Information technology -- Security techniques -- Information security management -- Measurement
This standard has been revised by ISO/IEC 27004:2016
ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.
ISO/IEC 27004:2009 is applicable to all types and sizes of organization.
A standard is reviewed every 5 years
Revisions / Corrigenda