SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

ISMS metrics related to Scope

  Quote
Guest
Guest user Created:   Feb 10, 2022 Last commented:   Feb 10, 2022

ISMS metrics related to Scope

Dears, please, the scope of our Certification is purerly focused to Product development data security. Have you got any tip or examples of PD relevant ISMS metric/s? Of course without specific data, like names or values. Just to have as inspiration for us. Thank you in advance...
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 10, 2022

 Regardless of the perspective, the development of metrics follows some general rules:

  • Business relevant: the indicator should be aligned to clear business objectives or legal requirements.
  • Process integrated: activities to collect the necessary data for a KPI should add the least amount of work possible.
  • Assertive: the indicator should be capable of pinpointing relevant issues (e.g., process steps, organizational areas, resources, etc.) that need attention.

Considering Product development, some examples are:

  • Percent of products of the portfolio supported by the ISMS
  • Number of product development incidents related to information compromise
  • Incident resolution time
  • Percent of controls assessment performed
  • Number of improvement initiatives

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 10, 2022

Feb 10, 2022

Suggested Topics

Bills Created:   Dec 31, 2019 ISO 27001 & 22301
Replies: 2
0 0

Defining KRI's for Risks

Guest user Created:   Nov 27, 2018 ISO 27001 & 22301
Replies: 1
0 0

Scope extension