Skip to main content
Mobile
  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations
HS Talks HS Talks
Subjects  
Search
  • Notifications
    Notifications

    No current notifications.

  • User
    Welcome Guest
    You have Limited Access The Business & Management Collection
    Login
    Get Assistance
    Login
    Forgot your password?
    Login via your organisation
    Login via Organisation
    Get Assistance
Finance, Accounting & Economics
Global Business Management
Management, Leadership & Organisation
Marketing & Sales
Strategy
Technology & Operations
Practice paper

The use of metrics to manage enterprise security risks: Understanding, evaluation and persuasion

Peter E. Ohlhausen and Daniel Mcgarvey
Journal of Business Continuity & Emergency Planning, 12 (1), 6-16 (2018)
https://doi.org/10.69554/RIRE8376

Abstract

Metrics drive business decisions and behaviour. Properly developed using psychometric principles, metrics provide a solid rationale for senior management to make prudent decisions about organisational growth as well as facilitating the assessment of internal policies and programmes. Until recently, there has been little research on the development of effective performance metrics, especially in the security field. The American Society for Industrial Security International (ASIS International) provided funding for an extensive study into the development of metrics for the security profession. The study included an online survey, telephone interviews, and a review of the literature and best practices of past research on metrics. Based on the data collected, a security metrics evaluation tool was developed, incorporating core psychometric principles and reflecting both operational and strategic corporate requirements. Finally, guidelines were developed for presentation to senior executives.

Keywords: metrics; security; C-suite; psychometrics; return on investment; risk

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

Peter E. Ohlhausen is a researcher and consultant in security, criminal justice and technology. As President of Ohlhausen Research, Inc., he performs security and crime-related projects for corporate clients and such organisations as American Society for Industrial Security International (ASIS International), John Jay College of Criminal Justice, US Department of Justice, US Department of Homeland Security and the International Association of Chiefs of Police. He was formerly editor of Security Management, the monthly magazine on corporate security. He was a speaker at the ASIS Annual Seminar & Exhibits from 2013 to 2017. Mr Ohlhausen graduated from the University of Virginia and has also pursued studies at Cambridge University and Harvard University.

Daniel Mcgarvey is the Senior Principal Business Process Analyst for Alion Science and Technology. His responsibilities include providing executive consulting in strategic planning for programmes supporting government and industry. He is the Senior Instructor for the National Security Training Institute, and the lead for analytical development in the Insider Threat Working Groups for both ASIS International and the Intelligence and National Security Alliance. He is a retired member of the Defense Intelligence Senior Executive Service, as the Director, Information Protection, Office of the Administrative Assistant to the Secretary of the Air Force, Headquarters US Air Force. He was the subject matter expert for the ASIS Foundation Metrics Research Project.

Citation

Ohlhausen, Peter E. and Mcgarvey, Daniel (2018, September 1). The use of metrics to manage enterprise security risks: Understanding, evaluation and persuasion. In the Journal of Business Continuity & Emergency Planning, Volume 12, Issue 1. https://doi.org/10.69554/RIRE8376.

Options

  • Download PDF
  • Share this page
    Share This Article
    Messaging
    • Outlook
    • Gmail
    • Yahoo!
    • WhatsApp
    Social
    • Facebook
    • X
    • LinkedIn
    • VKontakte
    Permalink
cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 12 / Issue 1
© Henry Stewart
Publications LLP

The Business & Management Collection

  • ISSN: 2059-7177
  • Contact Us
  • Request Free Trial
  • Recommend to Your Librarian
  • Subscription Information
  • Match Content
  • Share This Collection
  • Embed Options
  • View Quick Start Guide
  • Accessibility

Categories

  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations

Librarian Information

  • General Information
  • MARC Records
  • Discovery Services
  • Onsite & Offsite Access
  • Federated (Shibboleth) Access
  • Usage Statistics
  • Promotional Materials
  • Testimonials

About Us

  • About HSTalks
  • Editors
  • Contact Information
  • About the Journals

HSTalks Home

Follow Us On:

HS Talks
  • Site Requirements
  • Copyright & Permissions
  • Terms
  • Privacy
  • Sitemap
© Copyright Henry Stewart Talks Ltd

Personal Account Required

To use this function, you need to be signed in with a personal account.

If you already have a personal account, please login here.

Otherwise you may sign up now for a personal account.

HS Talks

Cookies and Privacy

We use cookies, and similar tools, to improve the way this site functions, to track browsing patterns and enable marketing. For more information read our cookie policy and privacy policy.

Cookie Settings

How Cookies Are Used

Cookies are of the following types:

  • Essential to make the site function.
  • Used to analyse and improve visitor experience.

For more information see our Cookie Policy.

Some types of cookies can be disabled by you but doing so may adversely affect functionality. Please see below:

(always on)

If you block these cookies or set alerts in your browser parts of the website will not work.

Cookies that provide enhanced functionality and personalisation. If not allowed functionality may be impaired.

Cookies that count and track visits and on website activity enabling us to organise the website to optimise the experience of users. They may be blocked without immediate adverse effect.