Control Effectiveness Report
Assign topic to the user
Here is important to know that it is necessary to measure the effectiveness of the security controls, because if not, how can you know if they are working fine? A report can be useful as input in the Management review, because gives information about the effectiveness of the ISMS and the security controls to the Top Management (clause 9.3 c) 2) establishes: The management review shall include consideration of feedback on the information security performance, including trends in monitoring and measurements results"). You can measure the effectiveness of each control, but it is more easy if you do it per control group, or per control objectives. Please read this article ISO 27001 control objectives Why are they important : https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Comment as guest or Sign in
Jan 12, 2016