ISO/IEC 27004 is an international standard that provides guidelines for monitoring, measuring, analyzing, and evaluating the performance and effectiveness of an Information Security Management System (ISMS) based on ISO/IEC 27001. The standard outlines how organizations should define and implement metrics to assess both the performance of information security controls and the overall effectiveness of the ISMS. It covers the development of relevant metrics, processes for data collection and analysis, and guidance on reporting results to drive continual improvement. ISO/IEC 27004 is applicable to organizations of all sizes and types, helping them make informed decisions about information security and ensuring compliance with ISO/IEC 27001 requirements for measurement and evaluation.
Publication's URL
URL: https://www.iso.org/standard/64120.htmlPublication's scorecard
Country: INT
Scope: Cyber
Typology: Standard
Publication's date: December 1, 2016
Category: Monitoring
Sector: Cross-Sector
Rating:
(No Ratings Yet)
Loading...Error: unable to get links from server. Please make sure that your site supports either file_get_contents() or the cURL library.