SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

ISMS metrics, from Product development perspective

  Quote
Guest
Guest user Created:   Feb 10, 2022 Last commented:   Feb 10, 2022

ISMS metrics, from Product development perspective

Can you provide guidance or recommendations how to develop ISMS metrics, from Product development perspective?
0 1

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 10, 2022

Regardless of the perspective, the development of metrics follows some general rules:

  • Business relevant: the indicator should be aligned to clear business objectives or legal requirements.
  • Process integrated: activities to collect the necessary data for a KPI should add the least amount of work possible.
  • Assertive: the indicator should be capable of pinpointing relevant issues (e.g., process steps, organizational areas, resources, etc.) that need attention.

Considering Product development, some examples are:

  • Percent of products of the portfolio supported by the ISMS
  • Number of product development incidents related to information compromise
  • Incident resolution time
  • Percent of controls assessment performed
  • Number of improvement initiatives

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 10, 2022

Feb 10, 2022

Suggested Topics

Guest user Created:   May 17, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISMS 27001 processes

Guest user Created:   Mar 31, 2022 ISO 27001 & 22301
Replies: 1
0 0

Merging ISMSs