Leadership Solutions

glasses2_copy.jpg

Knowledge Corner - Measures & Metrics

The Knowledge Corner offers many resources to help you manage risk. Explore the topics offered in the navigation bar or if you can't find what you're looking for, use Find it For Me!™

The icons shown adjacent to the titles of these resources provide information about sources.
  • blue icon = Tools, solutions, research and publications created by Security Executive Council
  • cyan icon = Materials created by Security Executive Council strategic alliance partners
  • green icon = Other material reviewed and deemed relevant to security and risk management executives by the Security Executive Council




Articles

    2011 Annual Report for the Security Executive Council  This is Security Executive Council material  
Created By: Security Executive Council
This year's report covers activities, initiatives and resources in a three page condensed document. The information may be used to learn the kinds of support the SEC can offer you as well as a glimpse into what its members are tackling.
Click to download PDF file
745KB
   Benchmarks Aren’t Magic, They’re Tools  This is Security Executive Council material  
Created By: Bob Hayes, Managing Director, Kathleen Kotwica, Security Executive Council
Security executives frequently come to us to request assistance in benchmarking their processes or performance metrics with similar companies. Usually we find that their interest is at least partially driven by a strong push from management. Business leaders recognize benchmarking as a proven business practice that can identify competitive strengths and vulnerabilities as well as opportunities for improvement. Benchmarking can inform corporate goal-setting and can play a significant role in strategic planning.
 
   Building a Metrics Program that Matters  This is Security Executive Council material  
Created By: Security Executive Council Staff
Those of us who read this magazine regularly know about security metrics. We have read about their value and seen monthly examples of useful metrics and what to do with them. But, ladies and gentlemen, we are still missing the proverbial boat. Some of us are running alongside as it pulls from the dock, waving our arms and begging it to slow down so we can figure out where the ramp is. Others are across the street at the ticket booth wondering why there are so many people in line.
 
   Delivering Meaningful Metrics This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council
If security continues to mature as a business function, senior management will likely ask for a set of metrics to measure performance. Security leaders should prepare meaningful metrics that inform management and improve security effectiveness. Marleah Blades reports on insight shared from the Next Generation Security Leader program's exploration of the development and communication of meaningful security metrics.
 
   Exploring Our Value Story This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Our value has to be connected to our success in measurably impacting risk. What are the measures, and how are you communicating the critical messages? Sure, every program is delivering some statistics — typically lists of incidents or activities that they sell as “metrics.” But real metrics inform by creating a storyline that implies the need for action. Lists are just the nails you use to build these stories.
 
   Global Survey of Workplace Hotline Reports Shows Significant Improvements in Some Key Industries – Data Obtained from 650 Companies This is Security Executive Council material  
Created By: Security Executive Council
The Security Executive Council's 2007 Corporate Governance and Compliance Hotline Benchmarking Report provides a key set of benchmark data for corporations in 10 industries.
 
   How to Influence with Metrics This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
How will you use the "must have" metrics - both key risk indicators and value indicators - in your organization. You have the data and the results, now how will you use them to influence your business? Think about the results you are seeking, how the measures and data you are communicating are achieving some improved state of security or safety.
 
   How to Use Metrics This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
CSOs generate security data every day. Knowing what to look for and how to analyze it can spell success for a security operation and the organization it serves.
 
    Metrics For Success: Working with Customers for Better Access Control This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
If you have been reading this column each month, you know of my passion for testing and reporting on the effectiveness of the safeguards we have installed to protect our people and assets. You will not influence anyone with metrics that just count things, but you will with ones that really measure how well you and your customers are meeting your responsibilities to protect the company.
Click to download PDF file
143KB
   Metrics for Success This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Creating security metrics is so important that nearly all security leaders interviewed by the Security Executive Council (SEC) for a recent survey stated it was a top priority for them.
 
    Metrics for Success - Nuisance alarms are more than a nuisance This is Security Executive Council material  
Created By: George Campbell, Emeritus Faculty
The reliability of our programs is an essential ingredient of executive confidence and support. If you are looking for a place to focus your quality assurance, shine it consistently on alarm system reliability and response. Whether they be experienced or uninitiated, customers find frequent invalid alarms unacceptable, and they make your responders distrust the validity of calls. When they occur at off-site facilities dependent on law enforcement response, false alarms often cost the company in fines.
Click to download PDF file
206KB
    Metrics for Success - What is a reportable security violation in your organization?  This is Security Executive Council material  
Created By: George Campbell, Emeritus Faculty
How serious is the notion of compliance in your company? Is your reputation in the marketplace linked to conformance to an established set of laws, rules or standards? Are there protection mandates in the contracts you have with your customers and key suppliers? What are the implications of inadequate security with regard to your insurance? We are a key player in the governance of these internal controls.
Click to download PDF file
193KB
   Metrics for Success - What's state-of-the-art in security metrics? This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
File this in the opinion folder. I have always pinned my metrics hunt to that day very early in my CSO career when the boss asked what kind of metrics we had in the can. As I stumbled for a defensible answer, he said, "I want you to think about what metrics we should follow in our organization and why you think they are important for the senior management team." But the more I dig into this security space, the more I have found that measuring and plotting program performance has been an expectation of every boss I've worked for over these past (gulp!) 50-plus years.
 
