Compliance & Regulatory Tools
ISO 27001 Control Reference
Search ISO 27001:2022 Annex A controls by domain or number. Covers all 93 controls across Organizational, People, Physical, and Technological themes with SoA guidance.
Calculations run locally in your browserTool
About this tool
ISO 27001 Control Reference
The ISO 27001 Control Reference covers all 93 Annex A controls across four themes, Statement of Applicability requirements, ISMS scope definition, and certification audit stages.
• Look up Annex A controls before writing a Statement of Applicability
• Reference ISMS scope definition requirements before a certification engagement
• Find control domain for a specific security requirement
• Reference audit stage requirements before scheduling a certification audit
Next step
Breach Notification Timeline Calculator — Calculate breach notification deadlines from discovery date across GDPR, HIPAA, PCI, and state laws.
Open Breach Notification Timeline Calculator →
FAQ
What does this tool tell you?
The ISO 27001 Control Reference covers all 93 Annex A controls across four themes, Statement of Applicability requirements, ISMS scope definition, and certification audit stages.
What affects the result most?
ISO 27001:2022 — 93 controls across 4 themes: Organizational, People, Physical, Technological. Annex A controls are now reference — risk treatment plan selects applicable controls + SoA. Statement of Applicability (SoA): lists all Annex A controls, which are applicable and why excluded.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.