Here is an enumeration of measurements for your security program (aggregated from multiple sources):
Weighted Risk Trend (WRT)
Defect Remediation Window (DRW)
Rate of Defect Recurrence (RDR)
Specific Coverage Metric (SCM)
Security Defect to Quality Ratio (SDQR)
Equal Error Rate (False Positives / Negatives / Tool)
Shared Services Satisfaction Score
Platform Compliance Scores
Email Traffic Analysis
% System Availability
% Security Assessment Coverage
% IT Control Coverage
% Contingency Plan Coverage
% Anti-malware Coverage
% Anti-virus Coverage
% IAM / SSO Coverage
% CASB / DLP / DCAP Coverage
% EMM / MDM Coverage
# Unaddressed Risks & Severity
# Security Incidents
# Policy Violations
# Open Vulnerabilities
# Hours of Downtime
# Local Admin Users
# Policy Exceptions
# Privileged Accounts
# Hours to Remediate Security Incidents
# Firewall Rule Changes
No comments:
Post a Comment