Home

ISO/IEC 27004:2009
Subscribe to updates

Information technology -- Security techniques -- Information security management -- Measurement

(Not available in French)

This standard has been revised by: ISO/IEC 27004:2016

Abstract

ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.

ISO/IEC 27004:2009 is applicable to all types and sizes of organization.

 

Got a question?

Check out our FAQs

Email Customer Care
or call us on +41 22 749 08 88
09:00 – 12:00, 14:00 – 17:00 (UTC+1).