Security Metrics—Evaluating the Performance of the ISMS (T12) Mr. Lozano has been involved in the information security industry since 1998. His experience include IT auditing, design and implementation of Information Security Management Systems (ISMS) according to BS7799-2:2002, ISO27001:2005 and ISO27001:2013, Information Security Risk Management, Business Continuity Management, Pentesting and Ethical Hacking, implementation of IT security architectures and computer forensics. Currently he is responsible for Information Security Management in the EZCorp’s companies located in Mexico. He has been instructor for BSI (British Standards Institution) and PECB (Professional Evaluation and Certification Board) on the ISO27000 family standards. He is also certified as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), ISO27001 Lead Implementer and FCNSP (Fortinet Certified Network Security Professional).