Questions to Consider


Based on what you have read, consider the following questions and how you would reply to them:

  • Do you use formal metrics management techniques?

  • If not, why not?

  • If so, are they used to brief management?

  • Are each of your InfoSec functions documented not only in work instructions but also in process flowcharts?

  • Do you use similar charts to document the InfoSec functional LOE?

  • What other charts would you develop for each of the ISSO functions?

  • Do you have at least one metrics chart to track costs of each InfoSec function?

  • How would you use metrics management charts to justify your budget requests?

  • How would you use metrics management charts to justify the number of your staff?

  • How many charts, by function and description, would you want to use as an ISSO?




The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net