BS ISO/IEC 27004 Information technology. Security techniques. Information security management. Measurement

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

Result Types

Subject

Industry Sector

Committee

ICS Category

BS ISO/IEC 27004:2009

Information technology. Security techniques. Information security management. Measurement

Status : Current   Published : January 2010

Price
£ 100.00
Member Price
£ 50.00
Become a member and SAVE 50%
on British Standards. Click to learn more
Format
PDF

Format
HARDCOPY

BS ISO/IEC 27004:2009 Information technology. Security techniques. Information security management. Measurement

Become a member and save 50%

What is BS ISO/IEC 27004:2009?

BS ISO/IEC 27004 shows you the measurement processes designed to test the performance of computers and implemented information security management systems (ISMS). This international standard was developed to give you best-practice recommendations on data processing, data security, data storage protection and data analysis. It also looks at verification, quality auditing and anti-burglar measures. Although BS ISO/IEC 27004 helps to determine whether ISMS processes need to be changed, no measurement of controls guarantee complete security.

How does it work?

This standard helps you fulfil the measurement requirements set out in ISO/IEC 27001. It looks at the development of base and derived measures, as well as indicators. BS ISO/IEC 27004 also helps you to understand the information security risks you face by implementing and operating an Information Security Measurement Programme. Other recommendations include collecting and analysing data and developing measurement results for all relevant stakeholders.

Who should buy it?

  • Organisations of any type or size specialising in information technology, software and networking
  • IT managers
  • Network managers

Why BSI?

We are global, we’re independent and we’re a trusted service provider to 80,000 businesses. We operate in 147 countries and are the number one certification body in the UK and US. We created 85% of our portfolio because we know standards and we know your business. We’re leaders and we can make you one too.

Contents of BS ISO/IEC 27004 include:

  • Management overview
  • Scope
  • Normative references
  • Terms and definitions
  • Structure of this International Standard
  • Information security measurement overview
  • Objectives of information security measurement
  • Information Security Measurement Programme
  • Success factors
  • Information security measurement model
  • Overview
  • Base measure and measurement method
  • Derived measure and measurement function
  • Indicators and analytical model
  • Measurement results and decision criteria
  • Management responsibilities
  • Resource management
  • Measurement training, awareness, and competence
  • Measures and measurement development
  • Definition of measurement scope
  • Identification of information need
  • Object and attribute selection
  • Measurement construct development
  • Measure selection
  • Measurement method
  • Measurement function
  • Analytical model
  • Indicators
  • Decision criteria
  • Stakeholders
  • Measurement construct
  • Data collection, analysis and reporting
  • Measurement implementation and documentation
  • Measurement operation
  • Procedure integration
  • Data collection, storage and verification
  • Data analysis and measurement results reporting
  • Analyse data and develop measurement results
  • Communicate measurement results
  • Information Security Measurement Programme Evaluation and Improvement
  • Evaluation criteria identification for the Information Security Measurement Programme
  • Monitor, review, and evaluate the Information Security Measurement Programme
  • Implement improvements
  • Template for an information security measurement construct
  • Measurement construct examples
  • Bibliography

 




Standard NumberBS ISO/IEC 27004:2009
TitleInformation technology. Security techniques. Information security management. Measurement
StatusCurrent
Publication Date31 January 2010
Cross ReferencesISO/IEC 27000:2009, ISO/IEC 27001:2005, ISO 9000:2005, ISO/IEC 27002:2005, ISO/IEC 15504-3:2004, ISO/IEC 15939:2007, ISO/IEC 27005:2008, ISO/TR 10017:2003, ISO Guide 99:2007, NIST SP 800-55:2008, ISO/IEC TR 18044:2004
International RelationshipsISO/IEC 27004:2009 Identical
Supersedes Draft08/30134763 DC
DescriptorsData processing, Computers, Management, Data security, Data storage protection, Anti-burglar measures, Measurement, Performance testing, Verification, Quality auditing, Data analysis
ICS35.040 (Character sets and information coding)
Title in FrenchTechnologies de l'information. Techniques de sécurité. Management de la sécurité de l'information. Mesurage
CommitteeIST/33
ISBN978 0 580 55456 8
PublisherBSI
FormatA4
DeliveryYES
Pages68
File Size1.43 MB
Price£ 100.00


Your basket
Your basket is empty

Help!

Need some assistance?


Review drafts

Make your comments count


Sell BSI books

Become a BSI Affiliate and sell our books on your website


Join Us

Find out more & interact with BSI across social media networks

Customers who bought this product also bought