The Statement of Applicability provides you with an overview of the Applicability of all of the Activities within a Project.


See here to find out more about Using the Statement of Applicability.


The Statement of Applicability is present by default in the ISO 27001 Policies and Controls Project.


If you would like to set up the Statement of Applicability for a different Project, this can be done by following the steps within this guide.


How to enable Statement of Applicability for a Project

You can enable the Statement of Applicability for any Project.


To enable the Statement of Applicability, the 'Category' of the Project must be set to ISO 27001.


Note: This category typically includes functionality specific to ISO 27001 and once saved, you will not be able to change the category again.



To do this when creating a new Project:

  1. Go to the 'Create new Project' page
  2. Use a Framework, clone an existing Project or select to start from scratch
  3. Change the Project category type to 'ISO 27001'
  4. Complete the rest of the Project setup Process



To do this on an existing Project:

  1. Navigate to the Project
  2. Click on 'Settings'
  3. Change the Category type to 'ISO 27001'
  4. Click 'Save'
  5. Confirm that you are happy that this is not reversible


The Statement of Applicability will be automatically enabled for the ISO 27001 Policies and Controls Project.


If your Project is of the type 'ISO 27001', and you would like to disable the Statement of Applicability, you can do this on the Project 'Settings' page.

Making an Activity visible in the Statement of Applicability

You must amend the Activity reference in order to:
  • Set the 'Applicability' of an Activity,
  • Display an Activity in the Statement of Applicability




To amend the reference:
  • You can update it in the structure by clicking the edit action on the activity in question
  • or in the activity itself by clicking on its name, as in the screenshot below




You can select the 'Applicability' of an Activity within an Activity page.




Including Categories within your Statement of Applicability


A recent addition to ISMS.Online is the ability to add categories to Projects, these can be set within each projects settings page, with more details on setting that up available here.


When setting up the Categories you'll be given these options:



When checked, the highlighted option will include those categories within your Statement of Applicability, and will also show with any exports of the SoA.


Please contact support@isms.onlineor our live chat, if you have any questions.