SOA

Statement of Applicability

A requirement of ISO 27001.  The SOA lists the controls provided within the standard and justifies their inclusion or exclusion by the organisation.