which metrics are u talking about?
You should choose methodologies for asset evaluation, risk measure,...
There are certain steps you have to follow..
Regards, Michal
On 7/18/06, stanley perreira <1979stanley (at) gmail (dot) com [email concealed]> wrote:
> Hello,
>
> I am trying to develop metrics for the ISO 27001. There doesnot seem
> to be much of consensus on how to go about it ?
>
> What are we supposed to measure here - is it the effectiveness of the
> controls or how many controls are being followed ?
>
--
Michal Merta
Network Security Engineer
http://www.misuta.cz
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of the
addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately and destroy all copies of this message and any
attachments.
which metrics are u talking about?
You should choose methodologies for asset evaluation, risk measure,...
There are certain steps you have to follow..
Regards, Michal
On 7/18/06, stanley perreira <1979stanley (at) gmail (dot) com [email concealed]> wrote:
> Hello,
>
> I am trying to develop metrics for the ISO 27001. There doesnot seem
> to be much of consensus on how to go about it ?
>
> What are we supposed to measure here - is it the effectiveness of the
> controls or how many controls are being followed ?
>
--
Michal Merta
Network Security Engineer
http://www.misuta.cz
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of the
addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately and destroy all copies of this message and any
attachments.
[ reply ]