Skip to content

ISO 27001 SoA Template: Is your auditor asking for one?

PS_icons-04

Whitepaper

StateRAMP Strategy Guide

StrategyGuide_StateRAMP_LP (1)

All 93 Annex A controls. Pre-structured, audit-ready, and free to download.

The Statement of Applicability is one of the first things an ISO 27001 auditor asks for, and one of the last things most teams actually prepare properly.

This template takes the blank-spreadsheet problem off the table. Every control from ISO 27001:2022 is pre-loaded across all four themes (Organizational, People, Physical, and Technological), with dropdown menus for applicability and implementation status, a justification column for inclusions and exclusions, and a live dashboard that shows your compliance posture at a glance.

What's inside: 

All 93 Annex A controls, mapped to the 2022 standard

Dropdowns for Applicable (Yes/No) and Implementation Status

Justification column (required for excluded controls, auditors will check)

Owner, Evidence, and Risk Register reference columns

Auto-calculating dashboard with per-theme completion tracking

Cover sheet with metadata fields for scope, version, and approvals

Built for security teams preparing for ISO 27001 certification or surveillance audits. Works in Excel and Google Sheets.