What security metrics to choose to ensure the policy compliance of your organization ?

What security metrics to choose to ensure the policy compliance of your organization ?
Making IT Security Accountable
IT security attacks can impact a business at every level. The reliance of all areas of a business on the IT systems that support them means that a single attack can disrupt business continuity, impair customer relationships and ultimately result in lost revenue. For this simple reason alone, IT security should be a board level issue.
And yet it is the paradox of IT security that the sign of a successful investment is nothing happening. Whereas a business would expect to see cost savings, better customer service or improved efficiency following a major IT investment, the success of IT security lies in the ability of the IT infrastructure to operate as normal.
Which makes it very difficult for a board to see where investments have been successful and justify future investment. The key lies in ensuring that senior executives at board level within an organisation have adequate visibility of their company's IT security. This visibility should be over three key areas: how secure key business assets are, the outcome of investments in IT security and compliance with government regulation.

Visualiser
Catégorie : Risk Management , Risk Management 2006
Liste des tags :