Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

CHAPTER 21 Information Assurance Measurements and Metrics

The famous paraphrased statement in Edwards Deming’s book Out of Crisis notes that “what you cannot measure, you cannot improve.” This applies to managing information assurance. The ability to make quantitative judgments and comparisons about information assurance is desirable for continuous improvement. By using the appropriate metrics, an organization will have a basis to determine how and where to allocate its limited resources. Thus, measurements and metrics provide means for an organization to gain a more concrete understanding of the effectiveness of their efforts in securing information. ...

Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies by

CHAPTER 21

Information Assurance Measurements and Metrics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly