|
Don't work harder—work smarter.—Ken Blanchard
This chapter, "Establishing a Metrics Management System," is designed to provide basic guidance necessary for the development of a metrics methodology to understand what, why, when, and how InfoSec can be measured. Using the fictitious company (IWC) and functions that were previously described, a metrics system will be developed. It includes a discussion of how to use the metrics to brief management, justify budget, and use trend analyses to develop a more efficient and effective CIAPP.
|