{"id":1833,"date":"2019-05-30T13:05:59","date_gmt":"2019-05-30T12:05:59","guid":{"rendered":"https:\/\/www.imsm.com\/ie\/?p=1833"},"modified":"2021-05-17T13:56:11","modified_gmt":"2021-05-17T12:56:11","slug":"what-is-the-statement-of-applicability-for-iso-27001","status":"publish","type":"post","link":"https:\/\/www.imsm.com\/ie\/news\/what-is-the-statement-of-applicability-for-iso-27001\/","title":{"rendered":"What is the statement of applicability for ISO 27001?"},"content":{"rendered":"

When researching the steps you need to take for ISO 27001<\/a> certification, you may have stumbled upon the term \u2018statement of applicability\u2019. If the terminology of the ISO has got you scratching your head, we\u2019re here to do all the hard work and explain what the statement of applicability is and why it\u2019s important.<\/p>\n

What is the statement of applicability for ISO 27001?<\/h3>\n

Part of the risk assessment and Information Security Management Systems (ISMS – not to be confused with IMSM!) component of ISO 27001, it\u2019s a framework of policies surrounding the legality, physicality and technicality of your cyber security systems. Completion of the statement of applicability (SoA) is a requirement of the ISO: a document you have to develop, prepare and submit as part of your steps toward best practice data management systems.<\/p>\n

There are no exact rules for developing your SoA as ISO 27001 recognises that details of cyber security are unique to your business\u2019 requirements, however you must include:<\/p>\n