Controls performance measurement
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer: To perform the measurement, first you need to develop a set of measurable objectives, and you can use the Statement of Applicability to document the objectives for your controls (or groups of controls), and you can document the top-level objectives in your Information security policy.
To document the security controls performance and effectiveness review I suggest you take a look at the free demo of our Measurement Report at this link: https://advisera.com/27001academy/documentation/measurement-report/
These links will provide you access to free demos of templates that can help you figure out the other documents look like:
- Statement of applicability https://advisera.com/27001academy/documentation/statement-of-applicability/
- Information security policy https://advisera.com/27001academy/documentation/information-security-policy/
These articles will also help you:
- How to perform monitoring and measur ement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/
- ISO 27001 control objectives – Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
- Why is management review important for ISO 27001 and ISO 22301? https://advisera.com/27001academy/blog/2014/03/03/why-is-management-review-important-for-iso-27001-and-iso-22301/
Comment as guest or Sign in
Aug 02, 2018