Expert Advice Community

Home / ISO 27001 & 22301 / Review of SOA after implementation

Guest

Review of SOA after implementation

ISO 27001 & 22301
  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Review of SOA after implementation

ISO 27001 & 22301
Hello, I declare the status "Partially implemented" for some particular controls in SOA, for which I must write a Policy document. I put this task in Risk Treatment Plan, e.g.: write a Policy document. Is it necessary to review the SOA after implementation (after writing that Policy document) and update the status of controls to "Fully implemented"? Thanks, Cosmin
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
AntonioS Jan 12, 2016

Yes, absolutely, you can perform a revision after the implementation and update the state of all security controls in the SoA. Finally, I think that it is interesting to know the importance of the SoA, so please read this article “The importance of Statement of Applicability for ISO “27001": https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Mar 09, 2021 ISO 27001 & 22301
Replies: 1
0 0

Implementation of ISO controls
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Some particular controls partially implemented
Guest user Created:   Mar 10, 2021 ISO 27001 & 22301
Replies: 1
0 0

Implementing and verifying items