Remedy : The SoA ought to incorporate a list of the security controls from Annex A of ISO/IEC 27001. It should also describe the steps to implement Each individual control, such as any modifications or exclusions and references regarding policies, procedures, or documents.ISO 27001 demonstrates that your organization usually takes information secu