UnixTime

Research Note

Template Control Card

Use this for ISO 27001 Annex A controls that should appear in Dataview dashboards.

On this page

When to use this

Practical use

Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.

Use this for ISO 27001 Annex A controls that should appear in Dataview dashboards.

---
type: control
standard: ISO27001
control_id: ""
control_name: ""
control_family: ""
status: draft
priority: medium
related_assets: []
related_threats: []
related_vulnerabilities: []
related_risks: []
related_evidence: []
related_audit_questions: []
owner: ""
review_frequency: quarterly
implementation_status: not_started
evidence_status: missing
exam_relevance: medium
software_objects:
- control
- evidence
created: 2026-06-03
updated: 2026-06-03
tags:
- iso27001
- annex_a
- control
---
# {{title}}
## Control Purpose
Explain why this control exists.
## Risk Logic
Use this chain:
<RiskFlowDiagram
steps={[{"label":"Asset"},{"label":"Threat"},{"label":"Vulnerability"},{"label":"Risk"},{"label":"Control"},{"label":"Evidence"},{"label":"Audit"}]}
ariaLabel="Risk logic flow"
/>
## Related Risks
-
## Implementation Activities
-
## Evidence Required
-
## Audit Questions
-
## ISO 27005 Link
Explain the risk management logic behind the control.
## ISO 27002 Link
Summarize the implementation guidance in your own words.
## Software Architecture Mapping
Relevant objects:
- control
- evidence
- risk
- audit_question
  • Template
  • Iso27001
  • Control

Note Metadata

Source: 99-Templates/Template-Control-Card.md