An information security manager uses security metrics to measure the:

An information security manager uses security metrics to measure the:

An information security manager uses security metrics to measure the:

A.
performance of the information security program.

B.
performance of the security baseline.

C.
effectiveness of the security risk analysis.

D.
effectiveness of the incident response team.

Explanation:

The security metrics should be designed so that there is a relationship to the performance of the
overall security program in terms of effectiveness measurement. Use of security metrics occurs
after the risk assessment process and does not measure it. Measurement of the incident response
team performance is included in the overall program performance, so this is an incomplete
answer.



Leave a Reply 0

Your email address will not be published. Required fields are marked *