?

Your assumption is correct. The Statement of Applicability is used, among other things, to identify the controls applicable to protect the elements identified in the ISMS scope.

This article will provide you a further explanation about the Statement of Applicability:

2 - How can we verify the inclusion and exclusion of controls?

Inclusions and exclusions of controls are made through the risk assessment and risk treatment process, and by the evaluation of legal requirements (e.g., laws, regulations, and contracts), your organization has to comply with it.

This article will provide you a further explanation about risk assessment and risk treatment:

These materials will also help you regarding ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 08, 2020

May 08, 2020

Suggested Topics

Guest user Created:   Jun 10, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about SoA

Guest user Created:   Oct 29, 2020 ISO 27001 & 22301
Replies: 3
0 0

SoA - status of controls