BS ISO/IEC 27004:2016 Information technology. Security techniques. Information security management. Monitoring, measurement, analysis and evaluation

BS ISO/IEC 27004:2016

Information technology. Security techniques. Information security management. Monitoring, measurement, analysis and evaluation

Status : Current   Published : December 2016

Format
PDF

Format
HARDCOPY



What is it?

BS ISO/IEC 27004 provides guidance on how to assess the performance of an Information Security Management System (ISMS) developed and implemented using BS ISO/IEC 27001. It explains how to develop and operate measurement processes, and how to assess and report the results of the associated measurement constructs.

Assessment and improvement of both processes and controls is an integral part of any management system. BS ISO/IEC 27004 shows how the effectiveness of an ISMS built using ISO/IEC 27001 can be monitored and assessed.

How does it work?

BS ISO/IEC 27004 shows how to construct an information security measurement programme, how to select what to measure, and how to operate the necessary measurement processes. BS ISO/IEC 27004 includes extensive examples of different types of measures, and how the effectiveness of these measures can be assessed.

A successful measurement programme built using BS ISO/IEC 27004 will meet the performance monitoring requirements set out in BS ISO/IEC 27001.

Who should buy it?

Anyone who is planning to build an ISMS based on BS ISO/IEC 27001 needs BS ISO/IEC 27004 as well. It is an essential supporting standard for ISMS implementation.

It will be useful for anyone needing insight into the practical aspects of building an ISO/IEC 27001 ISMS.




Standard NumberBS ISO/IEC 27004:2016
TitleInformation technology. Security techniques. Information security management. Monitoring, measurement, analysis and evaluation
StatusCurrent
Publication Date31 December 2016
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)ISO/IEC 27001:2013, ISO/IEC 15939, ISO/TR 10017, ISO/IEC 27000
ReplacesBS ISO/IEC 27004:2009
International RelationshipsISO/IEC 27004:2016
Draft Superseded By16/30286027 DC
DescriptorsMeasurement, Data analysis, Computers, Performance testing, Anti-burglar measures, Data processing, Quality auditing, Data security, Verification, Management, Data storage protection
ICS35.030
Title in FrenchTechnologies de l’information. Techniques de sécurité. Management de la sécurité de l’information. Surveillance, mesurage, analyse et évaluation
CommitteeIST/33/1
ISBN978 0 580 83513 1
PublisherBSI
FormatA4
DeliveryYes
Pages70
File Size3.796 MB
Price£254.00


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


Worldwide Standards
We can source any standard from anywhere in the world


BSOL

The faster, easier way to work with standards


Customers who bought this product also bought

  • BS ISO/IEC 27003:2017
    Information technology. Security techniques. Information security management systems. Guidance
  • BS EN ISO/IEC 27002:2017
    Information technology. Security techniques. Code of practice for information security controls
  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements
  • ISO/IEC 27005:2018
    Information technology. Security techniques. Information security risk management