Question 1

What is a Statement of Applicability (SoA) for ISO 27001?

Accepted Answer

A Statement of Applicability is a mandatory document for ISO 27001 certification. It lists all 93 Annex A controls, states whether each is applicable to your organisation, and provides justification for inclusion or exclusion. CyberGrape generates this document automatically from your existing compliance data.

Question 2

How does CyberGrape help with ISO 27001 readiness?

Accepted Answer

CyberGrape maps your SMB1001 controls directly to the relevant ISO 27001 Annex A controls. Over 80% of SMB1001 controls map to ISO 27001 requirements, giving you a significant head start. The platform provides a readiness score and prioritised gap list so you know exactly what to address before certification.

Question 3

Does CyberGrape use AI to assist with ISO 27001 controls?

Accepted Answer

Yes. CyberGrape uses AI to help generate justifications for each Annex A control in your Statement of Applicability, saving hours of manual documentation. The AI-generated text is reviewed and approved by your team before export.

Question 4

Can I export the ISO 27001 SoA as a PDF?

Accepted Answer

Yes. The SoA can be exported as a PDF or XLSX file, ready to share with customers, partners, and auditors. The export includes all mandatory document control metadata required by ISO 27001:2022 Clause 7.5.

ISO 27001 Statement of Applicability Export

Everything You Need for ISO 27001

Automated SoA Generation

Annex A Control Mapping

Partner-Ready Reports

Gap Analysis

Evidence Linking

Certification Readiness Score

SMB1001 → ISO 27001 Control Mapping

Start Your ISO 27001 Journey