Rate your organization against representative ISO/IEC 27001:2022 Annex A controls across all four themes. Get an ISMS maturity score, a per-theme breakdown, and the gaps to close before a certification audit.
ISO/IEC 27001:2022 Annex A lists 93 controls grouped into four themes: Organizational, People, Physical, and Technological. This tool samples a representative set from each theme so you can gauge maturity quickly; a full gap assessment reviews all 93.
No. Certification is granted by an accredited certification body after a Stage 1 and Stage 2 audit of your Information Security Management System. This tool gives a directional read on maturity so you can prioritize before that audit.
Clauses 4 to 10 define the ISMS management system requirements, such as scope, leadership, risk assessment, and continual improvement. Annex A is the reference set of 93 controls you select from via a Statement of Applicability. Both are needed for certification.
Yes, it is free with no signup and nothing you rate is sent anywhere. If you want help building the ISMS and getting audit-ready, our team runs the process end to end.
Not ready for a call yet?
A few short notes from Jacob on standing up an ISO 27001 ISMS without months of pain. No fluff, unsubscribe in one click. Reply anytime; it reaches him directly.
From Jacob Masse, founder of traztech. No spam, unsubscribe in one click.
Want it done for you?
ISO 27001 Readiness
We run the ISMS build and readiness end to end.
Explore ISO 27001 Readiness →We build the ISMS, run the risk assessment, write the Statement of Applicability, and get you audit-ready, then coordinate with your certification body. Turn this score into a plan.
See ISO 27001 Readiness Book a call