I frequently come across an article that I find extremely helpful, and now I would greatly appreciate your guidance on the following matter. Our organization has already implemented ISO 27001:2013, a new version has been introduced. Currently, I have a Statement of Applicability (SOA) that is based on 114 controls from ISO 27002:2013. My question is whether I should create a new SOA consisting of 93 controls in accordance with ISO 27002:2022, and subsequently make the necessary updates on my current SOA . Your advice and support in this matter would be greatly appreciated.