ISO27001 requires that you evaluate the information security performance and the effectiveness of the information security management system that you have implemented.
Therefore you need a way to first of all outline what your objectives are, and then track them.
This spreadsheet will help you do just that. We have even included some sample objectives for your to consider using in your first year of implementation.
Remember; You are not trying to boil the ocean! Don't have 10 objectives when you know you'll do poorly on all of them! Instead, you should have 3 or 4 strong (and important) ) objectives that you can strive for.
Start simple and build momentum.
This document
All our documents are designed with simplicity in mind. But in their simplicty they meet the both the standards, and your needs.
Use these as a springboard towards continual improvement and see your security management system develop and thrive.
Objectives Monitoring and Measures
Hey, we're not going to go all 'legal' on you here... that's not our style. But this is our Intellectual Property, and we'd prefer it if you didn't go sharing this with other people who haven't spent the money and bought a copy.
Of course, we can't really stop you... But are you that kind of person? We don't think you are. So if you want to tell people about your new found super power of ISO27001-Awesomeness, great... just don't give it away for free!