Statement of Applicability Template

Annex A control selection and justification.

What This Policy Covers

Introduction-Purpose and scope.

Organizational Controls-A.5 controls.

People Controls-A.6 controls.

Physical Controls-A.7 controls.

Technological Controls-A.8 controls.

Required Sections

A compliant Statement of Applicability for ISO 27001 must include the following5 sections. Each section addresses a specific control requirement that auditors will review.

Introduction

Purpose and scope.

Organizational Controls

A.5 controls.

People Controls

A.6 controls.

Physical Controls

A.7 controls.

Technological Controls

A.8 controls.

Generate a Customized Version

This template shows the required structure. PoliWriter generates a fully customized Statement of Applicability that references your actual cloud providers, identity systems, tools, and team practices — ready for auditor review.

Generate Customized Statement of Applicability

Policy Details

Framework

ISO 27001

Other ISO 27001 Templates

ISMS Policy

Top-level information security management system policy.

Risk Management Policy

Risk management methodology aligned with ISO 27005.

Back to all templates