Requirements for IT Security Metrics - an Argumentation Theory Based Approach

Emrah Yasasin & Guido Schryen
The demand for measuring IT security performance is driven by regulatory, financial, and organizational factors. While several best practice metrics have been suggested, we observe a lack of consistent requirements against which IT security metrics can be evaluated. We address this research gap by adopting a methodological approach that is based on argumentation theory and an accompanying literature review. As a result, we derive five key requirements: IT security metrics should be (a) bounded, (b)...
This data repository is not currently reporting usage information. For information on how your repository can submit usage information, please see our documentation.