Assessment Methodology

["Paul Ryan" <pryan () rogers wave ca>]

I am in the process of doing an audit on various portions of our IT
infrastructure. I wanted to know everyone's opinions on what the preferred
metric system is. I've been researching OCTAVE - my objective is to provide
a report with a scheme that easily reflects the status based on our current
policy. Something like pass,fail or compliance % - just brainstorming here
...

Anyone ???

Paul