Difference between revisions of "Reporting"

From Socology.org - The Study of Security Operations
Jump to: navigation, search
(Created page with "Reporting is how the Security Operations Center collects information that translates value, measures KPIs that determine success criteria and identify challenges and roadblock...")
(No difference)

Revision as of 05:56, 17 October 2018

Reporting is how the Security Operations Center collects information that translates value, measures KPIs that determine success criteria and identify challenges and roadblocks.

Reporting can also be used for performance metrics.

Merriam-Webster defines a report as[1]:

  a : a usually detailed account or statement
  b : an account or statement of a judicial opinion or decision
  c : a usually formal record of the proceedings of a meeting or session

Questions for Success

  • What metrics will identify, at a management level, whether the SOC is maintaining its expected performance?
  • What metrics will identify where any gaps are occurring and potentially why?
  • What metrics would translate to the business?
  • How can performance be measured in a consistent way?
  • What metrics identify compliance?

From experience, time based metrics - e.g. line chart showing the value over time - provides good visibility into issues.