From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security metrics
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Security metrics
- [Instructor] Organizations evaluate their security programs through the use of metrics that assess the efficiency and effectiveness of critical security controls. These measurements provide insight into the health of a security program, both at a single point in time and over a long-term basis. It's critical that organizations define the metrics and performance measurements they will use in advance of reporting the data. This ensures the integrity of the process and prevents the cherry-picking of favorable results for reporting purposes. Security programs use three primary types of metric to demonstrate their effectiveness and the state of the organization's security controls. Key performance indicators, or KPIs, are metrics that demonstrate the success of the security program in achieving its objectives. KPIs are mutually agreed upon measures that evaluate whether a security program is meeting its standards. Generally…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.