ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.
ISO/IEC 27004:2009 is applicable to all types and sizes of organization.
Status: WithdrawnPublication date: 2009-12
Edition: 1Number of pages: 55
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
ISO/IEC 27004:2009Stage: 95.99
Got a question?
Check out our FAQs
+41 22 749 08 88
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.