(Click the image above to watch a free preview of the webinar recording)
Why is measurement important for information security?
Answer to this is rather simple – you want to find out if the investment in information security has paid out. However, how to achieve this is far from simple – this is a relatively new field and ISO 27004 has made a big step forward with publishing the guidelines for information security measurement.
You need to measure the effectiveness in information security if you do not want to end up investing a lot of money in controls that don't work, but also if you want to know what level of maturity your controls have achieved.
The measurement begins with setting clear objectives in the planning phase of ISO 27001, followed by setting a measurement system in the implementation phase, and analyzing measurement results in the review phase. Therefore, measurement is something that should be set from the very beginning of the ISMS project, and is an activity that never ends.
Register for this webinar to learn:
- ISO 27001 requirements for measuring
- The purpose of measuring information security
- Top management perspective of measuring the results
- What are the roles in implementation of measurement system
- How to set objectives, through which documents
- The techniques for measuring effectiveness
- The techniques for analyzing and reporting results
"Dejan is clearly a subject matter expert on Risk Analysis and Risk Management. His trainings are well designed and superbly and professionally delivered using the GoToTraining platform."
Bob Chaput, CEO at Clearwater Compliance LLC
Presented by: Dejan Kosutic
|Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has extensive working experience both as a tutor and as a consultant – he is an Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and ISO 22301/BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium-sized businesses including IT companies.
He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.
IS&BCA live online trainings: The knowledge you can apply right away.