Metrics-driven information security framework as part of information security management
As part of any Information Security Management System, measuring and
reporting information security should be a top priority. However, there are no ready-made
models or recommended metrics on how this should be done. The status, success, and
posture of information security are in many cases...