PM — PROGRAM MANAGEMENT
PM-6: INFORMATION SECURITY MEASURES OF PERFORMANCE
The organization develops, monitors, and reports on the results of information security measures of performance.
SUPPLEMENTAL GUIDANCE
Measures of performance are outcome-based metrics used by an organization to measure the effectiveness or efficiency of the information security program and the security controls employed in support of the program.
RELATED CONTROLS:
CONTROL ENHANCEMENTS
NO CONTROL ENHANCEMENTS
REFERENCES:
- NIST Special Publication 800-55