SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Information Security Objectives

  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Information Security Objectives

Hi friends, Based in ISO 27001:2013, "Information Security Objectives" is referred to 'confidentiality', 'integrity', 'availability', 'non-repudiation', and so on...? Is it true? Additional, How to measure it? And, how would be the plan or framework to achieve them?? Thank you Best regards
0 0

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

Guest
AntonioS Jan 12, 2016
Information Security Objectives are not only related to confidentiality, integrity and availability, are also related with any improvement that your business hoping to achieve with the implementation of the standard. For example: reduce the number of information security incidentes not registered, improve the client satisfaction, etc.

Usually, the objectives are set at two levels: 1) General ISMS level, and 2) Security controls. Remember that for the point 1) you can use an Information Security Policy. And for the point 2), because as you know it is related to the security controls, you can use the Statement of Applicability. You can see a free version of this document here clicking on "Free Demo" tab: https://advisera.com/27001academy/documentation/statement-of-applicability/

Regarding to the Plan to achieve the objectives, you need the Risk Treatment Plan. Also you can see a free version of this document here clicking on "Free Demo" tab: https://advisera.com/27001academy/documentation/risk-treatment-plan/

Finally, I think that this article can be very useful for you "IS O 27001 control objectives ­ Why are they important?" : https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics