Annex A is the 93-control catalogue at the back of ISO/IEC 27001:2022. It replaces the 114-control structure of the 2013 edition and groups controls into four themes: organisational (37), people (8), physical (14), and technological (34). Each control has a reference number (A.5.1 through A.8.34), a one-line title, and a sentence-long objective.
The catalogue does not tell you which controls to implement. That decision is made in your Statement of Applicability, by reference to your risk assessment. A control that does not address a risk you have identified does not need to be applied; if it does and you choose not to apply it, the SoA records the justification.
The detailed implementation guidance for each Annex A control lives in the companion standard ISO/IEC 27002:2022. Auditors do not require organisations to follow 27002 in detail, but they do expect to see that the implementation of each applied control is recognisable as the same control 27002 describes. The Askara Solutions agent maintains the mapping between your risk register and the Annex A controls, so the SoA writes itself rather than being assembled from a template at the end.