Statement of Applicability definition

Statement of Applicability shall have the meaning set out in ISO/IEC 27001 and as agreed by the parties [during the procurement phase].

Split View

AI-Powered Contracts

Draft, Review & Redline at the Speed of AI

Get StartedBook a Demo

Statement of Applicability shall have the meaning set out in ISO/IEC 27001.

Statement of Applicability means the statement defined under ISO 27001, which requires organizations to produce a Statement of Applicability that lists the controls that have been selected to treat identified risks, and provides a justification for the inclusion of those controls, regardless of whether they have been implemented or not, and the status of implementation for the selected controls, and to link to relevant documentation showing how each control is (or will be) implemented;

Examples of Statement of Applicability in a sentence

• The Department’s expectation is that suppliers claiming certification to ISO/IEC 27001 shall provide the Department with copies of their Scope of Certification, Statement of Applicability and a valid ISO/IEC 27001 Certificate issued by an authorised certification body.

More Definitions of Statement of Applicability

Statement of Applicability has the meaning given to it in security standard AS/NZS ISO/IEC 27001.

Statement of Applicability shall have the meaning set out in ISO/IEC 27001 and as agreed by the Parties during the procurement phase. This Schedule covers: principles of protective security to be applied in delivering the Services; wider aspects of security relating to the Services; the development, implementation, operation, maintenance and continual improvement of an ISMS; the creation and maintenance of the Security Management Plan; audit and testing of ISMS compliance with the security requirements (as set out in paragraph 2.5 of the Order Form); conformance to ISO/IEC 27001 (Information Security Requirements Specification) and ISO/IEC27002 (Information Security Code of Practice) and; obligations in the event of actual, potential or attempted breaches of security.

Statement of Applicability shall have the meaning set out in ISO/IEC 27001; "Sub-contract" any contract or agreement or proposed contract or agreement between the Contractor and any third party whereby that third party agrees to provide to the Contractor the Services or any part thereof or facilities or services necessary for the provision of the Services or any part thereof or necessary for the management, direction or control of the Services or any part thereof; "Sub-contractor" the third party with whom the Contractor enters into a Sub-contract or its servants or agents and any third party with whom that third party enters into a Sub-contract or its servants or agents;

Statement of Applicability shall have the meaning set out in ISO/IEC 27001 and as agreed by the Parties during the procurement phase. This Schedule covers: principles of protective security to be applied in delivering the Services; wider aspects of security relating to the Services; the development, implementation, operation, maintenance and continual improvement of an ISMS; the creation and maintenance of the Security Management Plan; audit and testing of ISMS compliance with the security requirements (as set out in paragraph 2.4 of the Order Form); conformance to ISO/IEC 27001 (Information Security Requirements Specification) and; obligations in the event of actual, potential or attempted breaches of security.

Statement of Applicability shall have the meaning set out in ISO/IEC 27001 and as agreed by the parties during the procurement phase "Statement of Requirements" the description of the Services set out in schedule 2.1 (Statement of Requirements); "Sub-contract" any contract or agreement or proposed contract or agreement between the Supplier and any third party whereby that third party agrees to provide to the Supplier the Services or any part thereof or facilities or services necessary for the provision of the Services or any part thereof or necessary for the management, direction or control of the Services or any part thereof; "Sub-contractor" the third party with whom the Supplier enters into a Sub-contract or its servants or agents and any third party with whom that third party enters into a Sub-contract or its servants or agents; "Supplier's Background IPRs" IPRs proprietary to the Supplier which is or will be used by the Supplier for the purposes of providing the Services which comprise: (a) IPRs owned by the Supplier before the Effective Date, for example those subsisting in the Supplier's standard development tools, program components or standard code used in computer programming or in physical or electronic media containing the Supplier's Know-How or generic business methodologies; and/or (b) IPRs created by the Supplier independently of this Contract, but excluding IPRs owned by the Supplier subsisting in the Supplier Software;