ISO/IEC 27004 concerns measurements or measures needed for information security management: these are commonly known as ‘security metrics’ in the profession (if not within ISO/IEC JTC 1/SC 27).
The standard is intended to help organizations evaluate the effectiveness and efficiency of their ISO27k Information Security Management Systems, providing information necessary to manage and (where necessary) improve the ISMS systematically.  It expands substantially on clause 9.1 of ISO/IEC 27001 concerning ‘monitoring, measurement, analysis and evaluation’.