LEADER 02099nam  2200421   450 
001 9910693840903321
005 20230306190429.0
035   $a(CKB)2430000000035991
035   $a(NjHacI)992430000000035991
035   $a(OCoLC)55701859
035 9 $aocm55701859
035   $a(OCoLC)992430000000035991
035   $a(EXLCZ)992430000000035991
100   $a20230306d2003      uy             0
101 0 $aeng
135   $aur|||||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aSecurity metrics guide for information technology systems /$fMarianne Swanson [and four others]
210  1$aGaithersburg, Md. :$cNational Institute of Standards and Technology, Technology Administration,$d2003.
215   $a1 online resource
225 0 $aNIST special publication; NIST special pub; NIST SP
300   $aTitle from title screen (viewed on June 23, 2004).
320   $aIncludes bibliographical references.
330   $aThis document provides guidance on how an organization, through the use of metrics, identifies the adequacy of in-place security controls, policies, and procedures. It provides an approach to help management decide where to invest in additional security protection resources or when to research the causes of nonproductive controls. It explains the metric development and implementation process and how it can also be used to adequately justify security control investments. The results of an effective metric program can provide useful data for directing the allocation of information security resources and should simplify the preparation of performance-related reports.
606   $aComputer security
615  0$aComputer security.
676   $a535.84
700   $aSwanson$b Marianne$01352963
701   $aSwanson$b Marianne$01352963
712 02$aNational Institute of Standards and Technology (U.S.)
801  0$bNjHacI
801  1$bNjHacl
906   $aBOOK
912   $a9910693840903321
996   $aSecurity metrics guide for information technology systems$93215508
997   $aUNINA