• CSS Blog items for Security Strategy & Governance

  • SCCM 2012 – Migration Made Easy – Part 3
  • How to Perform a Manual SCEP Client Installation
  • Continuous Integration
  • Coffee Talk- 6/22: ConfigMgr- Virtualized Apps & Data/System Recovery
  • Reference Attributes, Group Membership and Shifting Authoritative Sources

• Resources

  • [No Downloads found]

Security Performance Management

CSS considers the process of continuous security and compliance as key elements of process improvement, and ultimately quality.  Security is not merely a box to be checked.  Integrated properly into your systems, your network, and your culture, security drives quality, protects your brand, and reduces costs while dramatically increasing information security performance.

CSS’ Security Performance Management services include:

• Security Metric Design – A security strategy designed and developed by CSS that aligns with stakeholders and your organization’s vision, goals and objectives.
• Process Instrumentation – Creating a plan to implement your strategy, with instruments built in to measure and communicate progress to stakeholders, keeping the strategy on track.
• Security Capability Assessments ­­– An evaluation of your strategy and plan against your resources.  This ensures you have the right balance of people, process and technology to successfully execute your plan.

Because measuring security management process outputs is an important step toward using corporate resources more efficiently, CSS also offers “The Balanced Scorecard.” The Scorecard provides a feedback loop that measures the outcome of business strategies. Its framework addresses four critical perspectives that are key to comprehensive security management.

1. Customer
2. Financial
3. Business Process
4. Learning and Growth

When applied with Strategy Maps, the Balanced Scorecard helps an organization effectively communicate project rationale and establish performance objectives that increase efficiency and explicitly target financial return on investments.

CSS helps organizations develop foundational policies and security programs that provide organization-wide guidance and awareness. At the conclusion of a CSS strategic consulting engagement, organizations possess a strong foundation upon which to grow and improve overall information security.