   Metrics for Success: Accuracy & Integrity  This is Security Executive Council material  
Created By: George Campbell, Emeritus Faculty
There is an old saying that there are three types of lies: “lies, damn lies and statistics.” I won’t dwell on the obvious downside of lies or damn lies in our job, but I will underscore that statistics, when calculated hastily or from poorly managed data, are no better than lies. We must have accuracy and integrity in our use of data and statistics, or we will undermine our initiatives, our programs and our own standing with senior management.
 
    Metrics for Success: Business Alliances and Security's Due Diligence This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Mergers with or acquisitions of other companies, outsourcing of key business processes to vendors and other strategic alliances may align external organizations with the reputation and well being of your company.
Click to download PDF file
148KB
    Metrics for Success: Demonstrate the Effectiveness of Emergency Response This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Employee and invitee safety is a core mission of corporate security. Unfortunately, both business and local government resources are under budget pressure that could potentially impact emergency response. We need to encourage continued support by keeping management apprised of our high performance and readiness to respond.
Click to download PDF file
352KB
    Metrics for Success: Good metrics tell a story This is Security Executive Council material  
Created By: George Campbell, Emeritus Faculty
I am constantly hunting for metrics examples, and I am intrigued by the variety of ways experienced organizations present data. One vital measure of good data is its ability to inform and drive action in a specified direction.
Click to download PDF file
197KB
   Metrics for Success: It's Time to Get Security Metrics Savvy This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Security-related metrics are a must. Every business needs to develop and deliver measurable results, including security.
 
    Metrics for Success: Security Issues in Leased vs. Owned Property This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
A company's leasing arrangements may lack the risk-based due diligence appropriate to a standard of protection enjoyed by owned space.
Click to download PDF file
388KB
    Metrics for Success: Security Operations Controls Center Metrics This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
There are few functions performed by a corporate security organization that are more critical than the operation of the security operations control center (SOCC). It is here that customer service, first response and risk management combine to provide the most visible and essential corporate security services.
Click to download PDF file
616KB
    Metrics for Success: The Risks of Outsourcing Information Security This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Outsourcing has become a fundamental business strategy for most major corporations, but they often overlook the risks that accrue due to the loss of effective business controls over sensitive activities.
Click to download PDF file
149KB
    Metrics for Success: What’s the Endgame? This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
In a recent security barometer quick poll conducted by the Security Executive Council (SEC), respondents were asked what they thought would be the single most meaningful metric to have for their security function. The overwhelming selection – almost four to one -- was to achieve a “measurable reduction of targeted risk attributable to security initiatives.”
Click to download PDF file
324KB
   Metrics for Success: Who's Accountable for Metrics? This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Where does accountability lie for the maintenance of a proactive measurements and metrics program?
 
    Metrics for success - What is the cost of a bad employee?  This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
The knowledgeable insider is at the top of the list of threats to any organization - public or private. Part of our job is to make business leaders aware of the seriousness of this threat by using metrics that catch their attention. This month's graph measures one small aspect of reputational risk: the time involved in resolving an insider misconduct case resulting in termination for cause.
Click to download PDF file
194KB
   New report offers benchmarks for security budgets, staffing  This is Security Executive Council material  
Created By: Whit Richardson, Security Executive Council Staff
The average security budget as a percentage of an organization's total revenue is 0.07 percent, according to a new benchmark report released by the two-year-old Security Leadership Research Institute, the research arm of the Security Executive Council.
 
   Security Metrics in Context This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
An excerpt from George Campbell's Measures and Metrics in Corporate Security.
 
   Security Metrics: Measuring Performance This is Security Executive Council material  
Created By: Security Executive Council Staff
These articles cover the use of tools such as Key Performance Indicators (KPIs) and balanced scorecards to help you set long-term goals and to evaluate and monitor your progress toward achieving those goals, along with sample charts to generate ideas for KPIs.