Developing a Cybersecurity Scorecard - NIST
Developing a Cybersecurity
Scorecard
U.S. Department of Agriculture Farm Service Agency
Foundation
People & Organizations Contribute to Outcomes Good Management Through Measurement Confidence Through Transparency Requires Evidence Performance Improves Through Recognition and Feedback All Levels Value Communication
NIST References
NIST Special Publication 800-55 Revision 1: Performance Measurement Guide for Information Security
Elizabeth Chew, Marianne Swanson, Kevin Stine, Nadya Bartol, Anthony Brown, and Will Robinson
n800-55r1.pdf
ITL Bullentin Security Metrics: Measurements to Support the Continued Development of Information Security Technology
Shirley Radack
f
Especially pages 2-4 "Issues In Developing Security Metrics"
NISTIR 7564: Directions in Security Metrics Research Wayne Jansen
Especially Section 3 "Aspects of Security Measurement"
Why a Scorecard?
People & Organizations Contribute to Outcomes
Results-based Management (RBM) uses feedback loops to achieve strategic goals.
Information Accountability Recognition
Feedback
Improvement
What went
well? Do we Review
need to adapt?
Assess What is the current situation?
Do Get it done.
How's it going?
Results-based Management
Think
What caused
it?
Plan How are we
going to do it? Resources.
Envision
What are we going to
achieve?
Developing a Scorecard
Developing a Scorecard
Define Success: What is the objective?
What does success ( "good") look like? To the taxpayer, your customer, the Administration, your
executive(s), you? We are conditioned to respond to information presented in
certain ways...
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- appendix b mapping cybersecurity assessment tool to nist
- detailed risk assessment report v2
- developing a cybersecurity scorecard nist
- guide for conducting risk assessments nist
- risk management framework
- a reference risk register for information security
- part three information risk register template
- it security policy office
- risk management framework process map
- instructions for risk acceptance form the items below must
Related searches
- developing a strategy document
- developing a marketing strategy
- developing a crm strategy
- developing a research question worksheet
- developing a vision statement worksheet
- developing a marketing campaign
- developing a historical research question
- developing a promotional campaign
- developing a marketing plan template
- developing a business plan outline
- developing a research question
- developing a company mission statement