Based on ISO 27001 clause 6.2
The organization shall establish information security objectives at relevant functions and levels.
From point a to j.
Do you have example to suggest about objective on implementating information security, because on toolkit its only 1 line example of objective.
It has many examples that can help you cover points a to j from ISO 27001 clause 6.2. Here is one example presented according them:
Objective: We want to decrease the number of information security incidents by 50% in the next year.
a) Consistency with the information security policy: reduction of information security incidents is appropriate for the purpose of any organization, as demanded by information security policy requirements.
b) Measurable: It is possible to count the number of security incidents.
c) take into account information security requirements, and results from risk assessment and risk treatment: the reduction of 50% in the number of information security inbcidents can be related to the residual risk, one of the results of risk treatment plan.
d) Communication: From the text you can expect that at least at the end of the next year the results should be communicated for evaluation.
e) be updated as appropriate: this is more related to the inclusion of the objective evaluation at management review, so you should verify if the management procedure review included security objectives as one of its inputs
Other items from f to j are more related to performance measurement, something you can solve with a simple 5W2H model.