All frameworks
ISO/IEC 27001:2022

ISO/IEC 27001:2022 Annex A control coverage

Official source: ISO/IEC 27001:2022

Assess the 93 Annex A controls across the four 2022 themes — Organizational, People, Physical and Technological — and keep ISMS evidence audit-ready.

Get started Read the checklist
ISO 27001 · Annex A 80 / 93
A.5Organizational controlsPASS
A.8Technological controlsPARTIAL
A.6People controlsPASS
A.7Physical controlsPASS
A.8.24CryptographyPARTIAL
A.8.16Monitoring activitiesFAIL
ISO 27001 is one of ten frameworks mapped from a single scan
SOC 2
HIPAA
PCI DSS v4
NIST CSF 2.0
CMMC
ISO 27001
CIS v8
FTC Safeguards
Cyber Essentials
NIST 800-171
Coverage

How SBCMSP maps ISO 27001

Continuous monitoring across every control family — 93 controls, scored on each scan.

Organizational

Policies, roles, supplier and threat-intel controls.

People

Screening, awareness and responsibilities.

Physical

Secure areas, equipment and media.

Technological

Access, cryptography, logging and configuration.

ISMS evidence

Statement of Applicability and audit artifacts.

Evidence & reporting

Auto-collected evidence and a white-label, audit-ready PDF for every control.

Who it’s for Organizations pursuing ISO 27001 certification and their advisors.
Resources Start with the ISO 27001 checklist, then read our guide to external attack surface management.
Continuous, not point-in-time

Audit-ready all year — not just at renewal

Instead of a frantic evidence scramble before the audit, SBCMSP monitors each ISO 27001 control continuously and flags drift the moment it happens.

  • Control-level pass / partial / fail status
  • Auto-collected, timestamped evidence
  • Gap remediation guidance per control
  • White-label report for the client & auditor
readiness · acme-corp86%
86
Controls passing80 / 93
Evidence collected94%
Open gaps3

Get your clients ISO 27001-ready faster

Run a readiness assessment in minutes and see exactly which controls need work.