Measuring and communicating security's value : a compendium of metrics for enterprise protection /
In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security's Value addresses this...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Amsterdam, Netherlands :
Elsevier,
[2015]
|
Colección: | Elsevier's Security Executive Council risk management portfolio.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Front Cover; Measuring and Communicating Security's Value; Copyright; Dedication; Contents; About the Author; Foreword; Special Thanks; A Short Story To Set The Stage; FATEFUL MEETING; METRICS COVER MORE THAN IT SYSTEMS; DATA ON HAND, AWAITING ANALYSIS; LESSONS LEARNED; Some Notes to the Reader on Using This Book; Chapter 1
- Metrics Management-It is Not About the Numbers; INTRODUCTION; METRICS PROGRAM ASSESSMENT; BUILDING YOUR PROGRAM; GREAT DATA, GREAT OPPORTUNITY BUT BAD PRESENTATION!; WHAT IS THE STATE OF THE ART IN CORPORATE SECURITY METRICS?; BENCHMARKING YOUR METRICS WITH PEERS.
- FINDING VALUE IN SECURITY BENCHMARKINGBENCHMARKING SECURITY METRICS PROGRAMS; SUMMARY; Chapter 2
- Quantifying & Communicating on Enterprise Risk; INTRODUCTION; MANAGING ENTERPRISE-WIDE BOARD RISK; OPERATING THE RADAR AND THE RELEVANCE OF "WHAT IF"; IDENTIFYING EXPLOITABLE SECURITY DEFECTS IN BUSINESS PROCESSES; FOCUS YOUR METRICS ON AVOIDABLE RISK; MEASURING THE IMPACT OF BACKGROUND INVESTIGATIONS; TRACKING PREVENTABLE RISK; IDENTIFY AND ADVERTISE THE CAUSES OF LOSS; MEASURING SECURITY AWARENESS; WORKPLACE VIOLENCE; ADVERTISING THE FAILURE TO ACT; MEASURING COMPLIANCE RISK.
- WHEN DOES AN AVOIDABLE RISK BECOME INEVITABLE?TRACKING NUISANCE AND FALSE ALARMS; METERS AND DIALS-TRACKING AND MONITORING KEY RISK INDICATORS; CREATING A BUSINESS UNIT SCORECARD; TRACKING RISK IN OUTSOURCING; BUSINESS INTEGRITY AND REPUTATIONAL RISK; RISK PERSONIFIED-THE KNOWLEDGEABLE INSIDER; TRANSITIONS-MOVING THE LENS FROM RISK TO PERFORMANCE INDICATORS; Chapter 3
- Measuring Security Program Performance; INTRODUCTION; KEY PERFORMANCE INDICATORS; COMMUNICATING PROGRAM PERFORMANCE WITH DASHBOARDS; PHYSICAL SECURITY IS MEASURABLE; ALERTING MANAGEMENT TO HIGH PROBABILITY RISK.
- Measuring and managing your regional security teammeasuring and managing your guard force performance and cost; measuring vendor-based alarm response; tracking protective services key performance indicators; security operations control center metrics; secure area reliability; the critical measure of time to respond; measuring for operational excellence in security services; measure risk exposure with security inspections; measuring and managing cost; cycle time: an expected measure of performance; information security; metrics are bidirectional: failure as a performance indicator.
- Measuring progress of annual plans and objectivesis compliance a key risk indicator or a key performance indicator?; security contract compliance auditing; measuring for integrity: background investigations; measuring executive protection programs; business unit criticality, resilience, and continuity planning; measuring security awareness programs; the absence of awareness is a key contributor to risk; ability to influence the business is a key performance indicator; security's value proposition: value is a key performance indicator.