ISO/IEC 27004:2016

Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation

ISO/IEC JTC 1/SC 27
Additional information

Abstract

ISO/IEC 27004:2016 provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1. It establishes:

a) the monitoring and measurement of information security performance;

b) the monitoring and measurement of the effectiveness of an information security management system (ISMS) including its processes and controls;

c) the analysis and evaluation of the results of monitoring and measurement.

ISO/IEC 27004:2016 is applicable to all types and sizes of organizations.

Look inside

Relevant for

cyber security

smart city

Additional information

Publication type	International Standard
Publication date	2016-12-15
Edition	2.0
Available language(s)	English
TC/SC	ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection rss
ICS	03.100.70 - Management systems 35.030 - IT Security
Pages	58
File size	3264 KB

The following test report forms are related:

More information

Article: ensure compliance with cyber security regulations

Article: cyber security for broadcasters

Share this page

Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.

Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 16:00 CET Monday to Friday.