Security Metrics Management
How to Manage the Costs of an Assets Protection Program
- Gerald Kovacich, CFE, CPP, CISSP, Certified Fraud Examiner, Certified Protection Professional, and Certified Information Systems Security Professional, Washington, USA
- Edward Halibozek, MBA, Former Corporate VP of Security for a Fortune 100 company, Los Angeles, CA, USA
Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professionalâs position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc. Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program.
PRIMARY MARKET: (audience)Security Managers, Security Consultants, other Security ProfessionalsSECONDARY MARKET: (audience)Students in security and business programs