Compliance & Regulatory Tools
ISO 27001 Control Reference
Search ISO 27001:2022 Annex A controls by domain or number. Covers all 93 controls across Organizational, People, Physical, and Technological themes with SoA guidance.
No data is transmitted — everything runs locallyTool
About this tool
ISO 27001 Control Reference
The ISO 27001 Control Reference covers all 93 Annex A controls across four themes, Statement of Applicability requirements, ISMS scope definition, and certification audit stages.
• Look up Annex A controls before writing a Statement of Applicability
• Reference ISMS scope definition requirements before a certification engagement
• Find control domain for a specific security requirement
• Reference audit stage requirements before scheduling a certification audit
Next step
Breach Notification Timeline Calculator — Calculate breach notification deadlines from discovery date across GDPR, HIPAA, PCI, and state laws.
Open Breach Notification Timeline Calculator →
FAQ
What does this tool tell you?
The ISO 27001 Control Reference covers all 93 Annex A controls across four themes, Statement of Applicability requirements, ISMS scope definition, and certification audit stages.
What affects the result most?
ISO 27001:2022 — 93 controls across 4 themes: Organizational, People, Physical, Technological. Annex A controls are now reference — risk treatment plan selects applicable controls + SoA. Statement of Applicability (SoA): lists all Annex A controls, which are applicable and why excluded.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.