ISO 27004 or ISO27004

ISO 27004 Information Security Measurements and Metrics

This forthcoming document stems of a new project to create a standard to measure the effectiveness of security implementations.

It will cover issues such as 'What to measure', 'How to measure it' and 'When to measure it'. Again, no firm timetable is in place for the publication of this, but provisionally, it is expected late in 2007 or in 2008.



This is a long established portal for information technology, having been online coninuously since 1996. It has evolved steadily since then. It is also an archive for technical journals and newsletters, which will be housed in a soon to be launched library.

ISO 27004 Future
Projections are late in 2007 or early in 2008 for initial publication of the standard.