Educause Security Discussion mailing list archives
Re: KPIs in IT Security Policy
From: Les Mitchell <mitchell () USQ EDU AU>
Date: Fri, 18 Mar 2005 15:06:43 +1000
Hi Jarrod, Not exactly what you are looking for, but have you seen the Corporate Information Security Working Group: Report of the Best Practices and Metrics Team (http://www.educause.edu/ir/library/pdf/CSD3661.pdf) Might be useful for identifying possible KPI. Regards Les Mitchell University of Southern Queensland
-----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jarrod Loidl Sent: Friday, 18 March 2005 2:32 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] KPIs in IT Security Policy Hi all, I am doing a review of our IT Security policy framework. As a part of a previous review conducted by an external group, we were advised that our Security Policies were rather broad in the sense we did not have a measurable set of Key Performance Indicators (KPIs) to accurately assess the response and performance of the IT Security group. However in doing in a review of some of our competitors within Australia I noted that, to the best of my knowledge, neither had any of them! I am curious to know if any of the other universities and higher institutions subscribed to this list have developed any such KPIs as a part of their IT Security framework, and if so could you provide some links and/or insight into how they developed said framework and KPIs. If not, perhaps some insight as to why none were stated. Thanks in advance, -- Jarrod Loidl IT Security of Infrastructure Services, Information Technology Services, Monash University - Clayton Phone: +61 3 99052055 Fax: +61 3 99054746 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- KPIs in IT Security Policy Jarrod Loidl (Mar 17)
- <Possible follow-ups>
- Re: KPIs in IT Security Policy Les Mitchell (Mar 17)
- Re: KPIs in IT Security Policy Tom Bossie (Mar 18)
- Re: KPIs in IT Security Policy King, Dennis C. (Mar 18)
- Re: KPIs in IT Security Policy Jason Brooks (Mar 18)