Abstract

ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.

ISO/IEC 27004:2009 is applicable to all types and sizes of organization.


General information 

  • Status
     : Withdrawn
    Publication date
     : 2009-12
  • Edition
     : 1
    Number of pages
     : 55
  • Technical Committee
     : ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
  • ICS
     :
    35.030 IT Security
    03.100.70 Management systems

Life cycle

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

  2. Store
  3. Standards catalogue
  4. TC
  5. ISO/IEC JTC 1/SC 27
  6. ISO/IEC 27004:2009