Full 93-control coverage of the ISO 27001:2022 Annex A taxonomy. Gap analysis, ISMS scoping support, certification readiness assessment, and cross-framework propagation from SOC 2 evidence.
ISO/IEC 27001:2022 · 93 Annex A controls, certification readiness
Updated for the 2022 revision — 93 controls organized into Organizational, People, Physical, and Technological themes.
Define your ISMS scope inside Verisq, identify in-scope assets and processes, and track risk treatment plans.
Evidence uploaded against ISO controls automatically credits corresponding SOC 2 TSC and NIST CSF controls.
Pre-audit gap report and Statement of Applicability draft generated from your assessment results.
Generated from your control selections and justifications — the document your certification body asks for first.
Per-risk treatment options (accept / mitigate / transfer / avoid) with task assignment and tracking.
Branded PDF showing per-control status, evidence inventory, and remediation backlog.
Verisq generates the artifacts your auditors and regulators expect — on demand, with current data, with framework mappings embedded.