Security Governance List of Information Security Metrics to Track Organizational * Information Security Budget as Percentage of IT Budget * Information Security Budget Spend Breakdown * Percentage of Users With Security Exceptions * Percentage of Staff Fully Trained By Austin Songer 15 Aug 2022
Risk Risk Catalogue RISK CATALOG use case: * What are the risks associated with a control deficiency? (e.g., if the control fails, what risk(s) is the organization By Austin Songer 10 Aug 2022
Risk Threat Catalogue THREAT CATALOG use case: What natural and man-made threats affect control execution? (e.g., if the threat materializes, will the control function as expected?) Definition By Austin Songer 10 Aug 2022