Information Security Indicators (ISI); Indicators (INC); Part 1: A full set of operational indicators for organizations to use to benchmark their security posture (V1.1.1; Includes Diskette)
The present document provides a full set of information security indicators (based on already existing results and handson user experience)@ covering both security incidents and vulnerabilities. These one become nonconformities when they violate organization's security policy. The present document is meant to aid CISOs and IT security managers in their effort to evaluate and benchmark accurately their organization's security posture. GS ISI 001-2 [3] gives precise instructions on how to use the present document and select indicators.