ISO 27001 measurement
Assign topic to the user
Basically you need to measure the achievement of the objectives of security, and the effectiveness of the security controls. To do this, you need metrics, and you can define each one with these fields: Name of the metrics, description, calculation formula, threshold value, objective value, measuring frequency, source, and responsible for the manage of the metric.
You'll find these materials helpful:
Article ISO 27001 control objectives Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Webinar ISO 27001 and ISO 27004: How to measure the effectiveness of information security? https://advisera.com/27001academy/webinar/iso-27001-iso-27004-measure-effectiveness-information-security-free-webinar/
Comment as guest or Sign in
Jan 12, 2016