Implement and Optimize an Effective Security Management Metrics Program

Make your security analytics useful for governing your business operations & security program.

Onsite Workshop


Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

Without a right-sized security metrics program, your organization can suffer from the following:

  • Wasted investments in maintaining ineffective security controls and processes.
  • Overwhelming attempts to track irrelevant and unnecessary metrics.
  • Stagnant growth plans as there is no evidence to support optimization.

Tracking and reporting the right security management metrics will lead to the following benefits:

  • Increased visibility into your operations.
  • Improved accountability.
  • Better communications with executives resulting from the hard evidence of security performance.
  • Improved security posture through better understanding of the effectiveness of the security program.

Module 1: Establish the Baseline Metrics

The Purpose

  • Understand how metrics can be valuable to your organization.
  • Identify where your organization currently stands with respect to metrics and where improvements can be made.
  • Determine which metrics make sense for your organization to track.

Key Benefits Achieved

  • Increased visibility into the current metrics program.
  • Understanding of an optimal metrics program.
  • Narrowed focus on relevant metrics.

Activities: Outputs:
1.1 Discuss the value of metrics and different types
  • Value of metrics
1.2 Determine risk tolerance level
  • Risk tolerance level
1.3 Discuss target state of recommended metrics
  • List of recommended metrics
1.4 Conduct current state assessment
  • Current state
1.5 Review gap analysis
  • Understanding of gaps
1.6 Complete Security Metrics Worksheet
  • Shortlist of potential metrics

Module 2: Develop the Metrics Program Roadmap

The Purpose

  • Rather than tracking all metrics from the get-go, determine a staggered timeline to implement the metrics program.
  • Make metrics more than just data points by providing context and analysis.

Key Benefits Achieved

  • Make the metrics program more digestible and easy to implement.
  • Discover how to make metrics valuable to provide insight into the organization’s security program.

Activities: Outputs:
2.1 Prioritize the suggested metrics
  • Order of tracking, based on factors such as affordability and alignment with business objectives
2.2 Develop a metrics roadmap
  • Formalized timeline of metric tracking
2.3 Create a library of metrics
  • Formalized summary of metrics
2.4 Discuss data sources and collection methods
  • Understanding of data collection processes
2.5 Understand how to make data useful
  • Strategy to make metrics valuable

Module 3: Track and Report the Metrics

The Purpose

  • Use the most appropriate tracking tools relative to your needs.
  • Create a concise, valuable presentation to share key metrics.
  • Optimize the program to avoid wasting resources tracking no-longer-relevant metrics.

Key Benefits Achieved

  • Various tracking tools investigated.
  • Clear and efficient presentation of metrics to management.
  • Optimized metrics program.

Activities: Outputs:
3.1 Discuss methods of tracking metrics
  • Options to track metrics
3.2 Prepare communication material to share findings with management
  • Clear guidelines on sharing key metrics with management
3.3 Understand how to review the success of the metrics program
  • Understanding of successful/unsuccessful metrics

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

View Active Workshops
GET HELP Contact Us
VL Methodology