SOA and Control Objectives
I have a question regarding the SOA and Control Objectives.
I was thinking that I should just include the Control Objectives and Controls in ISO27K
Is this OK or do I need to rephrase the words in case there is a Copywrite issue???
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Common practice is that the names of controls and text of control objectives can be used, ISO organization does not seem to have a problem with such an approach. However, you should not copy anything else from the standard.
To see how a Statement of Applicability looks like, I suggest you take a look at the demo of our Statement of Applicability at this link: https://advisera.com/27001academy/documentation/statement-of-applicability/
This article will provide you further explanation about Statement of Applicability:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
Comment as guest or Sign in
Nov 04, 2019