Here are some examples of information security goals that can be easily measured:

1. Decrease the impact and/or number of information security incidents by 30% in 12 months.
2. Achieve a maximum data loss of 6 hours in case of a system failure, verified through regular backup tests.
3. Reduce the number of incidents related to unauthorized access to information by 20% over the next year.
4. Increase the percentage of employees who have completed information security awareness training to 95% within the next 6 months.
5. Ensure that 100% of new software deployments are tested without using personal data by the end of 2024.