Standards
What is Statement of Applicability?
SoA
A Statement of Applicability (SoA) is a core ISO 27001 document that lists the Annex A security controls, states whether each applies, and justifies inclusions and exclusions. Auditors use it as a map of the information security management system.
Related terms
← Back to the ISO certification glossary
See SWC CRM for yourself
Run leads, projects, audits, invoicing, and renewals in one customizable platform built for ISO certification teams.