Difference between revisions of "Reporting"
From Socology.org - The Study of Security Operations
(Created page with "Reporting is how the Security Operations Center collects information that translates value, measures KPIs that determine success criteria and identify challenges and roadblock...") |
(No difference)
|
Revision as of 04:56, 17 October 2018
Reporting is how the Security Operations Center collects information that translates value, measures KPIs that determine success criteria and identify challenges and roadblocks.
Reporting can also be used for performance metrics.
Merriam-Webster defines a report as[1]:
a : a usually detailed account or statement b : an account or statement of a judicial opinion or decision c : a usually formal record of the proceedings of a meeting or session
Questions for Success
- What metrics will identify, at a management level, whether the SOC is maintaining its expected performance?
- What metrics will identify where any gaps are occurring and potentially why?
- What metrics would translate to the business?
- How can performance be measured in a consistent way?
- What metrics identify compliance?
From experience, time based metrics - e.g. line chart showing the value over time - provides good visibility into issues.
