ISO 27001 Statement of Applicability Template
★★★★★ – Google 5-Star Reviews from Businesses Just Like You.
The ISO 27001:2022 Statement of Applicability (SOA) Template is:
- Fully ISO 27001:2022 Compliant
- The Complete list of ISO 27001:2022 Annex A Controls
- Microsoft Excel Format
- Easy to implement
- Easy to configure
- Included in the ISO27001 Toolkit
Original price was: $ 99.97.$ 49.97Current price is: $ 49.97. Excl. VAT
ISO 27001:2022 Statement of Applicability Template demo
ISO 27001:2022 Statement of Applicability Template Example
The ISO 27001 Statement of Applicability Template Example taken directly from the template.
What is the ISO 27001 Statement of Applicability?
The ISO 27001 Statement of Applicability is a fundamental part of your ISO 27001 implementation and certification. It is a list of the controls that you are required to implement and is a statement of if and why particular required controls apply to you.
The ISO 27001:2022 update introduced many new controls.
It is an ISO 27001 Mandatory document and required for ISO 27001 Certification.
For a deeper understanding of the ISO 27001 Statement of Applicability read the ISO 27001 Statement of Applicability Explained to learn what an ISO 27001 Statement of Applicability is and how to write it yourself.
What is the ISO 27001 Statement of Applicability template?
The ISO 27001 Statement of Applicability Template:
- meets the requirements of ISO 27001 Clause 6.1.3 Information Security Risk Treatment
- includes the complete list of ISO 27001:2022 controls and is updated to the latest version of the standard
- fully supports ISO/IEC 27001:2022 and ISO/IEC 27001:2013
The ISO 27001 Statement of Applicability Template is an Excel spreadsheet that has been created to fully meet the requirements of ISO 27001 for your ISO 27001 certification. Fully populated and ready to go it is designed to save you time and fast track your implementation.
You need the ISO 27001 Statement of Applicability as part of your ISO 27001 certification as it is a mandatory document. It may also be requested by your clients and your customers. Without the ISO 27001 Statement of Applicability you will not be able to evidence the controls that you have implemented and you will not certify to ISO 27001.
The purpose of the ISO 27001 Statement of Applicability Template is to clearly communicate what information security controls you have implemented to employees, clients, auditors and interested parties.
ISO 27001 Statement of Applicability Template FAQ
The ISO 27001 Statement of Applicability Template is in Microsoft Excel format.
Anyone that wants to save time and money and have a pre populated ISO 27001 Statement of Applicability that fully meets the requirements of the ISO 27001 standard, contains all the updated and required controls, and is ready to go.
It is 100% complete. It just requires a fast rebrand, checking and some minor additions that are clearly sign posted and marked
The Statement of Applicability fully supports ISO/IEC 27001:2022 and ISO/IEC 27001:2013.
We estimate that on average it will take you less than 1 hour. The templates require information that you know so there is nothing complicated.
The ISO 27001 statement of applicability is the list of information security controls that your business has implemented. It includes a list of the controls that you have considered but have deem not applicable. It is a fundamental document of ISO 27001 certification and of the information security management system.
The ISO 27001 Statement of Applicability Template is an Excel spreadsheet that has been created to fully meet the requirements of ISO 27001 for your ISO 27001 certification. Fully populated and ready to go it is designed to save you time and fast track your implementation.
You need the ISO 27001 Statement of Applicability as part of your ISO 27001 certification as it is a mandatory document. It may also be requested by your clients and your customers. Without the ISO 27001 Statement of Applicability you will not be able to evidence the controls that you have implemented and you will not certify to ISO 27001
The purpose of the ISO 27001 Statement of Applicability Template is to clearly communicate what information security controls you have implemented to employees, clients, auditors and interested parties. It is fully populated to fast track your implementation.
The benefits of using the ISO 27001 Statement of Applicability Template are:
Save time: the template is already fully populated with all the up to date, required controls and ready to go
Meet the requirements of the standard: the template is mapped directly to the requirements of the ISO 27001:2022 standard
Save money: you will not have to pay consultants to research and write the SOA for you
The ISO 27001 Statement of Applicability Template meets the requirements of ISO 27001 Clause 6.1.3 Information Security Risk Treatment
The ISO 27001 Statement of Applicability Template covers:
- The complete list of ISO 27001:2022 Annex A Controls
- Justification for inclusion
- Justification for inclusion
- Applicability
- Review Date
The ISO 27001 Statement of Applicability Explained is the complete guide to the ISO 27001 Statement Of Applicability and includes everything you need to know.
You get the Statement of Applicability immediately on successful payment.
We offer a free 30 minute 1-to-1 consultation as well as a free weekly ISO 27001 Q and A call and the unique ability to purchase consulting by the hour.
Yes. The ISO 27001 Statement of Applicability Template supports the International Standard for Information Security. It is being used successfully right now across the globe.
The ISO 27001 statement of applicability is the list of information security controls contained within ISO 27002. ISO 27002 is an annex to ISO 27001 and a requirement of ISO 27001. That list of controls changed in 2022. Certification bodies should be checked before going for certification to agree which version of the controls you will be assessed against. You have both versions in the template to cover both scenarios and to allow for future planning.
No. The ISO 27001 Statement of Applicability Template is designed to be easy to implement and easy to configure. It comes with an easy to follow step by step guide. You are provided with a free hour of training if you need it.
It depends what you are trying to achieve. We have made it available as a single document as some people just require the SOA but for ISO 27001 certification you will require the complete Information Security Management System (ISMS) and the Ultimate ISO 27001 Toolkit.
The best ISO 27001 Statement of Applicability Template will depend on your needs and requirements but we would recommend the High Table ISO 27001 Statement of Applicability Template. Review the templates for what they offer, view the samples and choose based on your need and budget.
You may also like…
The High Table ISO 27001 Implementation Suite was architected by Stuart Barker, a veteran practitioner with over 30 years of experience in systems security and risk management.
Holding an MSc in Software and Systems Security, Stuart combines academic rigor with extensive operational experience. His background includes over a decade leading Data Governance for General Electric (GE) across Europe, as well as founding and exiting a successful cyber security consultancy.
As a qualified ISO 27001 Lead Auditor and Lead Implementer, Stuart possesses distinct insight into the specific evidence standards required by certification bodies. He has successfully guided hundreds of organizations—from high-growth technology startups to enterprise financial institutions—through the audit lifecycle.
This toolkit represents the distillation of that field experience into a standardised framework. It moves beyond theoretical compliance, providing a pragmatic, auditor-verified methodology designed to satisfy ISO/IEC 27001:2022 while minimising operational friction.