Share this content on Facebook!
5 Jul 2019

Measurement in ISO 27001 Certification

Those of you who know the philosophy of ISO 27001 Certification in Australia know that the so called PDCA management cycle still remains as a foundation of this standard, even though it is no longer shown in the standard. The concept of measurement is also best explained through this Plan Do Check Act cycle:

· In the plan phase you need to set of the objectives.

· The Do phase you must figure out how to measure up to which point your objectives are achieved.

· In the Check phase you need to start actual measurement and finally.

· In the Act phase, once you realized you haven’t achieved your objectives you need to make certain improvements.

And ISO 27001 Certification requires at least two different levels of objectives to be set:

· Objectives for the whole Information Security Management System and

· Objectives for each security control.

How to set security objectives:

ISO 27001 Cost in Mumbai is the secret lies in setting objectives which are easy to measure. You might have heard of the S.M.A.R.T. concept: objectives need to be Specific, Relevant, and Time-based and Measurable, Achievable. ISO 27001 we want our firewall to stop 100% of unwanted network traffic.  An example of the objective for the whole Information Security Management System could be ‘We want to decrease the number of information security incidents by 50% in the next year’. Again, pretty specific and therefore measurable.  

Objectives should help you manage your security:

Setting the objectives and measuring them is a rather new and unexplored aspect of information security management system. ISO 27001 Standard is the very often considered as an overhead because of the lack of knowledge in the first place, not so much because of practical reasons. Now a day there is more and more literature on this topic and an increasing number of information security management practitioners with experience in this field, so measurement is slowly making its way into information security mainstream.  

By looking all the reasons everyone is getting how the ISO 27001 certification will helps to information security management system in the your organization.

Our advice, Go for it

If you're looking to get ISO 27001 Certification services in New Zealand? Our advice is contact Certvalue; Certvalue is one of the leading ISO 27001 Consultants Services in New Zealand to providing information security management system to all organizations in the world. We are one of the well recognized firms with experts for every industry sector to implement the standard with 100% track record of success. You can write us at or visit our official website at We are the best ISO Certification Consultant Companies in Saudi Arabia, Oman, Qatar, Jordan, Afghanistan, Australia, New Zealand, Dubai, Kuwait, Malaysia, Lebanon and India. Feel free to provide your contact details to us, so that one of our certification experts shall contact you at the earliest to understand your requirements better and provide best available service at market.     







There isn't any comment in this page yet!

Do you want to be the first commenter?

New Comment

Full Name:
E-Mail Address:
Your website (if exists):
Your Comment:
Security code: