This document provides guidance on how an organization, through the use of metrics, identifies the adequacy of in-place security controls, policies, and procedures. It provides an approach to help management decide where to invest in additional security protection resources or identify and evaluate nonproductive controls. It explains the metric development and implementation process and how it can also be used to adequately justify security control investments. The results of an effective metric program can provide useful data for directing the allocation of information security resources and should simplify the preparation of performance-related reports. (100 pages)
IT Security Metrics Guide
- June 4, 2024
- Webmaster Global
- Expert Editor - IT Management
Don’t Miss These Related References:
Signup for Thought Leader
Get the latest IT management thought leadership delivered to your mailbox.
Our 100% โNO SPAMโ Guarantee
We respect your privacy. We will not share, sell, or otherwise distribute your information to any third party. Period. You have full control over your data and can opt out of communications whenever you choose.
