OpenRegulatory
⌘J Log in Get started for free

Template: ISO 27001:2023 Mapping of Requirements to Documents

Dr. Oliver Eidel ISO 27001 Templates Published May 24, 2024

Template Download

This is a free template, provided by OpenRegulatory.
If you are a user of Formwork, our eQMS software, you can save a lot of time by choosing “QMS” on the top menu and “OpenRegulatory Templates” on the left menu, then opening the relevant folder to find this template ready to load into Formwork.

If, for some mysterious reason, you're using a different QMS software, you can also simply download this template – specifically, as Word (.docx), PDF, Google Docs or Markdown file. Scroll down for a preview!

The template license applies (don't remove the copyright at the bottom, don't re-use this for commercial purposes).

Download Word File DOCX
Download PDF PDF
Download HTML (Google Docs) HTML
Download Markdown MD

Lost In Regulation? We're here to help.

Unsure how to get started and how to get your EU MDR medical device certified?
We've already helped 100+ companies with their MDR compliance.
Take a look at our services and book a free 30-minute consulting call.

Chat with us now → View Services & Pricing →
Document Template
Dr. Oliver Eidel

ISO 14971:2019 Mapping of Requirements to Documents

Dr. Oliver Eidel
updated 10 months ago
Document Template
Sven Piechottka

ISO 13485: Mapping of Requirements to Documents

Sven Piechottka
updated about 1 year ago
Document Template
Dr. Oliver Eidel

IEC 62366-1:2015 Mapping of Requirements to Documents

Dr. Oliver Eidel
updated 11 months ago

Template Preview

ISO 27001:2023 Mapping of Requirements to Documents

This table maps all requirements of the ISO 27001:2023 (by section) to the relevant documents (here:
OpenRegulatory templates).

Note that the document names in the "Fulfilled in Document" column are based on the OpenRegulatory
templates. You'll probably have a different system for assigning document names, so feel free to rename
them.

Section Title Fulfilled in Document
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the information security management system Information Security Policy And Scope
4.4 Information security management system Information Security Policy And Scope
5.1 Leadership and commitment Information Security Policy And Scope
5.2 Policy Information Security Policy And Scope
5.3 Organizational roles, responsibilities and authorities Information Security Policy And Scope
6.1.1 Actions to address risks and opportunities - General SOP Information Security Risk Assessment
6.1.2 Information security risk assessment SOP Information Security Risk Assessment
6.1.3 Information security risk treatment SOP Information Security Risk Assessment, Information Security Controls
6.2 Information security objectives and planning to achieve them
6.3 Planning of changes
7.1 Support - Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5.1 Document information - General
7.5.2 Creating and updating
7.5.3 Control of documented information
8.1 Operation - Operational planning and control
8.2 Information security risk assessment
8.3 Information security risk treatment
9.1 Performance evaluation - Monitoring, measurement, analysis and evaluation
9.2.1 Internal audit - General
9.2.2 Internal audit programme
9.3.1 Management review - General
9.3.2 Management review inputs
9.3.3 Management review results
10.1 Improvement - Continual improvement
10.2 Nonconformity and corrective action
Annex A Information security controls references Information Security Controls

Template Copyright openregulatory.com. See template
license.

Please don't remove this notice even if you've modified contents of this template.

Dr. Oliver Eidel avatar

Dr. Oliver Eidel

I’m a medical doctor, software engineer and regulatory dude. I’m also the founder of OpenRegulatory.

Through OpenRegulatory, I’ve helped 100+ companies with their medical device compliance. While it’s also my job that we stay profitable, I try to dedicate a lot of my time towards writing free content like our articles and templates. Maybe that will make consulting unnecessary some day? :)

If you’re still lost and have further questions, reach out any time!
More about me