Home

ISO/IEC 27004:2016
Subscribe to updates

Information technology -- Security techniques -- Information security management -- Monitoring, measurement, analysis and evaluation

(Not available in French)

Abstract

ISO/IEC 27004:2016 provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1. It establishes:

a) the monitoring and measurement of information security performance;

b) the monitoring and measurement of the effectiveness of an information security management system (ISMS) including its processes and controls;

c) the analysis and evaluation of the results of monitoring and measurement.

ISO/IEC 27004:2016 is applicable to all types and sizes of organizations.

 

Format
  • PDF

    This format preserves the paper layout, and is watermarked

  • EPUB

    This format allows documents to be read on tablets and smartphones

  • COLOUR PDF

    Enhanced user-friendly colour PDF format

  • REDLINE

    See any updates made from previous versions at a glance

  • PAPER

    Normally A4 size documents. Shipping costs apply

Language
PDF
Paper

Swiss francs CHF 178

Buy

Got a question?

Check out our FAQs

Email Customer Care
or call us on +41 22 749 08 88
09:00 – 12:00, 14:00 – 17:00 (UTC+1).