When I add a requirement and add it to the area of 'Specifying mandatory safeguards', I do not see it appear in the Statement of Applicability or Risk Treatment Plan.
So where do these requirements appear in the later workflow and how do we keep track of implementation, etc.
Please note that this 'Specifying mandatory safeguards' refers to the SoA document as a whole, so it will not appear in a specific control. The user needs to read the specific requirement of interest related to this area to understand which exact control(s) is(are) required to be implemented. You can use the “Description of the requirement” to identify specific controls to be applied in the ISMS.