ISO 27001 ANNEX A RASIC Matrix


We have pre populated the risk register with all of the required 114 controls and control objectives of ANNEX A –  you just add the names of the people doing the work.


ISO 27001 ANNEX A RASIC Matrix

To get things done and manage the ISMS you are going to want to know who is ultimately accountable for a control and who does the work day to day. There are many scenarios where this information is important ranging from who to speak to for internal and external audits, who will maintain operational control of the process, who will update documents and more. The ISO 27001 RASCI Table is a tool that allows you to record who owns an Annex A / ISO 27002 control. It records who is accountable for it and who is responsible for it. Think of it like who would get sacked if the control failed and who is the person that does the actual work day to day. They may be the same person or may not. This allows you to plan your communications, your internal audits, your documentation maintenance and more.


ISO27001:2013 – Annex A Controls

Cut down RASCI showing who does the work, who is accountable and who is informed.

R = Responsible – does the work
A = Accountable – responsible for the work
I = Informed – informed of progress

ISMS RASCI Table Template Contents

Responsible Named Person
List of roles or people
Flag for RASCI

High Table Testimonials

Stuart Barker meet the author

Key Benefits

If you want ISO 27001 templates without wondering what good looks like, or if they will stand up to audit and certification, then you want to download these templates.

  • Simple
  • Easy to use
  • Easy to configure
  • Crafted by our expert ISO 27001 practitioners
  • Used in our own ISO 27001 certification
  • Used by industry professionals as part of their ISO 27001 certification passes
  • Designed to be used almost as is for the novice or configured and adapted by those with experience
  • Save time

These are not just boiler plate, these are working documents, established, proven and praised by UKAS Certification auditors as amongst the best they have seen. We can take care of it for you of course, but if you are going it alone, you won’t go wrong with the tools we use as part of our trade.

Customer reviews


There are no reviews yet.

Be the first to review “ISO 27001 ANNEX A RASIC Matrix”

You may also like…

As Seen On

Shopping Cart