UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 27004

Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation

active, Most Current
Organization: ISO
Publication Date: 15 December 2016
Status: active
Page Count: 66
ICS Code (Management systems): 03.100.70
ICS Code (IT Security): 35.030
scope:

This document provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1. It establishes:

a) the monitoring and measurement of information security performance;

b) the monitoring and measurement of the effectiveness of an information security management system (ISMS) including its processes and controls;

c) the analysis and evaluation of the results of monitoring and measurement.

This document is applicable to all types and sizes of organizations.

Document History

ISO/IEC 27004
December 15, 2016
Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation
This document provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to...
December 15, 2009
Information technology - Security techniques - Information security management - Measurement
This International Standard provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system...

References

Advertisement