COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Measuring and Communicating Security's Value - 1st Edition - ISBN: 9780128028414, 9780128028438

Measuring and Communicating Security's Value

1st Edition

A Compendium of Metrics for Enterprise Protection

Author: George Campbell
Paperback ISBN: 9780128028414
eBook ISBN: 9780128028438
Imprint: Elsevier
Published Date: 28th March 2015
Page Count: 226
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security’s Value addresses this dearth of information by offering a collection of lessons learned and proven approaches to enterprise security management.

Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book can be used in conjunction with Measures and Metrics in Corporate Security, the foundational text for security metrics. This book builds on that foundation and covers the why, what, and how of a security metrics program, risk reporting, insider risk, building influence, business alignment, and much more.

Key Features

  • Emphasizes the importance of measuring and delivering actionable results
  • Includes real world, practical examples that may be considered, applied, and tested across the full scope of the enterprise security mission
  • Organized to build on a principal theme of having metrics that demonstrate the security department’s value to the corporation


Security officers, security management and executives, business executives with security departments

Table of Contents

Chapter 1. Metrics Management—It is Not About the Numbers

  • Introduction
  • Metrics Program Assessment
  • Building Your Program
  • Great Data, Great Opportunity but Bad Presentation!
  • What is the State of the Art in Corporate Security Metrics?
  • Benchmarking Your Metrics with Peers
  • Finding Value in Security Benchmarking
  • Benchmarking Security Metrics Programs
  • Summary

Chapter 2. Quantifying & Communicating on Enterprise Risk

  • Introduction
  • Managing Enterprise-Wide Board Risk
  • Operating the Radar and the Relevance of “What If”
  • Identifying Exploitable Security Defects in Business Processes
  • Focus Your Metrics on Avoidable Risk
  • Measuring the Impact of Background Investigations
  • Tracking Preventable Risk
  • Identify and Advertise the Causes of Loss
  • Measuring Security Awareness
  • Workplace Violence
  • Advertising the Failure to Act
  • Measuring Compliance Risk
  • When Does an Avoidable Risk Become Inevitable?
  • Tracking Nuisance and False Alarms
  • Meters and Dials—Tracking and Monitoring Key Risk Indicators
  • Creating a Business Unit Scorecard
  • Tracking Risk in Outsourcing
  • Business Integrity and Reputational Risk
  • Risk Personified—The Knowledgeable Insider
  • Transitions—Moving the Lens from Risk to Performance Indicators

Chapter 3. Measuring Security Program Performance

  • Introduction
  • Key Performance Indicators
  • Communicating Program Performance with Dashboards
  • Physical Security Is Measurable
  • Alerting Management to High Probability Risk
  • Measuring and Managing Your Regional Security Team
  • Measuring and Managing Your Guard Force Performance and Cost
  • Measuring Vendor-Based Alarm Response
  • Tracking Protective Services Key Performance Indicators
  • Security Operations Control Center Metrics
  • Secure Area Reliability
  • The Critical Measure of Time to Respond
  • Measuring for Operational Excellence in Security Services
  • Measure Risk Exposure with Security Inspections
  • Measuring and Managing Cost
  • Cycle Time: An Expected Measure of Performance
  • Information Security
  • Metrics are Bidirectional: Failure as a Performance Indicator
  • Measuring Progress of Annual Plans and Objectives
  • Is Compliance a Key Risk Indicator or a Key Performance Indicator?
  • Security Contract Compliance Auditing
  • Measuring for Integrity: Background Investigations
  • Measuring Executive Protection Programs
  • Business Unit Criticality, Resilience, and Continuity Planning
  • Measuring Security Awareness Programs
  • The Absence of Awareness is a Key Contributor to Risk
  • Ability to Influence the Business is a Key Performance Indicator
  • Security’s Value Proposition: Value Is a Key Performance Indicator
  • Use Metrics to Demonstrate Security’s Alignment with Business Objectives
  • A Few Metrics You Should Really Consider
  • Some Closing Thoughts


No. of pages:
© Elsevier 2015
28th March 2015
Paperback ISBN:
eBook ISBN:

About the Author

George Campbell

George Campbell

George Campbell served until 2002 as the chief security officer (CSO) at Fidelity Investments, the largest mutual fund company in the United States, with more than $2 trillion in customer assets and 32,500 employees. Under Campbell’s leadership, the global corporate security organization delivered a wide range of proprietary services including information security, disaster recovery planning and crisis management, criminal investigations, fraud prevention, property and executive protection, and proprietary security system design, engineering, and installation. Since leaving Fidelity, Campbell has served as a content expert for the Security Executive Council, of which he is a founding Emeritus Faculty member.

Prior to working at Fidelity Investments, Campbell owned a security and consulting firm, which specialized in risk assessment and security program management. He has also been group vice president at a system engineering firm that supported government security programs at high-threat sites around the world. Early on in his career, Campbell worked in the criminal justice system, and served in various line and senior management positions within federal, state, and local government agencies.

Campbell received his bachelor’s degree in police administration from American University in Washington, D.C. He served on the board of directors of the International Security Management Association (ISMA), and as ISMA’s president in 2003. Campbell is also a long-time member of ASIS International. He is a former member of the National Council on Crime Prevention, the High Technology Crime Investigation Association, and the Association of Certified Fraud Examiners, and is an alumnus of the U.S. State Department’s Overseas Security Advisory Council.

Affiliations and Expertise

Emeritus faculty, Security Executive Council; former chief security officer (CSO), Fidelity Investments


"This book is advanced reading that should be coupled with other publications on senior security management objectives and strategies within corporations. I learned a great deal from this book and I think that other CSOs will as well." --Security Management

Ratings and Reviews