Solution : The SoA really should involve a list from the security controls from Annex A of ISO/IEC 27001. It should also explain the steps to implement Just about every control, together with any modifications or exclusions and references about policies, procedures, or documents. ISO 27001 demonstrates that your organization https://iso27001certification81470.shoutmyblog.com/31418975/how-much-you-need-to-expect-you-ll-pay-for-a-good-iso-27001-foundation-exam