ISO 27001 Statement of Applicability Document

Show Notes

Howard and Jim chat about the ISO 27001:2022 - Statement of Applicability (SoA)

Items discussed include:

• The Statement of Applicability is required for ISO 27001 certification. It’s a statement that explains which Annex A security controls are — or aren’t — applicable to your organization’s Information Security Management System (ISMS).

You can update your current ISO 27001 Statement of Applicability (SoA) like this:

• Compare your current SoA to the new requirements - there are charts in the new Standard showing the connections
• Identify the business owners in the various risk areas, and assign a high-medium-low value to the risk, and then revise your Information Security Risk Treatment Plans
• Update your Risk Treatment Plans to keep you protected
• Keep your Risk Treatment Plans dynamic - threats never sleep!

On Our Next Episode

In the next episode of the ISO Review Podcast, Jim will discuss what you need to know about integrating ISO 27001 into an existing ISO 9001 QMS.

Next Steps

If you enjoyed this episode, please follow us on your preferred podcast directory. We appreciate your likes & comments, and invite you to share episode with anyone who might benefit from learning about this topic.    

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other ISO requirements that you have to meet.

Learn more about Jim on LinkedIn & YouTube

LinkedIn: https://www.linkedin.com/in/simplifyiso/

LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/

YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

LinkedIn: https://www.linkedin.com/in/foxcoachinginc/