SOA and Control Objectives
I have a question regarding the SOA and Control Objectives.
I was thinking that I should just include the Control Objectives and Controls in ISO27K
Is this OK or do I need to rephrase the words in case there is a Copywrite issue???
Assign topic to the user
Common practice is that the names of controls and text of control objectives can be used, ISO organization does not seem to have a problem with such an approach. However, you should not copy anything else from the standard.
To see how a Statement of Applicability looks like, I suggest you take a look at the demo of our Statement of Applicability at this link: https://advisera.com/27001academy/documentation/statement-of-applicability/
This article will provide you further explanation about Statement of Applicability:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
Comment as guest or Sign in
Nov 04, 2019