Information Security Management -- Monitoring, Measurement, Analysis and Evaluation

bps21953-0000-00 link

Document Information

GSC Classification OFFICIAL
Access Policy Open
Reference bps21953-0000-00
Document Status Review
Primary Classification
Author Organisation International Standards Organisation
Sponsor OrganisationNot Known
Trustee NPTC Standards Working Group, trustee@standards.police.uk

Copyright Notice Copyright (c) 2016 National Police Technology Council (NPTC) group and the persons identified as the document authors. All rights reserved.

Abstract

Provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001-2013, 9.1. It establishes- a) the monitoring and measurement of information security performance; b) the monitoring and measurement of the effectiveness of an information security management system (ISMS) including its processes and controls; c) the analysis and evaluation of the results of monitoring and measurement. ISO/IEC 27004-2016 is applicable to all types and sizes of organizations.

Usage

The usage scenarios for bps21953-0000-00 have not been documented yet.

Changelog

Approvals

DateApproverOrganisationEmailComments

Obsoleted By

Obsoletes

Discussions

We’d love you to discuss this item but please be aware that these discussions are publicly accessible.