Call us today 01621 857841 or Email us
Quality Matters Logo 25 years of Quality Matters 1991-2016
"Quality Matters in your Business"

ISO 27001:2013 Transition Stage 4

14th April 2014

Holders of the ISO 27001:2005 Standard will be aware that the “Clock is ticking” and they must upgrade to the new 2013 Standard by September 2015 or risk being de-registered.  However most organisations are being cautious not to rush the transition and perhaps get a system that is too complicated or difficult to maintain.  This is the fourth part of our series detailing the various steps needed to achieve a successful transition to the revised Standard.
   
All certifications require a detailed set of requirements, that have been met (or excluded) to be identified and documented.  This document is called a S.O.A. Statement of applicability.  This is  public document that accompanies the certificate and shows which elements of 27001 are compliant (and which are not).

It is usual to look at annex A which has all the requirements set out in ISO27001 ( The Code of Practice). There are 18 sections and a number of sub-sections.

Below you will see a typical SOA. If the organisation is compliant it should show what control, policy or process is being used.  If the organisation is going to exclude that element it should be shown as EXCLUDED.


In the next stage we will look at the type of documentation which is required.

The official blog for independent Management Training
Consultancy, Quality Matters Limited.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe

Blog Archives

Scopulus Articles

Creative Commons Licence

Quality Matters Limited

Heybridge Business Centre
110 The Causeway, Heybridge
Maldon
Essex CM9 4ND
England

T: 01621 857841
M: 07702 193788

The First and Genuine Quality Matters

© 2020 Quality Matters Ltd. All rights reserved. Responsive Design