PM — PROGRAM MANAGEMENT
PM-6: INFORMATION SECURITY MEASURES OF PERFORMANCE
The organization develops, monitors, and reports on the results of information security measures of performance.
Measures of performance are outcome-based metrics used by an organization to measure the effectiveness or efficiency of the information security program and the security controls employed in support of the program.
NO CONTROL ENHANCEMENTS
- NIST Special Publication 800-55