Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

Comply with clause 9.1

  Quote
Guest
Guest user Created:   Sep 15, 2016 Last commented:   Sep 15, 2016

Comply with clause 9.1

I am struggling with this portion of the 27001 standard. I have setup and pulled together the goals and objectives for our organization but seem to keep hitting a wall when trying to identify how to meet this clause. Do you have any samples / examples that may be able to help me move this forward?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Antonio Jose Segovia Sep 15, 2016

Answer:
To comply with the clause 9.1 basically you need to perform a monitoring, measurement, analysis and evaluation of your ISMS. How can you do this? A way is using metrics. An example:

If an objective is to reduce backups failures (10%), you can perform a periodic measurements (for example each week) with this formula: Failure backups / Total backups. And you can see how is the evolution of the measurements.

Another example can be to reduce the number of unauthorized access to a critical server (15%), so you can use this formula : Unauthorized access / Total access. And see the evolution performing periodic measurements.

This article can help you “How to perform monitoring and measurement in ISO 27001” : https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/

And also this free webinar “ISO 27001 and ISO 27004: How to measure the effectiveness of information security?” : https://advisera.com/27001academy/webinar/iso-27001iso-22301-the-certification-process-free-webinar/

Finally, these materials will help you to know more about how to measure your ISMS:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 15, 2016

Sep 15, 2016

Suggested Topics

Guest user Created:   Feb 07, 2023 ISO 27001 & 22301
Replies: 1
0 0

Conformio documentation

Guest user Created:   Jun 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about A.7.1.2