Step 6: Statement of Applicability
Document which ISO 27001 Annex A controls are applicable, partially applicable, or not applicable to your organization
Document which ISO 27001 Annex A controls are applicable, partially applicable, or not applicable to your organization