How many controls does ISO/IEC 27004:2016 have?

ISO/IEC 27004:2016 contains 24 controls organized across 7 domains.

Where does ISO/IEC 27004:2016 apply?

ISO/IEC 27004:2016 is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does ISO/IEC 27004:2016 map to?

ISO/IEC 27004:2016 has control-to-control mappings with 350 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with ISO/IEC 27004:2016 compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

ISO/IEC 27004:2016

Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation. Provides guidance to assist organizations in evaluating information security performance and effectiveness of the ISMS.

Domains

Annex B: Example Measurements

Annex A: Information Security Measurement Model

Clause 8: Processes

Clause 7: Types of Measures

Clause 6: Characteristics of Monitoring, Measurement, Analysis and Evaluation

Frequently Asked Questions

Map ISO/IEC 27004:2016 to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform