ISO 27001 Clause 9.1 Performance evaluation Monitoring, measurement, analysis & evaluation
Required activity ISO 27001 Clause 9.1 Performance evaluation Monitoring, measurement, analysis & evaluation, The organization evaluates the knowledge security performance and therefore the effectiveness of the ISMS . Implementation Guideline The objective of monitoring and measurement is to assist the organization to gauge whether the intended outcome of data security activities including risk assessment and treatment is achieved as planned. Monitoring determines the status of a system, a process or an activity, whilst measurement may be a process to work out a worth . Thus, monitoring is often achieved through a succession of comparable measurements over a while period. Related Products: – ISO 27001 Lead Auditor Training and Certification For monitoring and measurement, the organization establishes: What to watch and measure; Who monitors and measures Methods to be used so on produce valid results (i.e. comparable and reproducible). ...