Whereas it has turn out to be more and more obvious that people and organizations want a safety metrics program, it has been exceedingly troublesome to outline precisely what meaning in a given state of affairs. There are lots of of metrics to select from and a corporation’s mission, business, and measurement will have an effect on the character and scope of the duty in addition to the metrics and mixtures of metrics applicable to accomplish it. Discovering the right components for a selected state of affairs requires a transparent concise information with which to navigate this sea of data.
Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI defines greater than 900 prepared to use metrics that measure compliance, resiliency, and return on funding. The writer explains what wants to be measured, why and how to measure it, and how to tie safety and privateness metrics to business objectives and goals. The book addresses measuring compliance with present laws, laws, and requirements within the US, EC, and Canada together with Sarbanes-Oxley, HIPAA, and the Knowledge Safety Act-UK. The metrics coated are scaled by info sensitivity, asset criticality, and danger, and aligned to correspond with totally different lateral and hierarchical features inside a corporation. They’re versatile when it comes to measurement boundaries and may be carried out individually or together to assess a single safety control, system, network, area, or the whole enterprise at any level within the safety engineering lifecycle. The textual content consists of quite a few examples and pattern reviews to illustrate these ideas and stresses an entire evaluation by evaluating the interplay and interdependence between bodily, personnel, IT, and operational safety controls.
Bringing a wealth of complicated info into understandable focus, this book is right for company officers, safety managers, inner and unbiased auditors, and system builders and integrators.