Abstract
PreviewISO/IEC 27004:2016 provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1. It establishes:
a) the monitoring and measurement of information security performance;
b) the monitoring and measurement of the effectiveness of an information security management system (ISMS) including its processes and controls;
c) the analysis and evaluation of the results of monitoring and measurement.
ISO/IEC 27004:2016 is applicable to all types and sizes of organizations.
-
Status: PublishedPublication date: 2016-12
-
Edition: 2Number of pages: 58
-
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
-
- ICS :
- 35.030 IT Security
Buy this standard
en
| Format | Language | |
|---|---|---|
| std 1 187 | ||
| std 2 187 | Paper |
- CHF187
Life cycle
-
Previously
WithdrawnISO/IEC 27004:2009
-
Now
This may also interest you
News
You simply can’t be too careful when it comes to information security. Protecting personal records and commercially sensitive information is critical. But how can you tell that your ISO/IEC 27001 information …
Got a question?
Check out our FAQs
Customer care
+41 22 749 08 88
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)