2.4.2 Maturity Level 4
| No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 |
Effective from May 24 2017 - May 23 2017
To view other versions open the versions tab on the right
To achieve maturity level 4, the Member Organization should periodically measure and evaluate the effectiveness of implemented cyber security controls. In order to measure and evaluate whether the cyber security controls are effective, key risk indicators (KRIs) should be defined. A KRI indicates the norm for effectiveness measurement and should define thresholds to determine whether the actual result of measurement is below, on, or above the targeted norm. KRIs are used for trend reporting and identification of potential improvements.