BLACK FRIDAY DISCOUNT
Get 30% off on toolkits, course exams, Conformio, and Company Training Academy yearly plans.
Limited-time offer – ends December 2, 2024
Use promo code:
30OFFBLACK

Expert Advice Community

Guest

SoA update

  Quote
Guest
Guest user Created:   Dec 14, 2022 Last commented:   Dec 14, 2022

SoA update

I want to know how to convert ISO 27001:2013 SOA to ISO 27001:2022 directly, not from scratch?

0 0

Assign topic to the user

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

Expert
Rhand Leal Dec 14, 2022

For this conversion you need a map identifying:

  • the new IDs for old controls that did not change. For these you only need to update the control ID from your current SoA, keeping all the remaining information the same. For example, control A.9.1.1 Access control policy, is now A.5.15 Access control.
  • the new IDs for old controls that change only the control name. For these, you need to update the control ID and control name from your current SoA. For example, control A.14.3.1 Protection of test data is now A.8.33 Test information
  • the new IDs for old controls that were merged. For these you need to create a new entry, merging the information from merged controls, and excluding the entries from the older version. For example, controls A.5.1.1 Policies for information security and A.5.1.2 Review of the policies for information security are now A.5.1 Policies for information security
  • the new IDs for the new controls. For these, you will need to update your risk assessment to verify if these new controls are applicable or not and include the proper information. For example, control A.5.7 Threat intelligence

This paper can help you with the new IDs:

This tool can also help you:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 14, 2022

Dec 14, 2022

Suggested Topics

Guest user Created:   Sep 28, 2018 ISO 27001 & 22301
Replies: 1
0 0

SoA update

Guest user Created:   Sep 30, 2017 ISO 27001 & 22301
Replies: 1
0 0

SoA update