ISMS implementation - ISO 27001: 2013 Company Objectives


Starting to get Involved
Hi All,

We are implementing ISO 27001 in our organization. Since I'm new to ISMS implementation, can some one pls suggest some Measurable objectives that has been implemented in ur Organization ...

Thank You..


Trusted Information Resource
Not sure what you Quality Policy is, but if it's defined in terms of customer and regulatory requirements, then some of the examples of objective could be:
- % uptime (you define the percentage, but it could be tied to the SLAs if your company provides services)
- % complaints (normalized to the number of users, or service hours, or devices shipped, or whatever works for your company)
- number or % of defects
- number of security events
- number of non-compliance events, e.g. audit findings
Top Bottom