Measuring and Communicating Security's Value
In corporate security today, while the topic of information technology security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security’s Value addresses this dearth of information by offering a collection of lessons learned and proven approaches to enterprise security management.
We're offering an excerpt from the chapter, Quantifying & Communicating on Enterprise Risk, as a free download to newsletter subscribers (download the document at the end of this web page).
Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book includes metrics, key performance indicators, and key risk indicators that have been used effectively in other companies; a detailed program assessment; and information on where to find data and how to use it to create a compelling visual. It demonstrates how to improve influence and how to measure it, how to measure the impact of incidents, how to use metrics to influence policy, and more.
The chapter includes topics such as:
- Managing Enterprise-Wide Board Risk
- Identifying Exploitable Security Defects in Business Processes
- Measuring the Impact of Background Investigations
- Measuring Security Awareness
- Tracking Nuisance and False Alarms
- Leading Indicators
If you register for our Sharing Is Caring series, in which we share one of our SEC paid-for resources per month at no cost, you can receive an e-copy of this book. There are 12 resources in the series. This book is the June resource so register by June 15, 2021 in order to receive it. Each Sharing Is Caring resource includes notes on how to use it to increase the value of security. Click here to register for Sharing is Caring