29 March 2023, Serdang - The Centre for Quality Assurance has organized a Statement of Applicability (SoA) Review Workshop, Information Security Management System (ISMS) 2023 held at the Seminar Hall, Faculty of Engineering, UPM and also through the Google Meet Application with the UPMKB. The workshop which was held for 2 days on 29 to 30 March 2023 aims to review the existing ISMS SoA document and then make a presentation of the results of the review so that the understanding and implementation of control over the matters stated in the SoA can be implemented more effectively in line with requirements of MS ISO/IEC 27001:2013 Standard.

A total of 34 participants attended this workshop involving members of the ISMS Team consisting of the Serdang Campus Undergraduate New Student Registration Team, the Bintulu Campus Undergraduate New Student Registration Team, the Data Center Team, the Faculty's Undergraduate Teaching Evaluation Team and the Graduate New Student Registration Team as well as several support entities UPM's ISMS which consists of the Registrar's Office, the Legal Adviser's Office, the Bursar's Office, the Strategy and Corporate Relations Center and the Occupational Safety and Health Management Office.

The Statement of Applicability (SoA) document outlines the control and control objectives in Annex A in the MS ISO/IEC 27001:2013 Standard in accordance with the requirements of the Information Security Management System at Universiti Putra Malaysia.

The SoA needs to be updated taking into account the following:

(a) Risk reassessment findings;

(b) Changes in justification of control selection;

(c) Expanding the scope of ISMS;

(d) Addition or exclusion of ISMS assets;

(e) Changes in organizational structure;

(f) Improvements on ISMS implementation;

(g) Updating of reference documents; and

(h) Changes due to other requirements.