Expert
Rhand Leal
May 11, 2020
How to establish the ISMS measurements?
Measurements are established based on the objectives the ISMS has to achieve (business-oriented objectives), as well as on the objectives established for the controls (security-oriented objectives).
Once these are defined, among other items, you also have to define:
- Who has to perform the measurement
- Who has to analyze the results
- Measurement periodicity
- How to perform the measurement
These articles will provide you a further explanation about SGSI measurement:
- How to perform monitoring and measurement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/
- ISO 27001 control objectives – Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
These materials will also help you regarding SGSI measurement:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
May 11, 2020
May 11, 2020
May 11, 2020