Historical
INCITS/ISO/IEC 27004:2009[2015]
Information technology - Security techniques - Information security management - Measurement
ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.
ISO/IEC 27004:2009 is applicable to all types and sizes of organization.
Content Provider
InterNational Committee for Information Technology Standards [incits]