Skip to content

Class: InformationSecurityObjective

A measurable information security objective per Clause 6.2, established at relevant functions and levels of the organization.

URI: iso27001:InformationSecurityObjective

 classDiagram
    class InformationSecurityObjective
    click InformationSecurityObjective href "../InformationSecurityObjective/"
      NamedEntity <|-- InformationSecurityObjective
        click NamedEntity href "../NamedEntity/"

      InformationSecurityObjective : achievement_status

      InformationSecurityObjective : action_plan

      InformationSecurityObjective : created_date

      InformationSecurityObjective : current_value

      InformationSecurityObjective : description

      InformationSecurityObjective : id

      InformationSecurityObjective : measurement_frequency

      InformationSecurityObjective : measurement_method

      InformationSecurityObjective : metric_definition

      InformationSecurityObjective : modified_date

      InformationSecurityObjective : name

      InformationSecurityObjective : objective_statement

      InformationSecurityObjective : related_controls





        InformationSecurityObjective --> "*" SecurityControl : related_controls
        click SecurityControl href "../SecurityControl/"



      InformationSecurityObjective : related_risks





        InformationSecurityObjective --> "*" Risk : related_risks
        click Risk href "../Risk/"



      InformationSecurityObjective : responsible_role





        InformationSecurityObjective --> "0..1" Role : responsible_role
        click Role href "../Role/"



      InformationSecurityObjective : target_date

      InformationSecurityObjective : target_value

      InformationSecurityObjective : version

Inheritance

Slots

Name Cardinality and Range Description Inheritance
objective_statement 0..1
String		 Clear statement of the objective direct
target_value 0..1
String		 Target value for the objective metric direct
current_value 0..1
String		 Current measured value direct
metric_definition 0..1
String		 Definition of how the objective is measured direct
measurement_method 0..1
String		 Method used to measure the metric direct
measurement_frequency 0..1
String		 How often measurement is performed direct
responsible_role 0..1
Role		 Role responsible for the objective or control direct
target_date 0..1
Date		 Target date for achieving the objective direct
achievement_status 0..1
String		 Current status of objective achievement direct
related_risks *
Risk		 Associated risks direct
related_controls *
SecurityControl		 Other controls related to this one direct
action_plan 0..1
String		 Plan for achieving the objective direct
id 1
Uriorcurie		 Unique identifier for this entity instance NamedEntity
name 1
String		 Human-readable name or title NamedEntity
description 0..1
String		 Detailed description of the entity NamedEntity
created_date 0..1
Date		 Date when the entity was created NamedEntity
modified_date 0..1
Date		 Date when the entity was last modified NamedEntity
version 0..1
String		 Version identifier for the entity NamedEntity

Usages

used by used in type used
InformationSecurityManagementSystem objectives range InformationSecurityObjective

In Subsets

Comments

  • Designed for measurable objective tracking and periodic review
  • Links objectives to related risks, controls, and action plans
  • Reference: ISO/IEC 27001:2022 Clause 6.2. ISO/IEC standards text is copyright ISO - not reproduced here.

Identifier and Mapping Information

Annotations

property value
iso27001_clause 6.2

Schema Source

  • from schema: https://w3id.org/lmodel/iso27001

Mappings

Mapping Type Mapped Value
self iso27001:InformationSecurityObjective
native iso27001:InformationSecurityObjective

LinkML Source

Direct

name: InformationSecurityObjective
annotations:
  iso27001_clause:
    tag: iso27001_clause
    value: '6.2'
description: A measurable information security objective per Clause 6.2, established
  at relevant functions and levels of the organization.
comments:
- Designed for measurable objective tracking and periodic review
- Links objectives to related risks, controls, and action plans
- 'Reference: ISO/IEC 27001:2022 Clause 6.2. ISO/IEC standards text is copyright ISO
  - not reproduced here.'
in_subset:
- isms_core
from_schema: https://w3id.org/lmodel/iso27001
is_a: NamedEntity
slots:
- objective_statement
- target_value
- current_value
- metric_definition
- measurement_method
- measurement_frequency
- responsible_role
- target_date
- achievement_status
- related_risks
- related_controls
- action_plan

Induced

name: InformationSecurityObjective
annotations:
  iso27001_clause:
    tag: iso27001_clause
    value: '6.2'
description: A measurable information security objective per Clause 6.2, established
  at relevant functions and levels of the organization.
comments:
- Designed for measurable objective tracking and periodic review
- Links objectives to related risks, controls, and action plans
- 'Reference: ISO/IEC 27001:2022 Clause 6.2. ISO/IEC standards text is copyright ISO
  - not reproduced here.'
in_subset:
- isms_core
from_schema: https://w3id.org/lmodel/iso27001
is_a: NamedEntity
attributes:
  objective_statement:
    name: objective_statement
    description: Clear statement of the objective.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: objective_statement
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    range: string
  target_value:
    name: target_value
    description: Target value for the objective metric.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: target_value
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    range: string
  current_value:
    name: current_value
    description: Current measured value.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: current_value
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - MonitoringItem
    range: string
  metric_definition:
    name: metric_definition
    description: Definition of how the objective is measured.
    comments:
    - Per 6.2 b) objectives are measurable where practicable
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: metric_definition
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    range: string
  measurement_method:
    name: measurement_method
    description: Method used to measure the metric.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: measurement_method
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - MonitoringItem
    range: string
  measurement_frequency:
    name: measurement_frequency
    description: How often measurement is performed.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: measurement_frequency
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - MonitoringItem
    range: string
  responsible_role:
    name: responsible_role
    description: Role responsible for the objective or control.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: responsible_role
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - SoAEntry
    range: Role
  target_date:
    name: target_date
    description: Target date for achieving the objective.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: target_date
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - ImprovementOpportunity
    range: date
  achievement_status:
    name: achievement_status
    description: Current status of objective achievement.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: achievement_status
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    range: string
  related_risks:
    name: related_risks
    description: Associated risks.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: related_risks
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - Asset
    range: Risk
    multivalued: true
  related_controls:
    name: related_controls
    description: Other controls related to this one.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: related_controls
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    - SecurityControl
    - OperationalProcedure
    range: SecurityControl
    multivalued: true
  action_plan:
    name: action_plan
    description: Plan for achieving the objective.
    comments:
    - Per 6.2 h-l) planning to achieve objectives
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: action_plan
    owner: InformationSecurityObjective
    domain_of:
    - InformationSecurityObjective
    range: string
  id:
    name: id
    description: Unique identifier for this entity instance.
    comments:
    - Should use consistent URI/CURIE format across the dataset
    examples:
    - value: iso27001:risk-001
    - value: iso27001:control-5.1
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    identifier: true
    alias: id
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: uriorcurie
    required: true
  name:
    name: name
    description: Human-readable name or title.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: name
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: string
    required: true
  description:
    name: description
    description: Detailed description of the entity.
    comments:
    - Should provide sufficient detail for understanding without external reference
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: description
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: string
  created_date:
    name: created_date
    description: Date when the entity was created.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: created_date
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: date
  modified_date:
    name: modified_date
    description: Date when the entity was last modified.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: modified_date
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: date
  version:
    name: version
    description: Version identifier for the entity.
    comments:
    - Supports document control requirements per 7.5.3 e)
    examples:
    - value: '1.0'
    - value: 2.3.1
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: version
    owner: InformationSecurityObjective
    domain_of:
    - NamedEntity
    range: string