|
Post by SecurityPlus on Sept 23, 2015 14:42:58 GMT
8. Manage with Facts and Numbers
Information security decisions, particularly where significant investment is required, should be factually based. While far from a strict science, information security is also clearly not an art, and making business decisions based on demonstrable facts simply makes sense. Ensuring you collect, capture and analyze appropriate metrics allows companies to make smart business decisions and recommendations with justification. Metrics and facts avoid making security decisions based on dogma . Metrics are tools designed to facilitate decision making and improve performance and accountability through collection, analysis, reporting and monitoring the status of measured activities. Metrics should be based on things that can be gauged over time (or compared against a baseline), rather than a one off ‘measurement’.
-----------------------------
This is the main contents. Please refer the original contents.
Please comment on regarding modifications of subject, this content and
additional content.
1. Category needs to be deleted.
2. Revise Content : If the contents need to be revised, please kindly
inform us your opinion in detail.
3. New Proposals
|
|