Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

SoA update

  Quote
Guest
Guest user Created:   Sep 28, 2018 Last commented:   Sep 28, 2018

SoA update

Hi, should we update the statuses in the SOA ongoing or is this done annually?
0 0

Assign topic to the user

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

Expert
Rhand Leal Sep 28, 2018

Answer:

Once a year is not enough. You should update SoA at least once a month or more often, considering how changes in the ISMS environment and new and modified risks affect the implemented controls, so the SoA can keep reflecting the way the organization handles its information security.

This article will provide you further explanation about SOA:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 27, 2018

Sep 27, 2018

Suggested Topics

Guest user Created:   Sep 30, 2017 ISO 27001 & 22301
Replies: 1
0 0

SoA update

Guest user Created:   Feb 23, 2018 ISO 27001 & 22301
Replies: 1
0 0

Risk assessment information

Guest user Created:   Sep 07, 2020 ISO 27001 & 22301
Replies: 1
0 0

Update SoA