Skip to content

Class: SoAEntry

A single entry in the Statement of Applicability, documenting the applicability and implementation status of one control.

URI: iso27001:SoAEntry

 classDiagram
    class SoAEntry
    click SoAEntry href "../SoAEntry/"
      SoAEntry : control_reference





        SoAEntry --> "0..1" SecurityControl : control_reference
        click SecurityControl href "../SecurityControl/"



      SoAEntry : exclusion_justification

      SoAEntry : implementation_evidence

      SoAEntry : implementation_status





        SoAEntry --> "0..1" ImplementationStatus : implementation_status
        click ImplementationStatus href "../ImplementationStatus/"



      SoAEntry : inclusion_justification

      SoAEntry : is_applicable

      SoAEntry : responsible_role





        SoAEntry --> "0..1" Role : responsible_role
        click Role href "../Role/"



      SoAEntry : target_implementation_date

Slots

Name Cardinality and Range Description Inheritance
control_reference 0..1
SecurityControl		 Reference to the control (e direct
is_applicable 0..1
Boolean		 Whether the control is applicable direct
inclusion_justification 0..1
String		 Justification for including the control direct
exclusion_justification 0..1
String		 Justification for excluding the control direct
implementation_status 0..1
ImplementationStatus		 Current implementation status direct
implementation_evidence 0..1
String		 Evidence of control implementation direct
responsible_role 0..1
Role		 Role responsible for the objective or control direct
target_implementation_date 0..1
Date		 Target date for implementing the control direct

Usages

used by used in type used
StatementOfApplicability soa_entries range SoAEntry

In Subsets

Comments

  • Each Annex A control should have a corresponding SoA entry
  • Exclusions require documented justification

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/iso27001

Mappings

Mapping Type Mapped Value
self iso27001:SoAEntry
native iso27001:SoAEntry

LinkML Source

Direct

name: SoAEntry
description: A single entry in the Statement of Applicability, documenting the applicability
  and implementation status of one control.
comments:
- Each Annex A control should have a corresponding SoA entry
- Exclusions require documented justification
in_subset:
- annex_a_controls
from_schema: https://w3id.org/lmodel/iso27001
slots:
- control_reference
- is_applicable
- inclusion_justification
- exclusion_justification
- implementation_status
- implementation_evidence
- responsible_role
- target_implementation_date

Induced

name: SoAEntry
description: A single entry in the Statement of Applicability, documenting the applicability
  and implementation status of one control.
comments:
- Each Annex A control should have a corresponding SoA entry
- Exclusions require documented justification
in_subset:
- annex_a_controls
from_schema: https://w3id.org/lmodel/iso27001
attributes:
  control_reference:
    name: control_reference
    description: Reference to the control (e.g., A.5.1).
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: control_reference
    owner: SoAEntry
    domain_of:
    - SoAEntry
    - AuditFinding
    range: SecurityControl
  is_applicable:
    name: is_applicable
    description: Whether the control is applicable.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: is_applicable
    owner: SoAEntry
    domain_of:
    - SoAEntry
    range: boolean
  inclusion_justification:
    name: inclusion_justification
    annotations:
      iso27001_clause:
        tag: iso27001_clause
        value: 6.1.3 d)
    description: Justification for including the control.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: inclusion_justification
    owner: SoAEntry
    domain_of:
    - SoAEntry
    range: string
  exclusion_justification:
    name: exclusion_justification
    annotations:
      iso27001_clause:
        tag: iso27001_clause
        value: 6.1.3 d)
    description: Justification for excluding the control.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: exclusion_justification
    owner: SoAEntry
    domain_of:
    - SoAEntry
    range: string
  implementation_status:
    name: implementation_status
    description: Current implementation status.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: implementation_status
    owner: SoAEntry
    domain_of:
    - RiskTreatmentPlan
    - SoAEntry
    - SecurityControl
    range: ImplementationStatus
  implementation_evidence:
    name: implementation_evidence
    description: Evidence of control implementation.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: implementation_evidence
    owner: SoAEntry
    domain_of:
    - SoAEntry
    range: string
  responsible_role:
    name: responsible_role
    description: Role responsible for the objective or control.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: responsible_role
    owner: SoAEntry
    domain_of:
    - InformationSecurityObjective
    - SoAEntry
    range: Role
  target_implementation_date:
    name: target_implementation_date
    description: Target date for implementing the control.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: target_implementation_date
    owner: SoAEntry
    domain_of:
    - SoAEntry
    range: date