Guest
Information Security Objectives
Does ISO 27001 prescribe a minimum amount of information security objectives? This is regarding the Information Security Policy and the Measurement Report.
Assign topic to the user
Expert
Rhand Leal
Jul 04, 2019
Answer:
ISO 27001 does not prescribe a minimum amount of information security objectives, so each organization can define as many objectives as they see fit for their business. Normally 3 to 4 objectives allow an ISMS to support properly the business (e.g., one operational objective, one financial objective, one business objective, and one compliance objective).
This article will provide you further explanation about information security objectives:
- ISO 27001 control objectives – Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Comment as guest or Sign in
Jul 04, 2019
Jul 04, 2019
Jul 04, 2019