Performance Measurement Guide: Demonstrate the Value of Information Security

John Storts
Slide Show

Eight Steps to Enterprise Data Protection

Eight steps to developing an enterprise data security plan.

When it comes to information security, creating and enforcing controls, policies and procedures is only part of the story. IT also needs the ability to measure the performance of information security practices so that their benefits can be demonstrated to the rest of the organization. Performance measures can be used by the business as management tools in internal improvement efforts and can be tied to larger strategic planning initiatives.

 

The National Institute of Standards and Technology created the Performance Measurement Guide for Information Security to aid other organizations in the development, selection and implementation of system- and program-level measures to indicate the efficiency, effectiveness and impact of security-related efforts.

 

These performance measurements aid in:

  • Decision-making
  • Improving performance
  • Increasing accountability by requiring the collection, analysis and reporting of performance-related data

 


Use the NIST's guidelines to establish a clear, solid link between information system and program security activities within IT's control and the goals of the business. This will help demonstrate the value of information security to the rest of the enterprise.

 

Related Content

Information Security for End Users

Why Is Google Touting 'FISMA-certified' Apps for Government?

Fundamentals of Small Business Information Security



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.