OWASP Information Security Metrics Bank

Project Description

OWASP Information Security Metrics Bank project targets helping organizations quickly assess their cybersecurity functions and activities with a defined set of metrics developed & maintained by the community. ISMB will help the organizationby providing a practical framework for building an Information Security Measurement Program. ISMB will define a structured approach to keep track of security mertics and ensuring the proper mapping of these metrics to Information security Program functions, activities with corresponding defined maturity level.

Project Objectives

  • Develop a structured presentation to Information Security metrics in a collaborative fashion
  • Develop Information Security metrics that are aligned with common and widely used Cybersecurity frameworks, standards and best practices.
  • Build and maintain a repositority for information security metrics by allowing the community to design, develop, evaluate and share security metrics.

Planned Deliverables

  • Information Security Measurement Program toolkit: ISMP program development methodology, program development sample project plan, set of documents that includes program charter, policies and processes, set of sheets that includes metrics repositorty sheets, metrics tracker sheets.

  • Online InfoSec Metrick Bank: Online repository of security metrics to be developed and maintained in collabritive fashion with community‚Äôs support in a predefined structured method for easily future referencing & searching.