A Balanced Scorecard for Security

May 1, 2007 12:00 PM


         Subscribe in NewsGator Online   Subscribe in Bloglines

If you want to measure the effectiveness of your converged security program, try looking at its contribution to the strategic goals of the business you serve. The four perspectives of the “Balanced Scorecard” frame the goals and related metrics.

Can your shareholders perceive security's contributions to their objectives? A program that has successfully converged with shareholders' goals is effectively addressing protection of the brand and their demand for a business free from risks like business interruption, notable asset loss, corporate misconduct and serious breaches of information security.

Can you be seen as best-in-class? This quality standard sets the business apart from the competition. Security's ability to conduct its protection programs consistent with this standard enables the business to do things that may otherwise be considered too risky, such as secure outsourcing or eCommerce.

Are you a learning organization? Where security drills down after each incident to learn what protection element failed, what vulnerability was not known, or where you could have achieved a comparable result at less cost, you are eliminating future risk and adding measurable value.

How do your internal customers see you? Are you measuring your customers' satisfaction with security services? A converged program knows their expectations and understands how security can add value to the customers' business.

George Campbell retired in 2002 as the chief security officer (CSO) at Fidelity Investments, the largest mutual fund company in the U.S., with more than $2 trillion in customer assets, and 32,500 employees. Prior to working at Fidelity Investments, Campbell owned a security and consulting firm, which specialized in risk assessment and security program management. This article is presented in cooperation with the Security Executive Council, www.csoexecutivecouncil.com

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

Today's New Product

Product 1 Image

Privaris Biometric Verification Software

In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.

To read more...


Govt Security

Cover

This month in Access Control

Latest Jobs

Popular Stories

Resources

Back to Top