Measure, Share, Compare.

The Identity and Access Management Metrics and Scorecards provide visibility and insight into the effectiveness of the organization’s controls for managing user access privileges, authorization, and authentication to critical information systems. This package focuses on three critical control objectives: ensuring proper access to information systems, monitoring user activity and account status, and user authentication policy compliance.

The Threat and Virus Management Metrics and Scorecards provide an analysis of initiatives designed to detect, protect, defend, and sustain the information system environment from external attacks and determine the effectiveness and appropriateness of response and remediation actions. This package focuses on three critical control objectives: effectiveness of incident response activities, the adequacy and impact of intrusion monitoring systems, and identification and remediation of malware.

The Metric Application for Symantec AntiVirus is an easy way to appraise the power of the complete Metric Application Package for Threat and Virus Management. The Symantec AntiVirus scorecards utilize information from the Symantec AntiVirus reporting database to illustrate the effectiveness of effectiveness of incident response activities, the adequacy and impact of intrusion monitoring systems, and identification and remediation of malware.

The Vulnerability and Patch Management Metrics and Scorecards enable organizations to proactively analyze the effectiveness of the initiatives designed to prevent the exploitation of critical IT assets, assure operational availability through timely patching, and assess risk mitigation programs. The solution focuses on three key initiatives: effectiveness of vulnerability identification efforts, adequacy and impact of remediation programs, and timeliness and completeness of patching efforts.

The Metric Application for nCircle SIH is an easy way to appraise the power of the complete Metrics Application Package for Vulnerability and Patch Management. The nCircle SIH scorecards utilize information from your nCircle SIH environment to illustrate the effectiveness of vulnerability identification efforts, adequacy and impact of remediation programs, and timeliness and completeness of patching efforts.

The Metric Application for Microsoft WSUS is an easy way to appraise the power of the complete Metrics Application Package for Vulnerability and Patch Management. The Microsoft WSUS scorecards utilize information from your Microsoft WSUS environment to illustrate the effectiveness of vulnerability identification efforts, adequacy and impact of remediation programs, and timeliness and completeness of patching efforts.

The Payment Card Industry Data Security Standard (PCI DSS) metrics and scorecards are designed to assist organizations with communicating their risk assessment and information security compliance efforts. The solution maps metrics to important legislative and best practice compliance frameworks and delivers specifically designed scorecards to assist with compliance reporting and risk profiling for PCI DSS.

The Healthcare Compliance package consists of metrics and scorecards designed to follow, measure, and assess an organization's alignment with the Healthcare industry's Information Security guidelines. The implementation of this package will evidence the existence of security policies in place and can be configured to measure how close an organization is to compliance.

The Sarbanes Oxley (SOX) metrics and scorecards are designed to help organizations communicate their risk assessment and information security compliance efforts. The solution maps metrics to important legislative and best practice compliance frameworks and delivers specifically designed scorecards to facilitate compliance reporting and risk profiling for SOX assets.