Article | REF: H5070 V2

International standard - Information security

Author: Claude PINET

Publication date: February 10, 2015

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

Français

4. Declaration of applicability

4.1 Normative appendix

Many standards include annexes. However, the originality of the 27001 standard lies in the fact that its Annex A is normative; in other words, to obtain the certificate, the candidate organization must meet all its requirements.

The documented response to the requirements of Appendix A must be formalized in the Statement of Applicability (SoA). This document describes the security objectives and appropriate measures applicable to the organization's information security management system.

SCROLL TO TOP

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Software technologies and System architectures

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Declaration of applicability

Previous
page ISO 27001 standard

ISO 27002 standard

Bibliography

Works

Sous la direction de PINET (C.) (Groupe des experts qualité du CNAM) - La qualité du logiciel. Retour d'expériences. - AFNOR (1998).
PINET (C.) - Mise en œuvre de la qualité. - Guide du responsable micro, Édition Dunod,...

Software tools

Audit diagnostic evaluation system (ADES). This tool manages several reference grids. It enables audit/evaluation findings to be entered into a database, and improvement actions to be recorded. It then reports on the audit/assessment findings recorded in the database. Comparisons between two audits/assessments enable improvements to be assessed. A slideshow presenting the functionalities is available for download at the...

Websites

French Standards Association (AFNOR) http://www.afnor.fr

International Organization for Standardization (ISO) http://www.iso.ch

International Electrotechnical Commission (IEC) http://www.iec.ch

...

Standards and norms

International standards on quality management and quality assurance

Quality management systems – Basic principles and vocabulary - ISO 9000 - 2005
Quality management systems – Requirements (new version expected in 2015) - ISO 9001 - 2008
Quality management systems – Performance improvement guidelines - ISO 9004 - 2009
Environmental management systems – Specifications and...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

Outline
Full outline