Statement of Applicability (SoA) Generator
Single-file SoA builder (client-side only). Your data is saved in your browser (localStorage) and never leaves your machine unless you export it.
0
Total controls
0
Applicable (Y)
0
Implemented (Y)
Tips
- Set Applicable to N → the exclusion justification is expected.
- Set Applicable to Y → tick inclusion reasons (LR/CO/BR/BP/RRA) and add a short rationale.
- Implemented is independent (e.g., applicable but planned).
Controls
| ID | Control Title | Description |
|---|---|---|
| A.5.1 | Policies for information security | Information security policy and topic-specific policies shall be defined, approved by management, published, acknowledged by relevant personnel and relevant interested parties, and reviewed at planned intervals and if significant changes occur. |
| A.5.7 | Threat intelligence | Information relating to information security threats shall be collected and analysed to produce threat intelligence. |
| A.8.1 | User endpoint devices | Information held on, processed by or accessible via user endpoint devices shall be protected. |
| A.8.16 | Monitoring activities | Networks, systems and applications shall be monitored for anomalous behaviour and appropriate actions taken to evaluate potential information security incidents. |