ISO/IEC 27004

From Wikipedia, the free encyclopedia

ISO/IEC 27004 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is an information security standard being currently developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its current title is Information technology -- Security techniques -- Information security management measurements.

The purpose of ISO/IEC 27004 is to help organizations measure and report the effectiveness of their information security management systems, covering both the security management processes and the controls. Publication is not expected until 2008.

[edit] See also

• ISO/IEC 27000-series

[edit] External links

• ISO Website