The SoA lists all of the controls determined in ISO 27001, details regardless of whether Each individual Command has become applied and explains why it had been integrated or excluded. The RTP describes the ways to generally be taken to handle Each and every risk discovered in the danger http://iso-27001-checklist63962.blogdal.com/8766523/what-does-iso-27001-checklist-mean