Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

How to set measurable security objectives?

  Quote
Guest
Guest user Created:   Feb 03, 2016 Last commented:   Feb 16, 2021

How to set measurable security objectives?

I want to ask about ISO27001 standard 6.2. How can we set (measurable) security objectives? Could you please share with me some examples?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Antonio Jose Segovia Feb 03, 2016

Answer:
The best way is setting security objectives which are easy to measure, and these objectives need to be Specific, Measurable, Achievable, Relevant and Time-based (it is known as S.M.A.R.T. objectives).

A basic example, related to the Business Continuity Plan: We want to reduce the time spent in the execution of the plan. If at the present it is executed in 5 hours, we want to reduce it to 4 hours, which is very easy to measure.

For more information and examples, please read this article “ISO 27001 control objectives – Why are they important?” : https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/

And maybe can be also interesting for you our online course “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0
Guest
Jerry Feb 16, 2021

Yes

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 03, 2016

Feb 16, 2021

Suggested Topics