Statement of Applicability Template
The statement of applicability is the list of controls that you are implementing in your organisation. It includes the controls you are not implementing along with a justification why not if appropriate. It is based on ANNEX A/ ISO 27002 and can include additional controls such as those imposed by customers.
Statement of Applicability Template Contents
ISO 27002 Clause
Driver – why control is required
Is this Applicable?
Date Last Assessed
Why is this not applicable?